Re: Question about hard disk partition strategy for debian

[Martin Dickopp <martin@zero-based.org>]

"R. Armiento" <reply-debian-05@armiento.net> writes:
> Martin Dickopp wrote:
>> IMHO, the main reason for having /usr on a separate partition is that
>> it can be mounted read-only.
>
> Good point. But if you have put everything else that requires write
> access in separate partitions (eg., /var, /tmp) perhaps one can mount
> the whole '/' filesystem read-only?

I think there were attempts to make / read-only mountable, but I don't
know what the current status is.

There are some files on / which are written to during normal operations,
e.g. /etc/mtab, but it should usually be possible to create them in
/dev/shm or /var/run and symlink from /etc.

> I have never tried that, but if you mount /usr read-only to protect
> your binaries, one would think that you should want to protect your
> /bin and /sbin binaries in a similar way?

Indeed.

Martin