Help answer threads with 0 replies.
Go Back > Blogs > zeebra
User Name


Rate this Entry

A word on partitioning and permissions (for newbies)

Posted 09-06-2019 at 08:53 AM by zeebra

Unless you are completely new to GNU/Linux and/or have no idea what you are doing, ALWAYS use 1. manual partition setup when installing a distro! If you don't you have absolutely no control over what happens, you learn nothing, you (probably) end up with a bad setup and you can't plan for persistence. Besides that, auto-partitioning will usually whipe your whole disk!

There are other setups as well across various distroes, don't use these! MANUAL PARTITIONING IS WHAT YOU WANT. It's NOT DIFFICULT to learn and once you learn it, it is so easy and give you so much more control over what you are doing that the cost/reward is just ridiculous. You'll regret not using manual partitioning! ALWAYS USE MANUAL PARTITION SETUP. Unless it is your first time installing GNU/Linux, and even then, you should (try/)use manual partition setup.

Here are a few reasons for that:
- Persistent partitions
- Easy distro upgrade/reinstall (only root partition need to be changed)
- Multiple distroes on multiple partitions
- Various multiboots (without deleting something like Windows by accident)

The list actually goes on, but these are some of the most important ones. /boot and /home are other important ones! Especially /home for most people, but also /boot for some people. This goes in regards to GENERAL use, not special use. There are other norms regarding mounting parts of the filesystem on a seperate partition, and a few examples can be mentioned that I wount necessarily go into details about: /usr, /tmp, /opt, /var and swap.
Now some of those can be put on a separate partition for the purpose of security, especially in combination with disk options like nodev, noexec, nosuid and encryption. And also dropping swap on modern computers with alot of ram.

We don't need to worry about that now, some might want to use some of those options, but MOST people should want to manually partition their disk due to /home. On my last computer /home existed from pretty much beginning to end, despite trying various distroes, reinstalling some distroes and upgrading distroes from disk. It would have been alot worse to do these things if I needed to handle/backup /home every time. Besides, continuing to use the same /home will also allow you to keep your desktop settings amongst others, which relieves the annoyance of always having to go into the settings with every install and do the same settings over and over again.

This is a persistent /home, and it is possible and easy due to manual partition setup, even as an encrypted partition, but especially then actually. I have some more complex setups in regards to /home, but let's keep it simple for now. If you ONLY have root(/) partition and /home partition this is the easiest, but it will work the same also with multiple root(/) partitions and a windows partition as well.

If you install a new distro/reinstall or update, you simply USE but NOT FORMAT /home. If your /home is encrypted most often you will just need to use and set the mount point, but it could be you need to edit /etc/crypttab to make it work properly. Root is the ONLY partition you need to format, regardless of how many other partitions you have, and this is the whole point. Everything else can stay persistent. If you have multiple distroes and perhaps a /opt this can be very handy as well.

ALWAYS USE MANUAL PARTITION SETUP and ONLY format root(/) during the process, always USE && set mountpoints of all other partitions you want used by your newly installed distro, especially /home, but NEVER format these.

If you do this and do it right, you will make your GNU/Linux life alot easier for many reasons. But additionally it is always good advice to backup your /home content to an external disk or some other backup system. I've never had an accident with /home in the many years that I have been using this kind of setup. I always use the same /home, all the stuff and settings is always there and ready to be used by any distro that I may have. For desktop use this can be very nice, but in some cases it can also create some setting issues or bugs, these can be cleared out by editing/deleting the correct content in some of the hidden folders on /home/user. I will not write anything about that now, it is an exception rather than the norm. Even across different versions of KDE settings carry across very well with minimal issues. I assume the same goes for other desktops. But IF the situation arises that it doesn't, it is possible to quite easily fix it.

PS. Never touch the EFI partition unless you are a super expert

Now where does 2. permissions come into this? It comes into it alongside persistence and clever /home and user/group management and manual partitioning and proper use of /home. Some distroes choose different standard UID and GID which is what permissions are based on (not username). Furthermore it is easier to secure and isolate your /home environment using a smart UID and GID setup, a persistent setup which is easy to manage. There are several cases where this can be useful:
- Guarantee correct permissions and access across distroes and installations
- Restricting access to parts of /home
- Granting access to parts of /home
- Avoiding UID and GID conflicts between distroes
- Granting and narrowing access to various folders (/home and others)
- Separating private and non-private data

So, an example is private and non-private files and backing up important data. This split is important. Keep private data on your /home/user and keep your non-private data elsewhere on /home. This way you can easily backup your IMPORTANT data from /home/user without having to backup tons of gigabytes of non important data like music or video files, or even private pictures (can be backed up in a secondary backup process). This basically implies keeping /home/user small to make backups small and fast. You can even double backup, a live backup and a compressed backup since it is not likely to take much space. In an ideal scenario, if it applies, you can also separate confidential data into a separate user1 and a separate /home/user1, and maybe other users for things like work or sensitive stuff.

Managing permissions on /home in a clever way which is easy to remember is very easy! You only really need to always choose persistent UID and GID and set the right permissions. I use persistent usernames with persistent groups with persistent UID and GID. This way I can separate a bit between activities and keep all my data accessible in a smart way on /home and my backup disks. For "normal use" it is merely an issue of always selecting the same UID and GID for your user when you install and setup your distro. Your files on /home will always have the right permissions due to always having the same UID and GID and you can tweak different permissions on your /home spaces based on these UID and GID. Doing the same with usernames can be hopeless and annoying. It's that easy!

To make it even easier, make the UID and GID easy to work with. Select numbers that you can easily remember and always use those numbers! This way of doing things is not to make some secure environment, it's just to make is easily manageable, and with that if you do it right and extend the scheme things CAN be more secure and backups should be far easier!

Making a manageable and persistent /home environment is easy, and it's about two things only. Manually partitioning your disks and manually setting UID and GID. This could and should be done during the installation of your distro. But no worries, it can also be done manually after installation. Additionally you SHOULD familiarise yourself with the
chmod, chown, chgrp, usermod & groupmod
in addition. These can handle pretty much everything you need in regards to setting correct permissions, UID, GID at any time.

In regards to things like music and video and stuff, I like to "share" these on /home rather than share them through /home/user. These files are not essential for me, just convenience. Many things can be shared there between users. I do the same with private pictures even, due to the backup situation. But I could just as well have those under /home/user, but it really depends on your backup model. I also share /home/user folder with my main user1 through a group, and I share non-private "files"(and private files) between users with a shared group (also with persistent GID).

If you set these things up correctly your /home life will be alot easier and so will your GNU/Linux life. There are various ways to expand this scheme or narrow it down. This is just the basic stuff that all newbies SHOULD learn and know. Manual partitioning and permissions should be some of the first thing a GNU/Linux newbie should familiarize themselves with, and doing it in this way or some similar way could be a way to get into it and make your future life easier from the very beginning. The same goes in regards to backup and "external disks" in regards to UID and GID and permissions. Added to that can also be the theme of making backups immutable and thus invalidating permissions but making UID (and possibly GID) all the more relevant.
Posted in best practices
Views 617 Comments 2
« Prev     Main     Next »
Total Comments 2


  1. Old Comment
    The contradiction here is; the utter newbie does not know enough to make the choices needed when partitioning manually. I remember being a newbie and doing it manually and completely trashing everything.
    Posted 09-06-2019 at 09:34 AM by jr_bob_dobbs jr_bob_dobbs is offline
  2. Old Comment
    Well, if the disk is empty anyways, it does not hurt to try and learn the first time around. You don't break anything by trying as long as you don't touch the EFI boot.

    If you don't succeed the first time and break the boot or something, you can try again. Besides, the post is not meant for ultra newbies, but generally people who don't know these things already. It's generally more dangerous to use auto-partitioning than to fail at manual partitioning.
    Posted 09-06-2019 at 10:46 AM by zeebra zeebra is offline
    Updated 09-06-2019 at 10:49 AM by zeebra


All times are GMT -5. The time now is 01:01 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration