Increase size for security hardened images
With the move to containers there has been an increase of demand on the /var volume. Increase the global size, as well as give more percentage to /var and reduce /root. Also fix fsck-passno setting, that was incorrectly set. Change-Id: I8d820f668ffffe5993d5fef38e0c1e8c5f5862ec Depends-On: Ib806bac815077c2508060719469b5d0f1acc0f99
This commit is contained in:
parent
b421b6129b
commit
aa19a7f92a
|
@ -19,7 +19,7 @@
|
||||||
size: 8MiB
|
size: 8MiB
|
||||||
- name: root
|
- name: root
|
||||||
flags: [ boot ]
|
flags: [ boot ]
|
||||||
size: 23G
|
size: 40G
|
||||||
- lvm:
|
- lvm:
|
||||||
name: lvm
|
name: lvm
|
||||||
base: [ root ]
|
base: [ root ]
|
||||||
|
@ -34,13 +34,13 @@
|
||||||
lvs:
|
lvs:
|
||||||
- name: lv_root
|
- name: lv_root
|
||||||
base: vg
|
base: vg
|
||||||
extents: 28%VG
|
extents: 23%VG
|
||||||
- name: lv_tmp
|
- name: lv_tmp
|
||||||
base: vg
|
base: vg
|
||||||
extents: 4%VG
|
extents: 4%VG
|
||||||
- name: lv_var
|
- name: lv_var
|
||||||
base: vg
|
base: vg
|
||||||
extents: 40%VG
|
extents: 45%VG
|
||||||
- name: lv_log
|
- name: lv_log
|
||||||
base: vg
|
base: vg
|
||||||
extents: 23%VG
|
extents: 23%VG
|
||||||
|
@ -59,7 +59,7 @@
|
||||||
mount_point: /
|
mount_point: /
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,relatime"
|
options: "rw,relatime"
|
||||||
fck-passno: 1
|
fsck-passno: 1
|
||||||
- mkfs:
|
- mkfs:
|
||||||
name: fs_tmp
|
name: fs_tmp
|
||||||
base: lv_tmp
|
base: lv_tmp
|
||||||
|
@ -68,6 +68,7 @@
|
||||||
mount_point: /tmp
|
mount_point: /tmp
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,nosuid,nodev,noexec,relatime"
|
options: "rw,nosuid,nodev,noexec,relatime"
|
||||||
|
fsck-passno: 2
|
||||||
- mkfs:
|
- mkfs:
|
||||||
name: fs_var
|
name: fs_var
|
||||||
base: lv_var
|
base: lv_var
|
||||||
|
@ -76,6 +77,7 @@
|
||||||
mount_point: /var
|
mount_point: /var
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,relatime"
|
options: "rw,relatime"
|
||||||
|
fsck-passno: 2
|
||||||
- mkfs:
|
- mkfs:
|
||||||
name: fs_log
|
name: fs_log
|
||||||
base: lv_log
|
base: lv_log
|
||||||
|
@ -84,6 +86,7 @@
|
||||||
mount_point: /var/log
|
mount_point: /var/log
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,relatime"
|
options: "rw,relatime"
|
||||||
|
fsck-passno: 3
|
||||||
- mkfs:
|
- mkfs:
|
||||||
name: fs_audit
|
name: fs_audit
|
||||||
base: lv_audit
|
base: lv_audit
|
||||||
|
@ -92,6 +95,7 @@
|
||||||
mount_point: /var/log/audit
|
mount_point: /var/log/audit
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,relatime"
|
options: "rw,relatime"
|
||||||
|
fsck-passno: 4
|
||||||
- mkfs:
|
- mkfs:
|
||||||
name: fs_home
|
name: fs_home
|
||||||
base: lv_home
|
base: lv_home
|
||||||
|
@ -100,4 +104,5 @@
|
||||||
mount_point: /home
|
mount_point: /home
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,nodev,relatime"
|
options: "rw,nodev,relatime"
|
||||||
|
fsck-passno: 2
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
partitions:
|
partitions:
|
||||||
- name: root
|
- name: root
|
||||||
flags: [ boot,primary ]
|
flags: [ boot,primary ]
|
||||||
size: 23G
|
size: 40G
|
||||||
- lvm:
|
- lvm:
|
||||||
name: lvm
|
name: lvm
|
||||||
base: [ root ]
|
base: [ root ]
|
||||||
|
@ -21,13 +21,13 @@
|
||||||
lvs:
|
lvs:
|
||||||
- name: lv_root
|
- name: lv_root
|
||||||
base: vg
|
base: vg
|
||||||
extents: 28%VG
|
extents: 23%VG
|
||||||
- name: lv_tmp
|
- name: lv_tmp
|
||||||
base: vg
|
base: vg
|
||||||
extents: 4%VG
|
extents: 4%VG
|
||||||
- name: lv_var
|
- name: lv_var
|
||||||
base: vg
|
base: vg
|
||||||
extents: 40%VG
|
extents: 45%VG
|
||||||
- name: lv_log
|
- name: lv_log
|
||||||
base: vg
|
base: vg
|
||||||
extents: 23%VG
|
extents: 23%VG
|
||||||
|
@ -46,7 +46,7 @@
|
||||||
mount_point: /
|
mount_point: /
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,relatime"
|
options: "rw,relatime"
|
||||||
fck-passno: 1
|
fsck-passno: 1
|
||||||
- mkfs:
|
- mkfs:
|
||||||
name: fs_tmp
|
name: fs_tmp
|
||||||
base: lv_tmp
|
base: lv_tmp
|
||||||
|
@ -55,6 +55,7 @@
|
||||||
mount_point: /tmp
|
mount_point: /tmp
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,nosuid,nodev,noexec,relatime"
|
options: "rw,nosuid,nodev,noexec,relatime"
|
||||||
|
fsck-passno: 2
|
||||||
- mkfs:
|
- mkfs:
|
||||||
name: fs_var
|
name: fs_var
|
||||||
base: lv_var
|
base: lv_var
|
||||||
|
@ -63,6 +64,7 @@
|
||||||
mount_point: /var
|
mount_point: /var
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,relatime"
|
options: "rw,relatime"
|
||||||
|
fsck-passno: 2
|
||||||
- mkfs:
|
- mkfs:
|
||||||
name: fs_log
|
name: fs_log
|
||||||
base: lv_log
|
base: lv_log
|
||||||
|
@ -71,6 +73,7 @@
|
||||||
mount_point: /var/log
|
mount_point: /var/log
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,relatime"
|
options: "rw,relatime"
|
||||||
|
fsck-passno: 3
|
||||||
- mkfs:
|
- mkfs:
|
||||||
name: fs_audit
|
name: fs_audit
|
||||||
base: lv_audit
|
base: lv_audit
|
||||||
|
@ -79,6 +82,7 @@
|
||||||
mount_point: /var/log/audit
|
mount_point: /var/log/audit
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,relatime"
|
options: "rw,relatime"
|
||||||
|
fsck-passno: 4
|
||||||
- mkfs:
|
- mkfs:
|
||||||
name: fs_home
|
name: fs_home
|
||||||
base: lv_home
|
base: lv_home
|
||||||
|
@ -87,4 +91,5 @@
|
||||||
mount_point: /home
|
mount_point: /home
|
||||||
fstab:
|
fstab:
|
||||||
options: "rw,nodev,relatime"
|
options: "rw,nodev,relatime"
|
||||||
|
fsck-passno: 2
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue