[lug] The issues of separate /home partitions, or maybe just freedesktop/SuSE problems?

[Bear Giles]

On 3/19/2009 3:28 PM, Chris Riddoch wrote:
> I once heard the advice of using separate partitions for /home in
> order to ease upgrades - the / partition can be wiped and reinstalled
> from scratch, and the personal data on /home is unaffected by a fresh
> install.  It seemed like a great idea.  I'm wondering, though, if this
> might be responsible for some really broken behavior.
>    
Elaborating on this slightly, there's actually several good reasons for 
this:

1) you can keep /home through wipes.  The same logic applies to /var/log 
(find out why the system crashed) and various services.  E.g., I have 
separate partitions for /var/lib/postgresql and /var/lib/svn (subversion 
source control).

2) you CAN'T take down the system by some rogue process that fills a 
user directory.  (This applies to the other partitions as well.)

3) you can mount /home as nodev, nosuid and even noexec, closing the 
door to various abuses.  This is less important on personal systems, but 
still a good idea to block some types of malware.  (You should do the 
same on /tmp, for the same reason.)

4) you can encrypt /home without encrypting the entire filesystem.  Now 
it's more common to encrypt the entire disk but that was much harder to 
do a few years ago.

I thought there were a few other reasons for a separate /home partition, 
but they've slipped my mind at the moment.