Author: o1bigtenor Date: To: Rainer Weikusat CC: dng Subject: Re: [DNG] running with separate / and /usr
On Tue, Jan 10, 2023 at 2:21 PM Rainer Weikusat via Dng
<dng@???> wrote: >
> Background
> ----------
> Recently, the disk in my work computer developed a local defect which
> caused me to lose a sizable chunk of the data on the 'writable' system
> partition (affecting /home and /var --- in particular, I lost the
> complete dpkg database and had to write a set of scripts to recreate it
> from the list of available package names in /usr/share/doc). This has
> reimpressed me with the usefulness of structured disk layouts --- had
> /home and /var been on separate partitions, ie, had their data not been
> spatially intermixed, I would have lost data on from one of them but not
> both).
>
> Practical Problem
> -----------------
> Devuan 4 cannot boot, at least not without an initrd, with / and /usr
> being separate because a large number of programs in / are linked with
> libselinux which, in turn, needs libpcre which is on /usr and not on /.
> Two programs (I remember kmod) also need libcrypto (OpenSSL) which is
> also not on /. I worked around this by booting a live system on a USB
> stick and copying the libraries manually.
>
> Is this still a supported configuration, ie, should this be regarded as
> a bug? Even if not, is their interest for making it again possible? I
> did a POC for init in order to make it load libselinux at runtime and
> fail gracefully if it isn't available (or not load it at all if running
> on a kernel without SELinux support [such as the 6.1.2 one I'm
> running]). A real solution would probably need to be a library
> installing itself as libselinux (and the real libselinux library under a
> different name) which would forward function calls to the real library
> if it can be loaded (and if the kernel supports SELinux).
>
> I'm willing to put work into this although this would only proceed
> slowly as this would amount to just a few hours each Sunday.
> Greetings
My instance of Devuan Deadalus is running on mirrored major
partitions.
There are some 8 partitions in total (each one on a raid 1 except the
EFI partition)
/
/tmp
/usr
/home
/boot
/var
/usr/local
(in inverse order to the list in blkid)
(There is also an EFI partition so there are actually 16 partitions
and that's not counting those that make up my storage raid array.)
A mentor (now deceased) suggested all separate partitions some likely
8 to 10 years ago. He had had a system lock itself up due to a /var partition
overflow which resulted in him having to (IIRC) re-install. He was quite
vehement about the need to give /var some definite boundaries.
Yes - - - - this isn't the modern way to do things (I got it!)
There can be issues - - - - I've had problems with /usr getting to small more
than on one or 2 systems!!!
But I won't be losing my system because an out of control process
generates a lot of stored output which then locks up the machine.
You likely don't absolutely 'need' to have 8 different partitions as having
all 8 likely introduces other vulnerabilities but I will not have the issue
you had - - - - ever(!!).