Hi! I'm not satisfied with my partition layout, so I'm considering
changing it. It currently looks like this (/dev/sda and /dev/sdc are
SSDs, /dev/sdb is HDD):
$ lsblk -A -o NAME,MODEL,SIZE,FSUSED,MOUNTPOINT,FSTYPE
NAME MODEL SIZE FSUSED MOUNTPOINT FSTYPE
sda Samsung SSD 850 120GB 111,8G
├─sda1 128M 36M /boot vfat
├─sda2 45G 40,1G / ext4
└─sda3 66,7G 50,5G /home xfs
sdb SAMSUNG HM321HI 298,1G
└─sdb1 298,1G 13,1G /mnt/storage ext4
sdc Micron_1100_MTFDDAK256TBN 238,5G
promise_fasttrack_raid_member
├─sdc1 39,1G 27,3G /var xfs
└─sdc2 199,4G 144,5G /home/cyber xfs
It's currently full of ugly workarounds: at least 20G belong in /var
rather than /home.
My wishes for the new layout are:
* Encrypted /home partition. The rest of the system should stay
unencrypted so it could be restarted by someone else without my
intervention.
Though if /home is not decrypted right after reboot, it will lead to
failed mail delivery to maildirs, until I decrypt it.
* Flexibility. I don't want to face this ugly situation again.
If I had only one disk, I'd just make one big root partition. But
there are two SSDs, and I could need more than the smallest (111,8G)
disk allows to fit. I could combine them into singe logical partition
using LVM.
If I decide to proceed with LVM, XFS will be a bad choice because it
cannot be shrinked. So I'll need a different filesystem, like ext4,
Btrfs or maybe even ZFS?
Booting without initramfs will not be possible anymore, so I'll likely
need more disk space (how much?) for /boot, which can not be a logical
partition if I wish to continue using EFI stub kernels.
And the last question: is there point in Secure Boot without FDE?
