On 2/26/07, John Summerfield <debian@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> Using swap by itself is generally a speed penalty. Using a file for it > can be done, but it's not really something I'd do. Why not?
Habit, and I have yet to hear a convincing argument for why it's worth the (admittedly minimal) trouble to configure as opposed to a normal swap partition.
OTOH anything bad you can do with /tmp you can do better with /var/tmp, and making that noexec is not a realistic proposition.
Very true, but applications like apache/php use /tmp as their default scratch/upload space. While mounting noexec won't stop determined folks, it may be a step that deters the more common automaded bot attacks. It's by no means a total solution, but it's a layer that can be used, and a layered security model is the best way to go in my opinion. I use this in conjunction with selinux and mod_security for my webservers which so far has been an excellent combination.
For a personal system, I go with one big partition (well, maybe plus a little one for /boot).
My home systems are the one I'm most concerned about /home on (as I tend to wipe and rebuild frequently) but I usually don't partition out much else than /home and /boot.
For a small server, same deal. If you don't know what you're doing, you don't have any chance of getting it right for you.
That's why he has us to ask :-P
With Xen, I'm now contemplating several small systems under Xen, with shared storage (via NFS maybe, NFS should be fairly quick over virtual wire) where sensible, extra virtual disk where they need more private space. This is about what the Big Boys do with their zSeries.
If you're going to go that route, finish it off and make yourself a virtual cluster with the CS/GFS stuff and use that for your shared storage. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
