The importance of Linux partitions

Posted on in Categories Howto, Linux, Security, Sys admin, Tips last updated October 1, 2005

Disk partitioning is the creation of separate divisions of a hard disk drive using partition editors such as fdisk. Once a disk is divided into several partitions, directories and files of different categories may be stored in different partitions.

Many new Linux sys admin (or Windows admin) create only two partitions / (root) and swap for entire hard drive. This is really a bad idea. You need to consider the following points while partitioning disk.

Purposes for Disk Partitioning

An operating system like Windows / Linux can be installed on a single, unpartitioned hard disk. However, the ability to divide a hard disk into multiple partitions offers some important advantages. If you are running Linux on server consider following facts:

  • Ease of use – Make it easier to recover a corrupted file system or operating system installation.
  • Performance – Smaller file systems are more efficient. You can tune file system as per application such as log or cache files. Dedicated swap partition can also improve the performance (this may not be true with latest Linux kernel 2.6).
  • Security – Separation of the operating system files from user files may result into a better and secure system. Restrict the growth of certain file systems is possible using various techniques.
  • Backup and Recovery – Easier backup and recovery.
  • Stability and efficiency – You can increase disk space efficiency by formatting disk with various block sizes. It depends upon usage. For example, if the data is lots of small files, it is better to use small block size.
  • Testing – Boot multiple operating systems such as Linux, Windows and FreeBSD from a single hard disk.
File systems that need their own partitions
/usrThis is where most executable binaries, the kernel source tree and much documentation go.
/varThis is where spool directories such as those for mail and printing go. In addition, it contains the error log directory.
/tmpThis is where most temporary data files stored by apps.
/bootThis is where your kernel images and boot loader configuration go.
/homeThis is where users home directories go.

Let us assume you have 120 GB SCSI hard disk with / (root) and swap partitions only. One of user (may be internal or external or cracker ) runs something which eats up all your hard disk space (DoS attack). For example, consider following tiny script that user can run in /tmp directory:

man bash > $(mktemp)

Anyone can run above script via cron (if allowed), or even with nohup command:
$ nohup bad-script &

The result can be a total disaster as entire file system comes under Denial of Service attack. It will even bypass the disk quota restriction. One of our Jr. Linux sys admin created only two partition. Later poorly written application eats up all space in /var/log/. End result was memo for him (as he did not followed internal docs that has guidelines for partition setup for clients server). Bottom line create the partition on Linux server.

If you do not have a partition schema, than following attacks can take place:

  1. Runaway processes.
  2. Denial of Service attack against disk space (see above example script).
  3. Users can download or compile SUID programs in /tmp or even in /home.
  4. Performance tuning is not possible.
  5. Mounting /usr as read only not possible to improve security.
  6. All of this attack can be stopped by adding following option to /etc/fstab file:
  • nosuid – Do not set SUID/SGID access on this partition
  • nodev – Do not character or special devices on this partition
  • noexec – Do not set execution of any binaries on this partition
  • ro – Mount file system as readonly
  • quota – Enable disk quota

Please note that above options can be set only, if you have a separate partition. Make sure you create a partition as above with special option set on each partition:

  • /home – Set option nosuid, and nodev with diskquota option
  • /usr – Set option nodev
  • /tmp – Set option nodev, nosuid, noexec option must be enabled

For example entry in /etc/fstabe for /home should read as follows:

/dev/sda1  /home          ext3    defaults,nosuid,nodev 1 2

Here is mount command output from one of my OpenBSD production server:

/dev/wd0a on / type ffs (local)
/dev/wd1a on /home type ffs (local, nodev, nosuid, with quotas)
/dev/wd0d on /root type ffs (local)
/dev/wd0e on /usr type ffs (local, nodev)
/dev/wd0f on /tmp type ffs (local, nodev)
/dev/wd0h on /var type ffs (local, nodev, nosuid)
/dev/wd0g on /var/log type ffs (local, nodev)

How do I obtain information about partitions?

There are several ways that information about partitions can be obtained on Linux / UNIX like operating systems.

List partitions:

fdisk -l

Report file system disk space usage:

df -h
df -k

Display partition mount options including mount points

Sample output:

/dev/sda2 on / type ext3 (rw,relatime,errors=remount-ro)
tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
/proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
varrun on /var/run type tmpfs (rw,nosuid,mode=0755)
varlock on /var/lock type tmpfs (rw,noexec,nosuid,nodev,mode=1777)
udev on /dev type tmpfs (rw,mode=0755)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620)
fusectl on /sys/fs/fuse/connections type fusectl (rw)
/dev/sda1 on /media/sda1 type fuseblk (rw,nosuid,nodev,allow_other,default_permissions,blksize=4096)
/dev/sda5 on /share type fuseblk (rw,nosuid,nodev,allow_other,default_permissions,blksize=4096)
/dev/sdb2 on /disk1p2 type ext3 (rw,relatime,errors=remount-ro)
securityfs on /sys/kernel/security type securityfs (rw)
debugfs on /sys/kernel/debug type debugfs (rw)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,noexec,nosuid,nodev)
gvfs-fuse-daemon on /home/vivek/.gvfs type fuse.gvfs-fuse-daemon (rw,nosuid,nodev,user=vivek)

Display / edit file system configuration options

less /etc/fstab
vi /etc/fstab

Quickly remount /usr in ro mode

mount -o remount, ro /usr

Quickly mount all file system configured in /etc/fstab

mount -a


Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

27 comment

  1. You did mention nodev, nosuid, noexec for /tmp (for /var/ and /var/log it’s a good idea too) but the output from your production server does not show some these settings. So why?

  2. Yup we do have nodev, nosuid, with quotas enabled on /home and /var partitions.
    /dev/wd1a on /home type ffs (local, nodev, nosuid, with quotas)
    /dev/wd0h on /var type ffs (local, nodev, nosuid)

    However on /tmp it is only nodev enabled and not nosuid. This is OpenBSD box. And rest of the services are chrooted i.e. www and ftp and /tmp is very small system around

  3. Tudor,

    (4) Backup
    You can easily dump and restore /home partition without touching rest of file system.

    (1) Performance
    You can easily disable or enable few properties for performance such as disable file creation update time on /var partition or database partition to save disk I/O.

    Above are two prime examples.

    Appreciate your post.

  4. Good article. If I have an existing Ubuntu installation, what would you recommend for resizing the partitions?

    Right now I only have / and /home so it’s not horrible a there is some separation, but you made a valid point on separating /var and the others.

  5. I’ve found your blog on google for my last 4-5 questions about linux … LOL I definetly add your blog to my feed reader.

    Btw I have a question.
    How much space should I give to each partition? I used to have /, swap and /home partition and it was quite easy to split an hdd.
    With 7 partition (and a few knowledge) it’s not ! 😛

    Thank you!

  6. I know that talking about absolute space (give X GB to /usr, Y GB to /home) could have no sense at all since we could have different hard disk size.

    Maybe we should talk in percentages… I don’t know 🙂

  7. Really informative material. I am a linux newbie and am getting ready to switch from the default distro load on a single partition to a proper partition arrangement. I thought a hard dive could have only 4 primary partitions so duhh some of the suggested partitions must be logical drives within an extended partition? If yes, will this be easy to do and what should be on it? Thanks in advance guys.

  8. I’m also interested in suggested partition sizes. I’m currently building an Arch Linux system and have decided to start with LVM on LUKS for logical partitioning/resizing of a dm-crypt’ed filesystem. Since my goal is a secure system I want to divide my partitions up sensibly and was hoping to find some general starting points. I can always resize later with LVM if I need more or less space.

    Thanks for a great article! When I worked in web hosting we used to set up and mount our server partitions like this and it probably mitigated a lot of attacks. We used to have to root out perl hacks running in /tmp all the time before we started employing these techniques.

  9. Excellent!! Thanks, I was also a stupit who did only 2 partitions. But From now on I will do multiple partitions. But can any one tell what should be the percentage of all those partition depending on the total amount of hard disk??

  10. hi,

    Linux is a complicated but powerful bitch – made worse by ‘tutors’ who never seem to use diagrams to explain what the hack is going on. you just go from one complexity to the next. if i ever [ unlikely! ] get good at Linux, i’ll write a book full of diagrams and pictures as well as properly headed/tabbed text to make sure normal people can really understand Linux.

    please rewrite this using diagrams & explaining:

    1] what exactly is a partition – types, quantity
    2] how a hard disk is organised
    3] what is the difference between windows and linux as far as hard drive concerned
    4] what’s the best HD config for a webserver [ that’s what most people do ]
    5] what file sytems to use best & why
    6] how to back up ecah partition
    7] how to restore each partition
    8] how to recover/rebuild from a crash

    you have to know the whole thing – you well know bits of knowledge don’t get you very far and can easily land you in deep trouble.


  11. Thank you for the information. I’ve got some questions (and some answers for the previous questions :)):

    1) What do you recommend for the /boot partition?
    2) Is it possible to use two partitions for /tmp (one as tmpfs and one on the harddisk)?
    3) You mention using for backuping up: which filesystems can be backed up like that? It would be intresting, but I always thought that was restricted to ext2.

    Some answers/ opinions about the questions asked earlier:
    I’m about to reinstall my linux (with 7 partitions) and just checked how much was used & checked the average file size:

    /boot: 37 megabytes with grub 2 booting windows 7 & xubuntu, average filesize +- 300kb.
    /usr: 4.3 gygabytes including most texwork packages (Latex), eclipse, all codecs, etc. Average size: 40kb
    /var: 340 megabytes, average size 60kb
    /opt & /srv are basically empty
    /tmp is mounted as tmpfs.
    /: 255mb, average file size about 10kb.
    I didn’t look at /home and the swap.
    Now, I’m going for 100mb /boot, 8 gb /usr, 1 gb /var, 1 gb /, 8 gb swap (probably excessive) and I’m leaving the remaining part for home. /tmp will again be mounted as tmpfs and I’ll link /opt to /usr/opt. Comments/tips are always appreciated :).

    Best filesystem to use:
    Ext4 is probably not a bad choice if you are unsure. When Ext3 was the new one, I also considered ext2 since that could be read in windows (not easily) but I don’t think there is any windows support for current Linux filesystems. Ntfs works reasonably well in Linux but I would keep it out of the system partitions since it’s rather slow.

    About installing on a primary or logical partition. The /boot partition should be on a primary partition, all others can/should be extended partitions.
    In case of a dual-boot with windows 7, you should first install windows which will create two primary partitions and then install linux. Make sure that you keep the bootable flag at the windows partition.
    You can also install windows 7, windows XP and linux by making the partitions upfront, choosing an extended partition for Windows 7 (it’s bootpartition will be the first primary one), then installing windows XP at the second primary partition and finishing with Linux.

  12. Very good article.. I have question.. answer is already there in your blog but i just want to confirm.. Can we use options like ‘defaults,nodev’ ?

    some other blog i read about default options for ext3 are rw,suid,dev,exec,auto,nouser,async. if I give defaults[],nodev.. how it works.. whts final options

    What are the default options? Is it specific to OS or file system..?

Leave a Comment