Re: [gNewSense-users] Mounting/partitioning inside a VM

[Stayvoid]

Kim,

> Perhaps the first question is, why do you want to slice up the file
> system in this way?
>
> I would consider it unusual to split off /tmp, /var, /var/tmp and
> /var/mail in this way unless you were shifting a very large amount of mail.
I use this guide:
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html#s4.9

> And then to separate disks, not all on the same volume/disk.
Because I can't access the disk via fdisk or parted. I'll investigate
this, but AFAICT it's a VPS specific issue.
So the only option I have is to use several disks. I assume those are
not separate in a physical sense.

> As you seem to be running a Xen VM, I would expect you are not going to
> get a performance increase. It makes it much more likely that one of
> these file systems is going to fill and halt which ever process that
> doing the work in that file system.
I'm trying to secure the system, not to get a perf boost. Let me know
If I can achieve both.

> Ok, for each new file system you will have to migrate them from the
> 'root' disk/partition to the new disk/partition.
Yep.

>    2) mount each file system, eg under /tmp
>    3) copy the data from the 'root' file system to the new one
>       eg rsync -av /tmp/ /mnt/
>    4) unmount the file system from /mnt
This sounds strange. I will use my data if I unmount it. Is this correct?

Maybe I should do the following:
a) use my one-root-partition-fstab;
b) mount a fresh disk: mkdir /mnt/tmp; mount /dev/xvdf /mnt/tmp
c) rsync -av /tmp /mnt/tmp
d) repeat the trick for another disk: mkdir /mnt/var; mount /dev/xvdg /mnt/var
e)rsync -av /var /mnt/var
[...]
n) update /etc/fstab
n+1) reboot

What do you think? Will it work?
How to separate /var/mail from /var in this case?

Cheers