On Sat, 29 Dec 2007, David Newall wrote:
> dean gaudet wrote:
> > On Wed, 19 Dec 2007, David Newall wrote:
> >
> > > Mark Lord wrote:
> > >
> > > > But.. pity there's no mount flag override for smaller systems,
> > > > where bind mounts might be more useful with link(2) actually working.
> > > >
> > > I don't see it. You always can make hard link on the underlying
> > > filesystem.
> > > If you need to make it on the bound mount, that is, if you can't locate
> > > the
> > > underlying filesystem to make the hard link, you can use a symbolic link.
> > >
> >
> > i run into it on a system where /home is a bind mount of /var/home ... i did
> > this because:
> >
> > - i prefer /home to be nosuid,nodev (multi-user system)
> >
>
> Whatever security /home has, /var/home is the one that restricts because users
> can still access their files that way.
yep. and /var is nosuid,nodev as well.
> > - i prefer /home to not be on same fs as /
> > - the system has only one raid1 array, and i can't stand having two
> > writable filesystems competing on the same set of spindles (i like to
> > imagine that one fs competing for the spindles can potentially result
> > in better seek patterns)
> > ...
> > - i didn't want to try to balance disk space between /var and /home
> > - i didn't want to use a volume mgr just to handle disk space balance...
> >
>
> Pffuff. That's what volume managers are for! You do have (at least) two
> independent spindles in your RAID1 array, which give you less need to worry
> about head-stack contention.
this system is write intensive and writes go to all spindles, so you're
assertion is wrong. a quick look at iostat shows the system has averaged
50/50 reads/writes over 34 days. that means 50% of the IO is going to
both spindles.
Device: rrqm/s wrqm/s r/s w/s rkB/s wkB/s avgrq-sz avgqu-sz await svctm %util
sda 1.96 2.24 33.65 33.16 755.50 465.45 36.55 0.56 8.43 5.98 39.96
> You probably want different mount restrictions
> on /home than /var, so you really must use separate filesystems.
not sure why you think i want different restrictions... i'm running fine
with nosuid,nodev for /var.
the main worry i have is some user maliciously hardlinks everything
under /var/log somewhere else and slowly fills up the file system with
old rotated logs. the users otherwise have quotas so they can't fill
things up on their own. i could probably set up XFS quota trees (aka
"projects") but haven't gone to this effort yet.
> LVM is your friend.
i disagree. but this is getting into personal taste -- i find volume
managers to be an unnecessary layer of complexity. given i need quotas for
the users anyhow i don't see why i should both manage my disk space via
quotas and via an extra block layer.
>
> But with regards to bind mounts and hard links: If you want to be able to
> hard-link /home/me/log to /var/tmp/my-log, then I see nothing to prevent
> hard-linking /var/home/me/log to /var/tmp/my-log.
you probably missed the point where i said that i was surprised i couldn't
hardlink across the bind mount and actually wanted it to work.
-dean
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]