Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
Other/General Certifications
/usr directory
NightShade03
I am reading through the LPI book and they talk about placing the /usr directory on a seperate partition. This I can understand. They also recommend mounting it as a read-only filesystem. While this makes sense I have noticed that on the Ubuntu servers that I use there are a few programs that all install to the /usr directory. Is Ubuntu one of the distros that strays from the norm? I have seen in the RHCE books they talk about applications installing to /opt but that directory is empty on my servers.
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
dynamik
I think it comes down to personal preference more than anything.
Here's an awesome guide for the Linux Filesystem Hierarchy:
Filesystem Hierarchy Standard
Forsaken_GA
linux in general is going to put the majority of executables in /usr/bin or /usr/sbin, depending on the type it is. Anything you compile will generally go into /usr/local, and that's the preferred convention, as it helps differentiate between system installed software, and user installed software.
The Unix file system hierarchy is something that's been in constant debate, everyone has their own opinion, and everyone has their own conventions. I personally don't like putting /usr on it's own partition, because it means I invariable oversize or undersize it's partition, and that creates other problems. Consequently, this also means I don't mount it read only, which is fine, because Ubuntu updates often enough that having to remount it read,write would just get on my freaking nerves.
LinuxG33k
I agree with forsaken_ga, in theory having /usr be a seperate partition mounted readonly would be a good practice. In reality even production systems are updated to often to mount /usr readonly, having to do a remount before running updates is a pain.
Also, I've seen instances where certain software packages(plesk, ensim) while performing their updates, on a system that has /usr readonly, will bork out leaving the entire package unusable.
Some security guides mention setting the immutable attribute recursively for /usr. That's just as bad since no one thinks to list attributes when a package update fails.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
