3.4. Disk Setup- Disk Druid
Creating multiple partitions offers you the following advantages:
| Protection against denial of service attack. |
| Protection against SUID programs. |
| Faster booting. |
| Easy backup and upgrade management. |
| Ability for better control of mounted file system. |
| Limit each file system's ability to grow. |
 |
If previous file system or operating system exist on the hard drive and computer where you want to install your Linux system, we highly recommend, that you make a backup of your current system before proceeding with the disk partitioning. |
Step 1. For performance, stability and security reasons you must create something like the following partitions listed below on your computer. We suppose for this partition configuration the fact that you have a SCSI hard drive of 3.2 GB. Of course you will need to adjust partition sizes according to your own needs and disk size. Partitions that must be created on your system:
/boot 5MB |
- All Kernel images are kept here.
- Must be large, since all Linux binaries programs are installed here.
- Proportional to the number of users you intend to host i.e. 10MB per users multiplied by the number of users 114 = 1140MB.
- If you want to install programs in chroot jail environment i.e. DNS.
- This is the cache partition of a proxy server i.e. Squid.
- Contains files that change when the system run normally i.e. Log files.
- Our swap partition. The virtual memory of the Linux operating system.
- Our temporary files partition.
- Our root partition.
We have made two more special partitions:
- /chroot
The /chroot partition can be used for DNS server chrooted, Apache server chrooted and other chrooted future programs.
- /cache
The /cache partition can be used for a Squid Proxy server.
Keeping /tmp and /home on separate partitions is pretty much mandatory if users have shell access to the server- protection against SUID programs; splitting these off into separate partitions also prevent users from filling up any critical file system -denial of service attack. The same applies to /var, and /usr on separate partitions is also a very good idea. By isolating the /var partition, you protect your root partition from overfilling -denial of service attack.
In our partition configuration we'll reserve 256 MB of disk space for chrooted programs like Apache, DNS and other software. This is necessary because Apache DocumentRoot files and other binaries, programs related to Apache will be installed in this partition if you decide to run Apache web server in a chrooted jail.
Take note that the size of the Apache chrooted directory on the chrooted partition is proportional to the size of your DocumentRoot files. If you're not intending to install and use Apache on your server, you can reduce the size of this partition to something like 10 MB for DNS server that you always need in a chrooted jail environment for security reasons.
Minimum size of partitions: For information purposes only, this is the minimum size in megabytes, which a Linux installation must have to function properly. The sizes of partitions listed below are really small. This configuration can fit into a very old hard disk of 512MB in size that you might find in old x486 computers. We show you this partition just to get an idea of the minimum requirements.
/ 35MB /boot 5MB /chroot 10MB /home 100MB /tmp 30MB /usr 232MB /var 25MB
