Partitioning considerations #
OpenBSD recommends users to split their disk into multiple partitions, rather than the simple layout in for example most Linux distributions like:
The reason OpenBSD encourages users to do so is threefold:
- Security: Some of OpenBSD’s default security features rely on filesystem mount options such as nosuid, nodev, noexec, or wxallowed. Having multiple mount points allows for a more fine grained application of those options.
- Stability: A user or a misbehaved program can use up all available space on the partition. If the misbehaving program is using a different partition than the core application of the server is using, the server should be able to continue to perform its core functions despite the misbehaviours of other programs or users on the system.
- fsck: You can mount partitions that you never or rarely need to write to as readonly most of the time, which will eliminate the need for a filesystem check after a crash or power interruption.
The OpenBSD installer is able to create the partitions automatically based on the available space. This might not be what you want but does provide a good starting point for modifications and should be fine for new OpenBSD users.
Some partitioning pointers #
- It’s recommended to have a seperate /usr/local partition because some applications need to be started from a wxallowed filesystem
- A seperate /home partition shields the system from misbehaving users who fill up their home directories without the need for quota.
- Very small partitions can cause problems during upgrades.
- A system directly connected to the internet should have a separate /var and possibly a separate /var/log as the amount of logs could fill up all available space on a partition quickly.
- Compiling some ports from source can take huge amounts of space on your /usr and /tmp partitions.
Disks and Partitions #
The details of setting up disks in OpenBSD vary between platforms, so you should read the instructions in your platform’s INSTALL.
Drive Identification #
On most platforms, OpenBSD handles mass storage with two drivers:
- wd: IDE-like disks: IDE, SATA, MFM or ESDI disks, or a flash device, attached to a wdc or a pciide interface.
- sd: SCSI-like disks: Devices that utilize SCSI commands, USB disks, SATA disks attached to an ahci interface, and disk arrays attached to a RAID controller.
The devices are numbered by the order in which they are detected at boot time, starting at zero. So, the first IDE-like disk will be wd0 and the third SCSI-like disk will be sd2. Note that OpenBSD will not necessarily number drives in the same order as your boot ROM.
Partitions and Filesystems #
The term “partition” can mean two different things in OpenBSD:
- disklabel partitions, also called filesystem partitions.
- fdisk partitions, sometimes called Master Boot Record (MBR) partitions.
All OpenBSD platforms use the disklabel program as the primary way to manage filesystem partitions. On the platforms that use fdisk, one MBR partition is used to hold all of the OpenBSD filesystems. This partition can be sliced into 16 disklabel partitions, labeled a through p. A few labels are special:
- a: The boot disk’s a partition is your root partition.
- b: The boot disk’s b partition is usually a swap partition.
- c: The c partition is always the entire disk.
To create a new filesystem on a disklabel partition, use the newfs command:
# newfs sd2a
Thus, a device name plus a disklabel identify an OpenBSD filesystem. For example, the identifier sd2a refers to the filesystem on the a partition of the third sd device. Its device files would be /dev/sd2a for the block device and /dev/rsd2a for the raw (character) device. Remembering whether a rarely used command needs a block or a character device is difficult. Therefore, many commands make use of the opendev(3) function, which automatically expands sd0 to /dev/rsd0c or /dev/sd0c as appropriate.
Disklabel Unique Identifiers #
Disks are identified by Disklabel Unique Identifiers (DUIDs) in the fstab(5) file by default. DUIDs are 16 hex digit random numbers that are generated when a disklabel is first created. They are managed by the diskmap device. To display the DUIDs of all disks, do:
$ sysctl hw.disknames hw.disknames=wd0:bfb4775bb8397569,cd0:,wd1:56845c8da732ee7b,wd2:f18e359c8fa2522b
You can specify partitions on the disk by appending a period and the partition letter. For example, f18e359c8fa2522b.d is the d partition of the disk f18e359c8fa2522b and will always refer to the same chunk of storage, no matter what order the devices attached to the system, or what kind of interface it is attached to. If you put data on wd2d, then later remove wd1 from the system and reboot, your data is now on wd1d, as your old wd2 is now wd1. However, a drive’s DUID won’t change after boot.
Using fdisk #
The fdisk utility is used on some platforms (i386, amd64 and macppc) to create a partition recognized by the system boot ROM. Normally, only one OpenBSD fdisk partition will be placed on a disk and that partition will then be subdivided into disklabel partitions. View your partition table with:
# fdisk sd0 Disk: sd0 geometry: 553/255/63 [8883945 Sectors] Offset: 0 Signature: 0xAA55 Starting Ending LBA Info: #: id C H S - C H S [ start: size ] ------------------------------------------------------------------------ 0: 12 0 1 1 - 2 254 63 [ 63: 48132 ] Compaq Diag. 1: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused *3: A6 3 0 1 - 552 254 63 [ 48195: 8835750 ] OpenBSD
Here, the OpenBSD partition (id A6) is marked with a * to indicate that it is the bootable partition.
A totally blank disk will need to have the master boot record’s boot code written to the disk before it can boot. Normally, all you need to do is:
# fdisk -iy sd0
Alternatively, use the reinit or update commands in interactive mode.
The -e flag starts interactive editing mode:
# fdisk -e sd0 Enter 'help' for information fdisk: 1>
Beware that q saves changes and exits the program, while x exits without saving. This is the opposite of what many people are now used to in other environments. Note also that fdisk does not warn before saving the changes.
If your system has a maintenance or diagnostic partition, it is recommended that you leave it in place or install it before installing OpenBSD.
Disk Labels #
Disk labels are used to manage OpenBSD filesystem partitions. They contain certain details about your disk, such as drive geometry and filesystem information, as described in depth in the disklabel(5) man page. Use the disklabel command to edit the labels. This can help overcome some architectures' disk partitioning limitations. For example, on i386, there are only four primary MBR partitions available. With disk labels, one of these primary partitions contains all your OpenBSD partitions, while the other three are still available for other operating systems.
On platforms using fdisk, you should leave the first logical track unused, both in disklabel and in fdisk. For this reason, the default is to start the first partition at block 64.
Don’t put swap at the very beginning of your disk on sparc64. While Solaris often did that, OpenBSD requires the boot partition to be at the beginning of the disk.