Re: Partitioned following Linux Administrators Security Guide - Debian won't boot

From: Andreas Janssen (andreas.janssen_at_bigfoot.com)
Date: 04/04/04


Date: Sun, 04 Apr 2004 15:33:17 +0200

Hello

Tim Kaufmann (<tik@gmx.de>) wrote:

> I partitioned the harddisk of my new system according to the Linux
> Administrators Security Guide (lasg) (see the table in the middle of
> http://www.seifried.org/lasg/installation/).
>
> I tried both Debian woody-bf24 and the ISO from here:
> http://oregonstate.edu/~kveton/debian. No matter which CDR I installed
> from, the system won't boot. It says:
>
> warning: unable to open an initial console
> kernel panic: no init found. Try passing init=option to kernel
>
> If I install to a more simply partitioned system (just swap and /),
> the system boots properly.
>
> May be somebody could help? Somehow I think it could be related to
> /dev residing on it's own partition. But due to my poor understanding
> of the boot-process, I wasn't able to figure it out alone.

Don't put /dev on it's own partition. Or make sure that the device files
necessary for booting are also available on the root partition. You
will need some device files before the other file systems are mounted
(for example the device file /dev/hda5, which you need to mount /dev).
Maybe the easiest way would be to keep /dev on the root partition and
switch to devfs later. That would make it possible to keep /dev rw, and
make root ro (if you are able to deal with the other problems, like
/etc/mtab)

> Here's a quick summary of my system:
>
> MoBo: Asus P4P800-VM (i865G, ICH5), P4 Celeron@2,4 GHz, 2*512 MB
> Infineon RAM
> hda: 250 GB Maxtor IDE
> hdb: 250 GB Maxtor IDE
> hdc: NEC ND-1100A DVD+R(W)
> Additional Intel TC1000 in PCI Slot 1
>
> hda1 - 1 GB Swap
> hda2 - 2 GB /

If you put everything on seperate partitions, you don't need the root
partition to be 2 GB. You have nearly nothing except for some
directories on that file system. I keep /boot, /var, /tmp, /usr, /usr
local, /opt and /home on their own partitions, and even with /lib, /dev
and /root on the root file system, 100 MB is sufficient (unless you are
going to install dozens of kernels, because they place their drivers
in /lib/modules).

> hda3 - 100 MB /boot
> hda5 - 50 MB /dev

andreas@sirius:~$ du -hs /dev
86k /dev

> hda6 - 200 MB /lib

andreas@sirius:~$ du -hs /lib
18M /lib

In don't know if that is a good idea. On Debian some important tools
(like the standard root shell bash) are linked dynamically, and need
libraries that are located in /lib. This seems to be true for mount as
well:

andreas@sirius:~$ ldd /bin/mount
        libc.so.6 => /lib/libc.so.6 (0x4001e000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

So maybe with /lib not on the root file system, you can't even mount
/lib. Except you make sure the libraries you need are also available on
the root file system. But keeping two copies of them will make security
updates complicated.

> hda7 - 3 GB /opt
> hda8 - 500 MB /tmp
> hda9 - 3 GB /usr
> hda10 - 500 MB /var

Apt uses /var/cache/apt/archives to store downloaded archives. Depending
on the way you install your system, 500 MB for /var may be too small.

> hda11 - 500 MB /root

I don't know what you are going to use your system for, but probably you
neither need the home directory of root to be that big, nor do you need
it on a seperate partition. I only keep some configuration files for
root there (like shell configuration). Also maybe this is something
that you want on the root file system so it is available if you go to
single user mode - if it is on a separate partition, you will have to
login as root to mount root's home directory. And after installing, you
shouldn't work as root that much anyway - most normal administrative
tasks like package management/security updates can be done using sudo.

> hda12 - 10 GB /home
> hda13 - app. 230 GB /data
>
> hda2-hda13: ext3

My linux partitions:

swap 512 MB
/boot 32 MB
/ 96 MB
/var 1024 MB
/tmp 1024 MB
/usr 2048 MB
/opt 3584 MB
/usr/local 1024 MB
/home 2048 MB

The rest is used for windows and data partitions.

best regards
        Andreas Janssen

-- 
Andreas Janssen <andreas.janssen@bigfoot.com>
PGP-Key-ID: 0xDC801674
Registered Linux User #267976
http://www.andreas-janssen.de/debian-tipps.html