Effective Partitioning - The How and Why of it

January 28, 2006
A few days back, when my non-techie friend came to visit me at home, he was amazed to see me booting into multiple OSes (4 to be exact) on my machine. He then wanted to know how I accomplished this feat. I told him about creating partitions and how these partitions play a vital role in installing multiple operating systems on ones machine. But this conversation with my friend set me thinking; why is there so much fuss on creating partitions? I think the primary reason that people face this issue of re-partitioning is because they do not think ahead about their future needs.

Even I have faced this problem of re-partitioning my hard disk many a times. And each time, it was a fine balancing but time consuming act of shifting important data from one partition to another, sometimes taking backup and also at times wiping the disk clean and starting afresh.

At present, I run 4 OSes on my machine. Them being Windows XP, FreeBSD, Ubuntu Breezy and Gentoo Linux. For the curious ones, my hard disk is partitioned as follows :

# fdisk -l
Disk /dev/hda: 40.0 GB, 40020664320 bytes
16 heads, 63 sectors/track, 77545 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes

Device Boot Start End Blocks Id System
/dev/hda1 * 1 38745 19526976 7 HPFS/NTFS
/dev/hda2 38745 47461 4393336+ a5 FreeBSD
/dev/hda3 47462 48466 506047+ 82 Linux swap
/dev/hda4 48466 77536 14651280 5 Extended
/dev/hda5 48467 65902 8787523+ 83 Linux
/dev/hda6 65902 77536 5863693+ 83 Linux
As you can see above, I have divided my entire 40 GB hard disk into three primary partitions and one extended partition and the extended partition is further divided into two logical partitions (See figure below).

Fig: A view of my partitioned hard disk

You must be aware that one can create only 4 primary partitions per hard disk. The big question is why just 4 ? Why can't we create more than that number? The reason lies in the boot sector. In your primary hard disk, the first 512 bytes is reserved for storing the partition table also called the Master Boot Record (MBR). The problem is that this space fills up after storing just 4 records. So to create multiple partitions, a work around was found out. That is creating an extended partition whose address was stored in the partition table and then creating any number of sub partitions (called logical partitions) inside the extended partition.

Creating partitions is also dependent on the type of file system and OS used
For example, way back when I used to install Windows 95/NT, I remember having to split the hard disk into partitions of 2 GB size. This was because the file system used at that time FAT16 could not reside in partitions with sizes over 2.1 GB. Though the newer version FAT32 or NTFS does not have this limitation.

Similarly, OSes like Sun Solaris and FreeBSD can be installed only in primary partitions.

Deep thought should be given prior to creating partitions
The major work in creating partitions is to decide how many partitions to create and how much space to allocate to each of them. If too little is allocated, within no time, all the space will be filled up. And if too much space is allocated, then there will be a lot of unused space being wasted left around.

Generally speaking for Linux/Unix mail servers, you put the /var directory in a separate partition. This is because the users mail box resides in this directory. And if you are allowing the public to create email accounts on your machine, then in no time, the /var directory will get filled up and will eat up the remaining space on the hard disk and in the process bring the server down. This will not happen if /var resides in its own partition.

Should /tmp reside in a separate partition ?
A few people believe that the /tmp directory in Linux/Unix should reside in its own separate partition. There is a good reason for it. That is, the /tmp directory is world writable. If you do a long listing of the /tmp directory ...

$ ls -ld /tmp
drwxrwxrwt 14 root root 4096 2006-01-28 16:32 /tmp
... you will find that the directory is having read, write and execute permissions for all. Now why is that a bad thing? It is not exactly bad and has its uses. But a hacker (if he knows your IP address and is able to access your machine behind the firewall), will be able to upload and execute programs in the /tmp directory thus making your system vulnerable. For one, he can upload a tiny program to your /tmp directory, which when run will create a core dump.

Core dumps are files of huge sizes (some can be 1 GB size) which are generated when a faulty program is run on a Linux/Unix machine. A core dump can be used by a developer for finding out what is wrong with his program, but that is besides the point. One can imagine what will happen if the hacker repeatedly executes his tiny program and creates a series of core dumps on your machine. In no time, all the space on the hard disk will be filled and your system will crash.

Note: I have found out that in Ubuntu the functionality of creating core dumps is disabled by default. So people using Ubuntu can have the /tmp directory in the same partition as the '/' .

Another thing I feel positive about is creating a separate partition for the /home directory. This way, one can easily reinstall the operating system or switch distributions without worrying about creating backups. More over if you are using multiple Linux distributions like I do (see figure above), then you can have the same /home directory for both distributions.

How do you create a partition ?
There are a variety of tools available right from the ubiquitous fdisk to ranish partition manager, qparted, cfdisk to commercial products like Partition Magic. But as a long time Linux user, I would recommend learning to use fdisk. This is because even though it uses cryptic commands, once you master it, partitioning becomes a piece of cake. Also in emergencies, you will not be left high and dry for want of your favourite partitioning tool because fdisk is bundled with all Linux distributions and Unixes alike.

Will partitions ever go out of vogue ?
I think we will have to put up with partitioning for a couple more years. But with the recent interest in virtualisation technologies (like Vmware, Xen, Usermode Linux and QEMU), which allow one to run any operating system over another at the same time, and also taking into consideration the increase in processing power and availability of cheap memory, I feel, may be in 10 years or so, people will opt out of partitioning their hard disks all together.

Update:
I forgot to mention that the partition housing FreeBSD (see figure above) was originally a FAT32 partition which I was using to share data between Linux and Windows. Because I felt a bit lazy or just didn't feel like it, I opted for converting the FAT32 primary partition to UFS2 to install FreeBSD. If you are considering dual booting between Windows and Linux, it is beneficial to have atleast a small FAT32 partition to facilitate sharing of data between the two OSes.
Also Read:
Creating and resizing a Logical Volume Manager in Linux

25 comments:

  • Ravi,
    Thanks for the awesome article. I may add that in fedora too, core dumps are disabled by default. So you need not have /tmp directory in its own partition.

    Creating a seperate partition for /home is new to me. Must try it out.

  • Maybe you could mention the ulimit command as well.. Not to mention that a malicious user could generate huge files in /tmp by other means too...

  • home being mounted separately doesn't work very well ... Different Distro's contain different wm/dm's and tool versions and all config files (.xxxx) in the $HOME are not always compatible .. some of them end up overwriting and messing up other installs .. so I never do it.

  • If you're not concerned so much about booting multiple OSes (or if you're booting multiple versions of the same OS), then one approach is to partition based on access patterns. By that, I mean things like /lib /bin /sbin /etc ..., don't change much, while things like /tmp and /var do. (I've seen some systems where /tmp is a symlink to /var/tmp). By putting /var on a separate partition, you can tweak it separately.

    Another consideration is security. It might be possible, for example, to turn off execution of programs in /tmp. (See mount(8) and search for "noexec".)

    Another consideration is backup and restoration. For example, I usually have /home on a separate partition (as mentioned), and I back it up separately than /. The theory is that if something goes bad, and especially if my system gets hack, I'll *rebuild* / by wiping the disk and re-installing the OS, but restore /home from backup.

    Unfortunately (or fortunately), everything I've said is just theory really :) I've just been poking around with linux at home, and haven't really had much trouble to deal with.

  • I usually have a fat32 partition for my documents, music,etc. so I can access my files from Linux/Windows or reinstall and OS without problems

  • Really good stuff!

  • this isn't a bad article as far as it goes, but i sort of consider partitions mostly obsolete myself. normally, i put a 100m partition in the front of a drive for /boot and a second partion taking the rest of the drive. that is then made to be a physical volume / volume group under lvm and the i divvy up the filesystems on logical vlumes within that. that way you can allocate just what they need and resisze them up as needed using free space remaining in the vg. this ends up essentially sizing your filesystems in response to their usage patterns - quite precisely and flexibly. ext3 and reiserfs can both be increased in size while mounted, so you don't even have to reboot much less do long running partition resize utilities. you can decrease them too, but they have to be unmounted and you have to be a bit careful doing that.

    for systems with multiple drives, i generally partition them all as above, but i make the 100m /boot partition in the front a raid-1 so each drive has a mirrored boot partition, and i run grub on each one to give every drive in the system it's own mbr so i can boot from any of them in case of failure.

    the second partition on each drive is raid-1 if there are only two drives, or raid-5 if there are more. then that second raid becomes an lvm physical volume / volume group and evrything else is as described above in the vg.

    it's a very flexible setup, and once you've been using lvm you don't ever want to mess with actual partitions ever again.

  • That bit about a hacker uploading something illicitly (already a hole), then uploading a program into temp and being able to execute it (also already a major hole) gets really silly when our genious hacker then uses this to... cause core dumps to fill up the drive space? What?

    If the hacker can run programs, and he wants to fill your drive space up, all he has to do is run a program that outputs to a file forever. dd if=/dev/zero of=/tmp/file.of.doom will do nicely.

    Of course, even better would be running a local priv. escalation exploit.

    The problem with world-writable /tmp is not a remote hacker, because if the remote hacker gets in that far you've Already Lost. The problem is a malicious local user, which is unlikely to be a problem for your target user. I don't worry about it because I'm the only user of my system, and, like I said, if a hacker is far enough into my updated, firewalled Linux machine to be writing files to /tmp, I've already lost.

  • David

    Will partitions ever go out of vogue?
    I think we will have to put up with partitioning for a couple more years. But with the recent interest in virtualisation technologies (like Vmware, Xen, Usermode Linux and QEMU), which allow one to run any operating system over another at the same time, and also taking into consideration the increase in processing power and availability of cheap memory, I feel, may be in 10 years or so, people will opt out of partitioning their hard disks all together.


    I would have to completely disagree. Partitioning isn't only about multiple operating systems; it's also about organization. Your /home example is perfect, as I keep a Files partition on my desktop accessible to all operating systems installed. It's a life-saver when you need to reinstall any OS.

    And there's also /swap or even a huge use for a PageFile partition.

    If anything, I imagine partitioning to become even more robust and transparent to the user.

  • I typically practice the use of installing games on a seperate partition. This way, if I decide to do a clean wipe of my boot partition (Windows), I can quickly reinstall my games using the CDROMs/DVDs. I simply specify my pre-existing folder on my game partition, and the installers are usually smart enough to verify files instead of overwriting each and every one. I can reinstall Battelfield 2, (which weighs in at almost 3GB), in about 30 seconds.

  • In Linux webservers, the most imporant directory to put on it's own partition is /tmp as you can secure it by putting the options in /etc/fstab as loop,nosuid,noexec,rw and if you chmod 700 the wget binary as well (and chmod it back if a script that performs updates needs to use wget, temporarily). Problem is programs such as perl may still be able to execute /tmp files, but SELINUX helps with more complicated problems like that, by preventing directory traversal.

  • Legit Freebies Guy

    hmmm.. I didn't know you can install upto 4 OSes. I usually saw ppl with just 2. Thanks for the tutorial though. Quite good.

  • Hmm... No mention of some of the most interesting reasons to partition. First, to use different mount options -- noexec, nosuid, and noatime are frequent here, not to mention ro. Also, different filesystem types -- fat32 for shared filesystems, xfs for large files, tmpfs for /tmp. Finally, /tmp is not the only filesystem that is worth protecting from overfilling your whole system, /var can quickly fill up if you underestimate log volume (or have a DOS attack).

    Of course, you don't want to have too many filesystems or it will be annoying to manage. The trick is finding the divisions that are actually useful to you (such as /home) and doing those.

    Also, worthy of mention is LVM, which allows online extending of partitions non-contigiously, which can really help when you want to split partitions but aren't sure how to allocate the space. Without LVM or similar tools, I do think that partitioning would be doomed, however with the flexibility LVM offers I think they will continue to be used even on single OS computers. Hopefully in the upcomming years we can get a standard for lvm or dynamic disks that can be shared by mutiple OSs.

  • If you have mounted /tmp with noexec try this

    cp /bin/ls /tmp/.
    /lib/ld-linux.so.2 /tmp/ls

    your version of ld-linux may vary

    the polarizer

  • polarizer:

    This does not work as of Linux 2.6 kernel.

  • Ravi, I think you should have put "multibooting" somewhere in this article's topic, as what you've described is not IMHO very effective for those of us not interested in multibooting.

    All my Linux boxes use LVM and md (unless they have hardware RAID). Redundancy and volume management.

  • blackthorne

    I still don't understand why so many people create a partition /tmp with noexec option on fstab instead of simply chmod it like any other directory on /. I know that an hacker with superuser priviledges can change them again, but that is also valid to a simple change on the fstab or else unmounting and mounting the partition again with the options that he wants.

    But overall, i think this article is nice exception made to /opt partition which i believe is very useful tough not widely used. There are programs which are not integrated with package managers and run fine in their stand-alone directory which need to be organized somewhere in the system. This partition is a good place to do it. A good reason for that is the fact you can share these programs to other systems installed on the system with no need to repeat information on disk and no need to configure them again. Other reason is that you can format any other partition and reinstall your system and the binaries don't need to be reinstalled. It also improves organization since you don't get directories filled of programs that you can't simply remove it using a package manager messed up with other that can.

  • Ravi

    @ grifferz
    LVM is an all together different game in my modest opinion and more over I have provided a link to creating LVM in linux at the bottom of the article.
    If I talk about multibooting, then I will end up talking about boot loaders too which I felt will be a deviation from the topic of partitioning.

    @ logrotate

    That is an interesting idea you have put here. I agree with you that it is really good to have /opt in a seperate partition for convinence. Even I have installed java, firefox and other softwares in the /opt directory and sharing it with different distributions will save a lot of trouble and duplication.

    Thanks for the tip. :)

  • sami

    i have 240GB of HD space(160 + 120) and i use 6-7 operating systems. i have a separate test bed machine to test various gnu/linux distros, and when i like one, i install it on my personal desktop also. i create only two primary partitions - one for windows xp and the other for FreeBSD. then i create all other partitions as logical partitions in the extended partitions. one logical partition is always a swap and from the rest, one logical for one gnu/linux distro suits me well. i use explore2fs to read files in windows from gnu/linux partitions. for large files that need to be shared, i have a 80GB USB external hard disk formatted with FAT32 filesystem.

  • How does one overcome the 8GB barrier in older BIOSes to have a dual boot machine? I was unable to split a 40GB disk into 2-20GB ones and have both OSes bootable. I finally made a 7.9GB primary partition for Windows, a 20GB partition for FreeBSD, and a 12.1 GB partition for Windows' second partition. Thanks. Jim.

  • Jim,

    There's an easy solution, just buy a new computer and you won't have to worry about aging bios limitations.

  • Wouldn't it make more sense to put the swap partition at the outer part of the disk. In the graphical display of your partitions the swap would be placed after the ext3-Gentoo partition.
    This is where the reading and writing would be fastest because of the rotation of the disc.
    I am no expert so this is a questions just as much as a statement :)

  • Muralidhar

    @Ravi, logrotate, Ravindranath Y, and the anonymous that proposed RAID-1,5 combi with LVM

    Cheers folks,
    Excellent discussion. This blog rocks, as does GNU/Linux.

  • Nice article. I should point out that with latest linuxes provided by Fedora/RedHat/ubuntu etc have native read-write support for windows' NTFS partition. This means that you don't need a fat32 partition to share files.

    Besides, it is a good practice to create a separate partition for your /home. I don't see that you have created reading from your partition info. However sometimes different versions of linux have different ways of writing to the /home. Fedora has special folders called Music Documents ,Templates etc (Ubuntu Gutsy and Feisty) have them too, but others may not. Do beware, you might overwrite important data this way.

    Shailen Sobhee
    ai [dot] revolutions [at] gmail [dot] com

    http://digitalgraphy.wordpress.com

  • Ravi

    Thanks for the input Shailen. I agree with you. Now a days, you can completely do away with the FAT partition as most linux distributions ship with ntfs-3g driver which provides read/write support for ntfs partitions. And ntfs being far superior than fat, it is the default partition created in Windows.