Subject: Re: Separate /usr, etc...
To: None <>
From: Chuck Yerkes <>
List: current-users
Date: 12/16/2002 17:29:54
Quoting Greg 'groggy' Lehey (
> On Monday, 16 December 2002 at 14:43:36 -0800, Chuck Yerkes wrote:
> > I've offered this on the embsd list and the soekris-tech list
> > before.
> >
> >
> > Quoting Peter Seebach (
> >> I am toying with my old Compaq network appliance again, and I'm thinking of
> >> trying to build a "complete" installation which lives on a single CF card.
> >> How important is it that /usr be a separate filesystem?  I'm a bit strapped
> >> for space (I want X installed locally).  I can always give up and go back
> >> to a netboot kernel, but I think it'd be awfully neat if I could make
> >> everything run locally.
> >
> > I'm a very strong advocate of making /usr separate because I
> > mount it read-only.  In fact, except for root, if it's got
> > a binary on it, it's RO.  If it's got data, it's mounted
> > noexec, nosuid, nodev.  Several reasons.  And I've built machines
> > where the binaries are on disks PINNED read-only (trojan that!).
> OK, so if root is RO and /usr is RO, what's the necessity for making
> them separate file systems?

Because generally (ie, non embedded systems) root wants to be
read/write.  As does /var and /home.  And, for me, /JAIL/www/data/.

Why a separate root in general?

1) "Whoops, was I in /usr/lib/ when I typed 'rm l*'?"
   Seems that "cd /hom/echuck/tmp/" failed and I typed the rm before
   More realistically, it meant that the junior system admin
   (or tired sr) has to take an action before making /usr/ rw.
   Or that hack to the FooDaemon that lets me overwrite /usr/bin/vi.

2) /var/ MUST be read write (recall: we're not talking cf appliance
   machines).  Nothing like having logs or lots of mail take up
   that last disk space on root.

3) Avoidance of some mistakes with /.
  I make / generally 50MB and leave it like that.  Room for a couple
kernels and this and that, but not so much that I don't notice
where there are some core files or, once, backups going to /dev/rts0
(a file rather than the intended device: rst0 - seems a client's
backups were going to an overwritten file for a month or two from
that - root at 75% on install means you notice that fast).

   Well, in systems used by groups of people (ie. not at home), /usr
and /usr/local (oft the same) grow and this gets replaced and someone
needs that and put it in and, oh where did the space go?

  /usr can have a bunch of extra space, have multiple versions of
X in it, I don't care.  But mistakes in / need to be obvious.

There's no joy in finding: / is now at 100%.

40GB root scare me and lead people to really sloppy system admin.