By Ded Ryzing: By the very nature of it’s design, the GNU/Linux OS is a very secure and stable platform. However, there are still things that can be done to make the system almost bullet proof. I say almost because, let’s be honest, nothing designed and built by man is perfect. These are things that typically don’t require the installation of 3rd party packages or freeware applications.

The first and most basic task one undertakes with an OS, any OS, is it’s installation. Building a rock steady system begins here and decisions you make during install will have a large impact on the reliability and security of the end system.

According to the *nix gospels, for a reliable and secure system the more partitions the better. This is, in fact, true. A good rule of thumb is to have a seperate partition for each file system that will contain user created files. Your partitioning scheme will also depend a lot on the main purpose of the system. For example (and I do mean example as partitioning schemes can be quite complex or very simple depending on taste):

• Http Server: Create a seperate partition for the web server log files. Each time there is a failed connection, it is logged and having a seperate partition will help protect the system from a DoS attack. In Debian/Ubuntu, default Apache log location is /var/log/apache2/ and for RedHat/Fedora/CentOS it is /var/log/httpd/
• FTP Server: Create a seperate partition for the pub folder or whatever location you use for user uploaded files.
• E-mail Server: It’s a good idea to create a seperate partition for the e-mail spooler. On many systems this is located at /var/mail or /var/spool/mail. Consult your distributions help files for exact locations of incoming and outgoing mail spools.
• NFS or Samba Server: It is always a good idea to create a seperate partition for shared file/folder storage. This location can be of your choosing. I personally prefer to create an entirely new directory for this (preferably on a seperate hard drive which also helps with system performance).
• Home Shares: If multiple users will be connecting to your machine and storing data, it is advisable to create a seperate partition for /home. I like to do this anyways, even if it’s just for my use.
• Other partitions I like to create include /boot for easier kernel recovery and /tmp to help guard against rogue processes filling a drive with temp files.

The question of how large to make these partitions is a matter of personal opinion, intended system usage and experiences. For example, for a LAMP server you would want to allocate more space for Apache and MySQL databases and little for /home. With the extremely large size of modern hard drives and their relatively low cost, be liberal when allocating space.

Tags: Linux, Linux Install