Slashdot Mirror

← Back to Stories (view on slashdot.org)

Securing Linux Production Systems

Posted by timothy on from the checklist-of-checklists dept.

robyannetta writes "Securing Linux Production Systems: A Practical Guide to Basic Security in Linux Production Environments is a practical step-by-step guide for securing Linux production systems. It shows how to meet basic security requirements for Linux systems that need to pass security audits. If you have been assigned to come up with a corporate Linux Security Standard, then you should definitely read on."

1 of 30 comments (clear)

  1. Re:/ and /boot by Meetch · · Score: 2, Informative
    I'm not sure about before LVM, but now it's in...

    While I'm sure with enough fiddling it can be done, /boot generally doesn't like living in an LVM filesystem. The main reason for that would be the boot loader needs to load extra and interpret the metadata to figure out where the initrd you want is loaded from. I imagine most distros simply won't let you put /boot on a logical volume because it requires too much extra.

    I did manage to get /boot to live happily on a software RAID1 mirrored partition - this was based on a RH 7.3 build, but RedHat won't do that for you by default (do any?).

    Of course, it's not such a problem with proper enterprise storage (but you still can't put boot on an LV, as a rule)...