• tmps and swap

    From =?iso-8859-1?q?G=FCnther?= Schwarz@1:0/0 to All on Tue Feb 7 21:50:53 2012
    Any hints on how to prevent a tmpfs file system to be written to the swap partition? Other than omitting a swap partition completely, of course. I
    do not want some files to end up on the hard disk.

    G]ther

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From Lew Pitcher@1:0/0 to All on Tue Feb 7 22:15:55 2012
    Reply-To: lew.pitcher@digitalfreehold.ca

    On Tuesday 07 February 2012 15:50, in comp.os.linux.security, strap@gmx.de wrote:

    Any hints on how to prevent a tmpfs file system to be written to the swap partition? Other than omitting a swap partition completely, of course. I
    do not want some files to end up on the hard disk.

    I'm afraid that you can't do that.

    To quote /usr/src/linux/Documentation/filesystems/tmpfs.txt
    "Since tmpfs lives completely in the page cache and on swap, all tmpfs
    pages currently in memory will show up as cached."

    tmpfs lives in cache and swap. There are no tmpfs tuning parameters to
    prevent tmpfs pages from being written to swap (mount(8) only lists size=, nr_blocks=, nr_inodes, and mode= (initial permissions) ), tmpfs will be
    written to swap, with the same rules as any other cache.

    Sorry
    --
    Lew Pitcher


    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From Richard Kettlewell@110:300/1.1 to All on Tue Feb 7 23:40:48 2012
    G]ther Schwarz <strap@gmx.de> writes:
    Any hints on how to prevent a tmpfs file system to be written to the swap partition? Other than omitting a swap partition completely, of course. I
    do not want some files to end up on the hard disk.

    Encrypted swap, with a throwaway key generated on boot?

    --
    http://www.greenend.org.uk/rjk/

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: Anjou (110:300/1.1@linuxnet)
  • From =?iso-8859-1?q?G=FCnther?= Schwarz@1:0/0 to All on Wed Feb 8 00:01:14 2012
    Lew Pitcher wrote:

    On Tuesday 07 February 2012 15:50, in comp.os.linux.security,
    strap@gmx.de wrote:

    Any hints on how to prevent a tmpfs file system to be written to the
    swap partition? Other than omitting a swap partition completely, of
    course. I do not want some files to end up on the hard disk.

    I'm afraid that you can't do that.

    To quote /usr/src/linux/Documentation/filesystems/tmpfs.txt
    "Since tmpfs lives completely in the page cache and on swap, all tmpfs
    pages currently in memory will show up as cached."

    Thanks a lot for the clarification. So this is how I did suspect it to
    be. I will have to live with a small risk. No risk, no fun.

    G]ther

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From =?iso-8859-1?q?G=FCnther?= Schwarz@1:0/0 to All on Wed Feb 8 00:01:48 2012
    Richard Kettlewell wrote:

    G]ther Schwarz <strap@gmx.de> writes:
    Any hints on how to prevent a tmpfs file system to be written to the
    swap partition? Other than omitting a swap partition completely, of
    course. I do not want some files to end up on the hard disk.

    Encrypted swap, with a throwaway key generated on boot?

    Do you have a link on a howto for that? I need unassisted boot up, so
    typing a password at boot time is not an option.

    G]ther

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From Pascal Hambourg@110:300/1.1 to All on Wed Feb 8 00:34:56 2012
    Reply-To: pascal.news@plouf.fr.eu.org

    Hello,

    G]ther Schwarz a Drit :
    Any hints on how to prevent a tmpfs file system to be written to the swap partition? Other than omitting a swap partition completely, of course. I
    do not want some files to end up on the hard disk.

    You can use ramfs instead of tmpfs. But the drawback is that you cannot
    limit the size. See Documentation/filesystems/ramfs-rootfs-initramfs.txt

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: Plouf ! (110:300/1.1@linuxnet)
  • From Stachu 'Dozzie' K.@110:300/1.1 to All on Wed Feb 8 10:18:08 2012
    On 2012-02-07, G]ther Schwarz <strap@gmx.de> wrote:
    Richard Kettlewell wrote:

    G]ther Schwarz <strap@gmx.de> writes:
    Any hints on how to prevent a tmpfs file system to be written to the
    swap partition? Other than omitting a swap partition completely, of
    course. I do not want some files to end up on the hard disk.

    Encrypted swap, with a throwaway key generated on boot?

    Do you have a link on a howto for that? I need unassisted boot up, so
    typing a password at boot time is not an option.

    http://www.google.com/search?q=encrypted+swap+linux+howto

    --
    Secunia non olet.
    Stanislaw Klekot

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: solani.org (110:300/1.1@linuxnet)
  • From =?iso-8859-1?q?G=FCnther?= Schwarz@1:0/0 to All on Thu Feb 9 22:51:12 2012
    Stachu 'Dozzie' K. wrote:

    On 2012-02-07, G]ther Schwarz <strap@gmx.de> wrote:
    Richard Kettlewell wrote:

    G]ther Schwarz <strap@gmx.de> writes:
    Any hints on how to prevent a tmpfs file system to be written to the
    swap partition? Other than omitting a swap partition completely, of
    course. I do not want some files to end up on the hard disk.

    Encrypted swap, with a throwaway key generated on boot?

    Do you have a link on a howto for that? I need unassisted boot up, so
    typing a password at boot time is not an option.

    http://www.google.com/search?q=encrypted+swap+linux+howto

    This is interesting, thanks a lot. The swap partition set up with a key
    from /dev/urandom might well solve some other issues related to the swap partition. I will give it a try.

    G]ther

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From =?iso-8859-1?q?G=FCnther?= Schwarz@1:0/0 to All on Thu Feb 9 22:51:14 2012
    Pascal Hambourg wrote:

    G]ther Schwarz a Drit :
    Any hints on how to prevent a tmpfs file system to be written to the
    swap partition? Other than omitting a swap partition completely, of
    course. I do not want some files to end up on the hard disk.

    You can use ramfs instead of tmpfs. But the drawback is that you cannot
    limit the size. See Documentation/filesystems/ramfs-rootfs-initramfs.txt

    An interesting option also. But it might be too easy for an user to fill
    the memory completely. I will first try with an encrypted swap with a key
    form /dev/urandom as suggested by Stachu.

    G]ther

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: The Kofo BBS MBSE - telnet://fido1.kofobbs.ne
  • From Alexander Schreiber@110:300/1.1 to All on Thu May 31 21:52:45 2012
    G]ther Schwarz <strap@gmx.de> wrote:
    Lew Pitcher wrote:

    On Tuesday 07 February 2012 15:50, in comp.os.linux.security,
    strap@gmx.de wrote:

    Any hints on how to prevent a tmpfs file system to be written to the
    swap partition? Other than omitting a swap partition completely, of
    course. I do not want some files to end up on the hard disk.

    I'm afraid that you can't do that.

    To quote /usr/src/linux/Documentation/filesystems/tmpfs.txt
    "Since tmpfs lives completely in the page cache and on swap, all tmpfs
    pages currently in memory will show up as cached."

    Thanks a lot for the clarification. So this is how I did suspect it to
    be. I will have to live with a small risk. No risk, no fun.

    Well, you could
    - use RAM disk instead
    - encrypt swap with a random key (set up freshly from /dev/urandom
    at every boot and not stored anywhere)

    Kind regards,
    Alex.
    --
    "Opportunity is missed by most people because it is dressed in overalls and
    looks like work." -- Thomas A. Edison

    --- MBSE BBS v0.95.13 (GNU/Linux-x86_64)
    * Origin: Not much. (110:300/1.1@linuxnet)