On Tue, Aug 11, 2020 at 7:55 AM Neal Becker <ndbecker2@xxxxxxxxx> wrote: > > I wonder if there's any information or discussion on the default partitioning and subvoluming > scheme to be used for btrfs install? > > The only scheme I've used so far in the past is a single large partition with one subvolume for /home and another for /root. I think it might be good to have another for /snapshots. Hi, yeah it's a good question. There's some discussion upstream exploring a "big picture" approach. https://lore.kernel.org/linux-btrfs/20200721203340.275921-1-kreijack@xxxxxxxxx/ I think Fedora needs a buttoned down design for a snapshot regime before creating more subvolumes or changing the layout, by default. There's nothing wrong with folks doing it themselves. We'll also have some docs on doing that so people who like to experiment and iterate, can do that. Btrfs subvolumes can go anywhere. They can be nested. Or they can all be at the top-level of the file system, and mounted into position by fstab options (or native system mount units) or a combination of the two. They can be read-only or writable. The nested approach seems cleaner at first, but then means rollback logic needs to be more sophisticated. Since there won't be automatic snapshots and rollbacks in Fedora 33, there's some breathing room to be deliberate about any changes to the default layout, and discuss alternatives/supplements. Is it useful and practical to make system rescue and reprovisioning easier as well? A location for snapshots is a good idea. Ages ago I asked some security folks about keeping snapshots of old binaries and libraries out of the search path, e.g. put them in a (temporarily mounted) top-level or snapshots subvolume, and they thought it seemed like a good idea. Maybe using nosuid noexec is enough. There's also native Btrfs encryption on the way later this year, that will leverage the existing kernel fscrypt implementation. That might have an impact on the design. -- Chris Murphy _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
