On Thu, 16.04.09 20:34, Konstantin Ryabitsev (icon@xxxxxxxxxxxxxxxxx) wrote: > > On Thu, Apr 16, 2009 at 8:25 PM, Lennart Poettering > <mzerqung@xxxxxxxxxxx> wrote: > >> This scheme makes a significant difference for things like starting up > >> eclipse or OO.org on an underpowered laptop (or, really, any laptop > >> under battery power). Since portables is where FS encryption most > >> useful, getting rid of /usr will make it significantly more difficult > >> for me to conserve power and not waste it on needlessly > >> encrypting/decrypting binaries. > > > > It would make more sense to make /home an encrypted partition and > > leave / unencrypted. > > Not really -- I want to also encrypt stuff in /etc, /tmp and in /var > (configs, temp files, and app state data). Not sure if that makes too much sense. Either you are paranoid or you are not. Which means either you encrypt everything. Or you encrypt only /home. Anything in between makes not much sense. Also, while you might not directly notice this, but you silently lose a lot of functionality by doing this. Quite a few udev rules require stuff from /usr. If /usr is not available then they will be skipped. Believe me: having /usr seperate is currently broken on Fedora. How do I know? I used to run such a setup myself. And instead of trying to fix that brokeness by moving more and more stuff to / let's just get rid of this mess completely. Lennart -- Lennart Poettering Red Hat, Inc. lennart [at] poettering [dot] net ICQ# 11060553 http://0pointer.net/lennart/ GnuPG 0x1A015CC4 -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list