FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux General Discussion

 
 
LinkBack Thread Tools
 
Old 12-09-2011, 10:03 PM
Leonid Isaev
 
Default partition sizes and filesystems ( Install Arch in stages?)

On Fri, 09 Dec 2011 23:26:47 +0100
clemens fischer <ino-news@spotteswoode.dnsalias.org> wrote:

> Leonid Isaev wrote:
>
> > I think it's a better idea to have either /var/lib or entire /var on
> > reiserfs.
> >
> > / ext4 30Gb
> > /var ext4 10Gb
> > /boot ext4 100Mb
> > /var/lib reiserfs 500Mb
> > /home ext4 85Gb
> > /tmp ext2 2Gb
>
> Interesting! Why do you think that? Me, I used my ears to determine
> the best filesystem for my workloads on the PC. Ext4 is the one with
> least head movement: the disks stay silent for long periods of time,
> then they have hectic fits and go quiet again.

In my experience reiserfs made a HUGE difference in pacman <3.5 performance
compared to ext4, because /var/lib had lots of small files. Then pacman DB
became compressed and this gain became minimal but still noticeable. I guess
this is due to /var/lib/pacman/local/. Ext4 is optimal for intermediate-sized
files, like the ones you typically find in /home.
>
> Compare this with freebsd's UFS2+soft-updates, XFS and JFS. I didn't
> dare to use ZFS on freebsd and I think I never tried reiserfs, fearing
> it isn't on active development currently.

Reiser 3.6 is considered feature-complete I think, so only bugfixes are
released. It was the default on SuSE until SLES 10 and is still maintained.
There are myths of it being unstable. This is because on older kernels you had
to write barriers manually to prevent data corruption; since 3.1 it is the
default.

I heard a lot of good things about JFS, but my personal experience was
absolutely terrible (frequent FS corruptions after unclean shutdowns). Even
BTRFS was better. XFS is good for large files, so if you have a dedicated
partition for movies -- this is your best bet.
>
> Oh, one other thing: my swap and home partitions are LUKS encrypted.
> The swap uses etc/crypttab with a random key, the key for home is on an
> USB dongle, so I can physically lock out people taking possession of the
> PC by keeping that dongle safely stashed away some place.

Cool I used LUKS but then figured it's not worth it. Because only several
important file really need encryption, I ended up with plain gpg.
>
>
> clemens
>

--
Leonid Isaev
GnuPG key ID: 164B5A6D
Key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
 
Old 12-09-2011, 10:13 PM
Heiko Baums
 
Default partition sizes and filesystems ( Install Arch in stages?)

Am Fri, 9 Dec 2011 17:03:03 -0600
schrieb Leonid Isaev <lisaev@umail.iu.edu>:

> Reiser 3.6 is considered feature-complete I think, so only bugfixes
> are released. It was the default on SuSE until SLES 10 and is still
> maintained.

ReiserFS 3.6 is fast on a new system, but gets extremely slow after a
few years. That was at least my experience and the reason for switching
to ext3 which is after a few years now still as fast as at the
beginning.

> Cool I used LUKS but then figured it's not worth it. Because only
> several important file really need encryption, I ended up with plain
> gpg.

With GnuPG you have to explicitly decrypt the single files every time
you want to access the file. With LUKS this happens transparently, and
you can encrypt the whole system so that nobody can see what's on your
harddisk except for the kernel, the initrd and the bootloader of
course. So there are use cases for both LUKS and GnuPG depending on
your needs or wishes.

Heiko
 
Old 12-09-2011, 10:32 PM
Leonid Isaev
 
Default partition sizes and filesystems ( Install Arch in stages?)

On Sat, 10 Dec 2011 00:13:53 +0100
Heiko Baums <lists@baums-on-web.de> wrote:

> Am Fri, 9 Dec 2011 17:03:03 -0600
> schrieb Leonid Isaev <lisaev@umail.iu.edu>:
>
> > Reiser 3.6 is considered feature-complete I think, so only bugfixes
> > are released. It was the default on SuSE until SLES 10 and is still
> > maintained.
>
> ReiserFS 3.6 is fast on a new system, but gets extremely slow after a
> few years. That was at least my experience and the reason for switching
> to ext3 which is after a few years now still as fast as at the
> beginning.

It slows down as the partition fills up, no? That's why I used it on /var only
since the used disk space doesn't really fluctuate.
>
> > Cool I used LUKS but then figured it's not worth it. Because only
> > several important file really need encryption, I ended up with plain
> > gpg.
>
> With GnuPG you have to explicitly decrypt the single files every time
> you want to access the file. With LUKS this happens transparently, and
> you can encrypt the whole system so that nobody can see what's on your
> harddisk except for the kernel, the initrd and the bootloader of
> course. So there are use cases for both LUKS and GnuPG depending on
> your needs or wishes.

I know. My sensitive data is localized, and I don't care to encrypt
/usr/bin/firefox. If transparency is needed, I would go with ubuntu's
ecryptfs. It's simpler, but of course requires FS to be supported by linux.
Not to say that full disk encryption isn't usefull...
>
> Heiko



--
Leonid Isaev
GnuPG key ID: 164B5A6D
Key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
 
Old 12-09-2011, 11:25 PM
Karol Babioch
 
Default partition sizes and filesystems ( Install Arch in stages?)

Hi,

Am 09.12.2011 21:14, schrieb Leonid Isaev:
> I think it's a better idea to have either /var/lib or entire /var on
reiserfs.

Of course everyone is free to choose and experiment with the different
available options, but in general I think you don't make anything wrong
when choosing ext4. Besides being the "official" filesystem, which is at
least claimed to be best tested, it will at some point be upgradable to
btrfs without much of a hassle. Looking at the features of btrfs and its
speed right now, I think this will be the best choice at some point.

Am 10.12.2011 00:13, schrieb Heiko Baums:
> so that nobody can see what's on your
> harddisk except for the kernel, the initrd and the bootloader of
> course.

Well that sounds a little bit misguiding for me. Once the device is
"opened" its totally transparent, so not only the kernel has access to
the data, but also any other running process / program. Of course the
"normal" file permissions are applied, but from the point of view of a
program, which accesses the filesystem on a high(er) level of
abstraction there is totally no difference whether the underlying device
is encrypted or not.

Am 10.12.2011 00:32, schrieb Leonid Isaev:
> I know. My sensitive data is localized, and I don't care to encrypt
> /usr/bin/firefox. If transparency is needed, I would go with ubuntu's
> ecryptfs. It's simpler, but of course requires FS to be supported by linux.
> Not to say that full disk encryption isn't usefull...

As said above LUKS is totally transparent. Of course there is a reason
for so many solutions concerning encryption to exist. However I
personally prefer LUKS (dm-crypt) when it comes to whole drive
encryption. Its quite easy to set up, has proven to be solid, it is even
easy to have the swap partition encrypted and its quite general in the
Linux world, so you can use it with most (all ) distributions.

If you just want to have some files and/or (home) folders encrypted it
makes perfectly sense to use Truecrypt, ecryptfs and/or GnuPG.

However I probably would suggest everyone to go for the whole drive
encryption, unless there are reasons not do so. Especially on laptops it
makes sense, because they tend to get stolen or lost and in most cases
there is sensitive data on them. Furthermore I don't like the idea to
have everything unencrypted on my hard disk. Hard disks get broken all
the time and I don't want to have some customer service to have access
to my data. Moreover every disk nowadays can reallocate sectors, which
then in return it is not so easy to delete / overwrite anymore, because
often it is not documented whether or not a secure erase affects these
sectors as well.

As newer CPUs are fast enough for this little bit of overhead anyway
(especially with hardware support for AES), I don't see any relevant
downsides to encryption. Therefore, personally, I would always choose to
go for it.

Best regards,
Karol Babioch
 
Old 12-10-2011, 12:19 AM
Heiko Baums
 
Default partition sizes and filesystems ( Install Arch in stages?)

Am Fri, 9 Dec 2011 17:32:51 -0600
schrieb Leonid Isaev <lisaev@umail.iu.edu>:

> It slows down as the partition fills up, no?

No. There was always enough space on the partitions.

Heiko
 
Old 12-10-2011, 12:27 AM
Heiko Baums
 
Default partition sizes and filesystems ( Install Arch in stages?)

Am Sat, 10 Dec 2011 01:25:16 +0100
schrieb Karol Babioch <karol@babioch.de>:

> Well that sounds a little bit misguiding for me. Once the device is
> "opened" its totally transparent, so not only the kernel has access to
> the data, but also any other running process / program. Of course the
> "normal" file permissions are applied, but from the point of view of a
> program, which accesses the filesystem on a high(er) level of
> abstraction there is totally no difference whether the underlying
> device is encrypted or not.

I'm, of course, speaking of offline attacks. LUKS doesn't protect
against online attacks. Which encryption you use depends on the
particular use case. For really sensitive data it's best to using both,
GnuPG and LUKS.

Heiko
 

Thread Tools




All times are GMT. The time now is 07:46 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org