Why Separate Boot, Home, and Var Partition in Linux?

[DimasRMDO]

I've been thinking of this for a long time, why does Linux do this? Why separate everything? What's the benefit? Why not just combine them together? I've tried this and it works as well, everything is kept in one place.

[Kirky2k15]

Personal preference?

[DimasRMDO]

Just now, Kirky2k15 said:

Personal preference?

Maybe, because some people said to me to separate those stuff in separate partition, but some people said otherwise (just combine them together).

[CWP]

/boot: For legacy reasons. In the olden days, BIOS cannot reference any sector that is located higher than 1024 cylinders. Forcing the /boot partition to be on its own and be the first partition created ensures that the necessary files are located below the 1024-cylinder limit. The Linux kernel and the initrd/initramfs image are located here to ensure everything is loaded into memory to start the actual storage drivers for direct access in order to get rid of the slow and limited BIOS for reading data. I am not sure if UEFI solved this issue though...

 

/home, /var, /usr, ...: Compartmentalize the storage space. For example, if you have an errant user or process that fills up the /home partition, it does not affect /var, where the log files are stored. You can then review the logs in order to investigate what happened. Also, take a look at the /etc/fstab file. Each line has two numbers at the end. One is for dump (an old, old backup program), and the other is to tell the system to fsck on boot (file system check).

 

It also enables security and/or different file system strategies. For the security example, /boot, /usr, are mostly static (except if you are updating). /home and /var, not so much. In other words, you can configure the system to mount these partitions as read-only on startup, and only remount them read-write before you update.

A useful mount flag is noexec, where you are indicating to the system that it should not honour any binary programs that are marked executable. For example, if a web-uploaded file is stored in /tmp, and there just so happens to be an exploit that remotely triggers the ability to start a program, mounting /tmp with the noexec flag would help keep that from happening. Another example would be if you do not allow your users to run any programs that they download or compile themselves: mount /home with noexec. If there is no reason why a certain mount point should contain runnable programs, it should be mounted with noexec.

 

For different file system strategies, Gentoo uses portage for their package management system that contains an enormous amount of small files stored in /usr/portage. You can format that mount point's partition with a file system that is more efficient at storing small files. Of course, this recommendation was made before SSDs were available or affordable.

On the other hand, f2fs file system is supposed to be more efficient for flash-based storage (minimizes writes), but not every boot code supports f2fs, so you may have to use ext4 for /boot and f2fs for the rest.

/tmp is supposed to be volatile. You cannot expect any file stored there to survive a reboot. Some distributions will deliberately wipe it out on startup. Some security auditing scripts (CSF, some profiles in RHEL/CentOS7's OpenSCAP, etc.) would recommend mounting a ramdisk there, again for compartmentalizing, but there is also next to no slowdown for "wiping" that directory.

 

Of course, most of the above would not apply to you. These are some of the examples that I have encountered that either requires using or improves if using different mount points. Personally, I have not been following the different mount points strategy, instead opting for whatever the distribution decides (which is usually a separate /boot and a separate /home, if space allows), although I may take extra security precautions if I am setting up an Internet-facing server.

 

TL;DR: Personal preference. Some are for legacy reasons. Some for technical reasons. Some were suggested long ago, but do not apply now. Take extra precaution if you are setting up a Linux-based server that has direct access to the Internet.

[DimasRMDO]

55 minutes ago, CWP said:

snip

I'll take note of this, thank you

[Azgoth 2]

A few quick things to add to @CWP's very thorough post: some of the partitioning becomes very useful when you have an SSD boot drive and HDD mass storage drive.  Some partitions--namely, /tmp, /var, the swapfile, and sometimes /home depending on your use case--are highly volatile, and are often constantly have data written to them, then deleted, then re-written.  So you can put these partitions on your HDD if you're concerned about read/write cycles on your SSD.

 

Using separate partitions can also make re-installing or switching distros less of a hassle, since you can only re-install the OS files while leaving, say, /home untouched.  You can then point your new install at the location of your old partitions and have your files back.  A lot of people actually recommend using a separate /home partition for just this reason, especially if you're planning to hop distros at some point or if you're installing Linux Mint right around now (Mint is one of the few distros that really, really pushes you to do a clean install when there's a new major version out).

[DimasRMDO]

18 hours ago, Azgoth 2 said:

A few quick things to add to @CWP's very thorough post: some of the partitioning becomes very useful when you have an SSD boot drive and HDD mass storage drive.  Some partitions--namely, /tmp, /var, the swapfile, and sometimes /home depending on your use case--are highly volatile, and are often constantly have data written to them, then deleted, then re-written.  So you can put these partitions on your HDD if you're concerned about read/write cycles on your SSD.

 

Using separate partitions can also make re-installing or switching distros less of a hassle, since you can only re-install the OS files while leaving, say, /home untouched.  You can then point your new install at the location of your old partitions and have your files back.  A lot of people actually recommend using a separate /home partition for just this reason, especially if you're planning to hop distros at some point or if you're installing Linux Mint right around now (Mint is one of the few distros that really, really pushes you to do a clean install when there's a new major version out).

Awesome! Thank you for adding this