Best secure partitioning method

[Enigmatic]

I'm setting up a server for a class at my school. The goal is to have a fully operational server that will withstand several types of hacking attempts. I choose gentoo since I fell in love with it at home, and I'm now looking for some advise.

We're going to partition and start the install tomorrow, and I'm trying to figure out the partitioning scheme currently. I want to head off any drive filling and script kiddie style stuff. I have a 40 gig hard drive to play with.

Here's the partiting I'm thinking of

/boot--------------------100 megs
swap--------------------400 megs

/-------------------------50 megs
/usr----------------------2 Gigs
/opt->/usr/local---------4 Gigs
/tmp----------------------100 megs
/var----------------------300 megs
|--/tmp - portage use---2 Gigs
/etc-----------------------300 megs
/root----------------------100 megs
/backup------------------2 Gigs (not usually mounted)
/home--------------------excess

[kashani]

That looks a little odd to me, but with out a little more info it's hard to say if it work or not.

swap and /tmp are the same thing
The rule of thumb is 1.5-2.0x the amount of ram, I'd expect this to at least a 1GB with a server.

/ toss 500MB at it just in case
/ root at 100MB looked okay

/var is much too small. If you going to be running a server of any sorts this will fill up fast. 6GB or larger. I'd also blow off the /tmp-portage stuff and give the space to /var

/boot looked okay at 100MB
/opt... are you going to put anything special in it? 1GB
/usr at 2GB looks pretty good
/etc/ at 300MB looked okay

What's the purpose of the backup partition?

Personally I just give / 1GB and skip the /etc /opt/ and /root stuff.

kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape.

[Enigmatic]

I didn't know swap and /tmp were the same. Thanks for the info...

the backup partition is to toss all our config stuff and have it stored on a local space. We'll also be holding backups offline, but this is just for our own ease.

as far as opt, I don't think there's anything magic going in there. I was just trying to plan for anything that might show up.

I want a seperate /root partition to keep anyone from sending a e-mail bomb or something and filling up the /

[puddpunk]

You can make temp as big as you want. Just try and enable Quotas, and keep it seperate from "working" partitions (i.e. usr, var etc...) and you shouldn't have any trouble.

Check the Gentoo Security Guide, it's in the Docs section of the main website. IIRC, it had something about partitioning.

[Allaa-Z]

What do you mean by 'swap and /tmp is the same thing'? of course they are not!

I suggest to have a swap partition of 4x your ram size. The current VM is doing very well swapping and it can (depending on your application) use 4x memory swapping with acceptable performance.

[tukem]

And when setting /usr size don't forget that /usr/portage can get quite big unless you're actively emptying /usr/portage/distfiles. In gentoo there are also a lot of library files that take up space.

On my P120 48MB "server" machine which have X installed (no KDE or Gnome though ) /usr takes 1.8GB. I recently emptied /usr/portage/distfiles so now it takes only 97MB.

[splooge]

IIRC /etc has to be off the root partition so the kernel can read configuration files on bootup.

I may be way wrong here though =)

[tgoodaire]

First of all, /tmp and swap aren't the same. I don't know where that idea came from, but it's wrong.

The old rule for swap is that it should be twice the amount of RAM you have. Now that it's common to have 256 or 512 or more, the rule doesn't make sense. Think about it. If you have 512MB or RAM, you probably won't even use all of it, let alone the recommended 1GB for swap. I usually allow 150MB or so for swap in any machine with more than 128MB of RAM.

300MB for /var should be plenty. Even with servers installed. The only server-related stuff that will take up any space is mail spool files. Even then, 300MB of mail is a lot. I usually make my /var 100MB, but I'm only delivering local email. It really depends on what you're going to be using the server for. If you'll be handling email for a bunch of email accounts, adjust your /var partition accordingly.

Likewise, 300MB for /etc is pretty massive. (It's just text files in there after all). This should be part of the / partition, as it needs to be accessed at boot time. (/etc/init.d/ /etc/fstab /etc/inittab...)

100MB for /boot is pretty big too. I know that in the portage install docs it recommends that, but even with two kernels in mine (stable and testing), I'm only taking up 12MB. I usually make my /boot partition 30MB, which is way more than you'll need.

Having seperate partitions for /usr and /usr/local is a great idea. I do this on my servers too. After you've installed everything, you can have /usr mounted as read-only at boot-time for security reasons.

I also use a /var/tmp partition for portage to build in. Mine is 1GB.

Here's how I have my 40GB harddrive partitioned:

/ 1GB 117MB used
/var 100MB 26MB used
/tmp 100MB 18K used
/var/tmp 1GB 166MB used
/usr 2GB 906MB used
/usr/local 1GB Nothing there. Yet.
/home the rest

This is with apache, mysql, php, qmail, proftp installed.
_________________
I bent my wookie.

[honold]

if you're discussing partition/mount schemes for SECURITY purposes, look at mounting nosuid for openers.

use openbsd 3.3 for hints.

[Chris W]

The idea that /tmp and swap are the same thing come from the Solaris world where this is the case. On Solaris /tmp is truly temporary, and does not survive reboot. This is not the case with Gentoo or any other Linux I've dealt with.
_________________
Cheers,
Chris W
"Common sense: The collection of prejudices acquired by age 18." -- Einstein

[antik]

[dweigert]

You are correct that Solaris defaults to using tmpfs (which builds in swap), but experienced admins NEVER use it. What the heck happens if you fill up swap by using LARGE amounts of space in /tmp????

They were idiots for that.

Dan

(Unix admin since 1984)
_________________
"Always remember to mount a scratch monkey..."

[wallace1819]

One really can not answer this question with out knowing what this server is going to be serving. Secure partitioning schemes usually differ based on the purpose of the machine and its expected load. There are some secure partitioning basics though.

IMHO...

/boot = noauto (100MB is usually more than adiquite)
swap = twice the amout of RAM with a 256MB max
/tmp = noexec nosuid
/var/tmp = (the portage temp work directories should not be on the same partition as your logs!)
/var = noexec nosuid (the size of this depends on the load and how often the logs are backed up. A little family website obviously does not generate the same amount of logs as a major e-commerce site!)
/

Depending on what the machine will be used for...

/home (if lots of other users)
/<root dir of web server> (if a web server)
/<root dir of ftp> (if ftp server)
/<mail dir> (if mail server)
/opt or /usr/local (if many users or if the machine is acting as a workstation and would have OO or java etc...)

It also depends on how secure you need to be. Security is a balance between safety and accessability. Partitioning for security and partitioning for administration are very different. Some partitioning schemes are really secure but make backups and administration a major headache. For example, you could mount your binary dirs ro exec and only mount them rw when you need to update the system.

hope this helps,
wallace

[kashani]

[kashani]

[tgoodaire]

You could always rotate your logs with logrotate. Then they wouldn't get to be that big. There's no need to have that much logging information hanging around. Rotate your logs regularly, and back them up somewhere if you really want them.
_________________
I bent my wookie.

[kashani]