Absolute OpenBSD: Unix for the Practical Paranoid

The most difficult part of installing OpenBSD is deciding how to partition your hard drive. When you don't know how partitions work, choosing a partition layout can be troublesome. Unlike many installers that have fancy menus or graphic tools, OpenBSD's installer expects you to know how to use low-level disk management tools.

Partitions are logical subsections of a hard drive. Different partitions can be handled in different ways and can even have different file systems or different operating systems on them. We're going to discuss partitioning for both single-OS and multiple-OS installs.

Note

Get a piece of paper to make some notes about your partitioning. Start by writing down the size of your hard disk. This is the amount of space you have to divide between your partitions. Write down the size of every partition you want and the order in which you want those partitions to lie. This will make installing OpenBSD much easier!

Why Partition?

Partitioning might seem like a pain; why should you bother? Many commercial operating systems allow you to simply have one large partition over your entire hard disk, giving you a single 80-gig partition. What are the advantages of partitioning?

Different operating systems have different partition types and different requirements for disk layout. A Microsoft operating system simply cannot recognize an OpenBSD disk format and will insist upon formatting it before using it. Although OpenBSD can mount partitions designed for most other popular operating systems, do not put the main OpenBSD system programs on a foreign partition. Let each OS run on its own section of disk. If you want to have multiple operating systems on your machine, you must partition.

But when you're running a dedicated OpenBSD machine, why should you bother to split up your hard drive? On a physical level, different parts of the disk move at different speeds. By putting frequently accessed data on the fastest parts of the disk, you can improve system performance. The only way to arrange this is by using partitions. Also, the operating system handles each partition separately. This means that you can configure each partition differently or set it to use different rules. The root partition is the only partition that should have device nodes, for example, so you can tell other partitions to not recognize device nodes. Partitions that contain user data should not have setuid programs, and you might not even want to allow them to have programs at all. Separate partitions enforce that easily. You want the main system configuration directory to be unchangeable, so an intruder or a clumsy user cannot alter it? That's trivial with separate partitions. If one partition is damaged, chances are that damage will not extend to other partitions. You can boot the system using the intact partitions and attempt to recover the data on the damaged partition. Finally, correct use of partitioning can enhance security. Not only will hackers have a more difficult time if they do break into your machine, but your own users will find it more difficult to accidentally damage the system. Before partitioning a hard drive, decide what the system will be used for. Is this a mail server? A Web server? A desktop machine? We'll discuss the requirements for each partition for different types of servers.

Категории