Download | Devuan.org | Git | Bugs | Packages

The officially official Devuan Forum!

You are not logged in.

Pages: 1

#1 2020-04-01 15:45:23

shiztivr
Member
Registered: 2020-03-22
Posts: 14  

How should I set my Devuan root partition?

In the Expert Installer, I can choose special options to set my partitions or Devuan such as noa, nosuid and noexec.

For the most secure OS, what options should I check and what exactly do they do?
Also, what shouldn't I check in order to ensure Devuan functions properly?

Thanks.

Offline

#2 2020-04-01 19:07:36

bgstack15
Member
Registered: 2018-02-04
Posts: 205  

Re: How should I set my Devuan root partition?

From mount(8)

nosuid Do not honor set-user-ID and set-group-ID bits or file capabilities when executing programs from this
              filesystem.
...TRUNCATED...
       noexec Do not permit direct execution of any binaries on the mounted filesystem.

I cannot find exactly the "noa," so it is probably either noauto or noatime.

noatime
              Do not update inode access times on this filesystem (e.g. for faster access  on  the  news  spool  to
              speed up news servers).  This works for all inode types (directories too), so it implies nodiratime.

...TRUNCATED...
       noauto Can only be mounted explicitly (i.e., the -a option will not cause the filesystem to be mounted).

So you certainly need any partition that houses /usr/bin, /bin/, /sbin/, /usr/sbin/ and probably /usr/local/bin to NOT have "noexec." Those partitions should also NOT have "nosuid."
I feel uncertain about the "noa" because I cannot determine which one it is. "noatime" is generally used on ssds to reduce how many writes happen to the disk, to minimize wear and tear. And in the installer for a distro of Linux, you should never choose "noauto." That's generally for secondary disks that don't need to be there for boot up.

Last edited by bgstack15 (2020-04-01 19:07:56)

This space intentionally left blank.

Offline

#3 2020-04-02 08:45:17

shiztivr
Member
Registered: 2020-03-22
Posts: 14  

Re: How should I set my Devuan root partition?

Thanks. I took note of all that.

Offline

#4 2020-04-02 10:46:21

Head_on_a_Stick
Member
From: London
Registered: 2019-03-24
Posts: 3,125  
Website

Re: How should I set my Devuan root partition?

Don't bother with noatime, modern SSDs need no special measures to restrict writes and will probably outlast most spinning rust drives.

Brianna Ghey — Rest In Power

Offline

Pages: 1

Board footer

Forum Software