Why Separate Boot, Home, and Var Partition in Linux?
/boot: For legacy reasons. In the olden days, BIOS cannot reference any sector that is located higher than 1024 cylinders. Forcing the /boot partition to be on its own and be the first partition created ensures that the necessary files are located below the 1024-cylinder limit. The Linux kernel and the initrd/initramfs image are located here to ensure everything is loaded into memory to start the actual storage drivers for direct access in order to get rid of the slow and limited BIOS for reading data. I am not sure if UEFI solved this issue though...
/home, /var, /usr, ...: Compartmentalize the storage space. For example, if you have an errant user or process that fills up the /home partition, it does not affect /var, where the log files are stored. You can then review the logs in order to investigate what happened. Also, take a look at the /etc/fstab file. Each line has two numbers at the end. One is for dump (an old, old backup program), and the other is to tell the system to fsck on boot (file system check).
It also enables security and/or different file system strategies. For the security example, /boot, /usr, are mostly static (except if you are updating). /home and /var, not so much. In other words, you can configure the system to mount these partitions as read-only on startup, and only remount them read-write before you update.
A useful mount flag is noexec, where you are indicating to the system that it should not honour any binary programs that are marked executable. For example, if a web-uploaded file is stored in /tmp, and there just so happens to be an exploit that remotely triggers the ability to start a program, mounting /tmp with the noexec flag would help keep that from happening. Another example would be if you do not allow your users to run any programs that they download or compile themselves: mount /home with noexec. If there is no reason why a certain mount point should contain runnable programs, it should be mounted with noexec.
For different file system strategies, Gentoo uses portage for their package management system that contains an enormous amount of small files stored in /usr/portage. You can format that mount point's partition with a file system that is more efficient at storing small files. Of course, this recommendation was made before SSDs were available or affordable.
On the other hand, f2fs file system is supposed to be more efficient for flash-based storage (minimizes writes), but not every boot code supports f2fs, so you may have to use ext4 for /boot and f2fs for the rest.
/tmp is supposed to be volatile. You cannot expect any file stored there to survive a reboot. Some distributions will deliberately wipe it out on startup. Some security auditing scripts (CSF, some profiles in RHEL/CentOS7's OpenSCAP, etc.) would recommend mounting a ramdisk there, again for compartmentalizing, but there is also next to no slowdown for "wiping" that directory.
Of course, most of the above would not apply to you. These are some of the examples that I have encountered that either requires using or improves if using different mount points. Personally, I have not been following the different mount points strategy, instead opting for whatever the distribution decides (which is usually a separate /boot and a separate /home, if space allows), although I may take extra security precautions if I am setting up an Internet-facing server.
TL;DR: Personal preference. Some are for legacy reasons. Some for technical reasons. Some were suggested long ago, but do not apply now. Take extra precaution if you are setting up a Linux-based server that has direct access to the Internet.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now