Am 24.04.2013 12:48, schrieb Tanstaafl: > On 2013-04-23 1:59 PM, Neil Bothwick <n...@digimed.co.uk> wrote: >> On Tue, 23 Apr 2013 18:34:38 +0200, Florian Philipp wrote: >> >>>> So - first, is 5G way too big for the two /tmp dirs? I have lots of >>>> space, but hate waste > >>> If you worry about waste consider bind-mounting both from the same >>> partition and install quotas to avoid one filling up the other. >> >> Or set PORTAGE_TMPDIR to use /tmp. Then /var/tmp will be so small you >> can leave it as a sub-directory of /var. >> >> If this is a server, 5G is fine for this, but for a desktop it may need >> to be bigger, to accommodate LibreOffice builds. > > One thing I'm trying to do is make the system as secure as possible at > the filesystem level, and I've read that making /tmp and /var/tmp > separate partitions so you can mount them /nodev/noexec/nosuid is one > way to make things a bit more secure...
noexec won't work for portage so put PORTAGE_TMPDIR somewhere else. > > On that note, I realized I can't make two /tmp's in lvm, so, I guess I > can make a vtmp, and just bind that to /var/tmp in fstab like: > > /dev/vg/vtmp /var/tmp ext4 nodev,noexec,nosuid 0 0 > > Will that work? Sure why not but you should set the pass column to 2 instead of 0. Regards, Florian Philipp
signature.asc
Description: OpenPGP digital signature
