Re: r/o root filesystem?

To: Greg Stark <gsstark@mit.edu>
Cc: debian-devel@lists.debian.org
Subject: Re: r/o root filesystem?
From: Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de>
Date: 06 Mar 2003 18:36:45 +0100
Message-id: <[🔎] 87vfywe6s2.fsf@mrvn.homelinux.org>
In-reply-to: <[🔎] 878yvt6o0n.fsf@stark.dyndns.tv>
References: <[🔎] 878yvt6o0n.fsf@stark.dyndns.tv>

Greg Stark <gsstark@mit.edu> writes:

> I just tried to set up a router with a read-only /. This seems like it ought
> to work, since debian uses /var fairly religiously where appropriate. In fact
> it worked 95% but there are the occasional boot scripts that expect to be able
> to write into /etc and /dev. 

First use devfs. Thats better :) and solves all your /dev write
problems. Saves space as well.

Writes to /etc should afaik only be done by mount, lvm and raid tools,
which needs to update /etc/mtab, /etc/lvmtab,...

You can get away with static versions of them and link /etc/mtab to
/proc/mounts usually.
 
> I don't think policy says anything about this, but given how much effort has
> gone into putting things into /var where appropriate it seems like a shame to
> waste all that effort by not being strict about the last 5% and not reaping
> the benefit of all that work.

Somewhere policy should be saying that / and /usr can be mounted read-only.

> The files edited in /etc seem to be /etc/motd and /etc/nologin. Either we move
> these files to /var or we accept that DELAYLOGIN and EDITMOTD are implicitly
> false when / is read-only and just hide the errors with 2>/dev/null.

Thats yours to configure I guess.

> The trickier stuff are the various places that assume /dev is writable. I'm
> not sure these are all solvable. Things like xterm will never work properly if
> they can't set the owner of the pty. But it still seems odd to me that boot
> scripts are going around doing mknod and chmod on devices.
> 
> #
> #	Create mountpoint and multiplexor device.
> #
> [ -d /dev/pts ] || mkdir --mode=755 /dev/pts
> [ -c /dev/ptmx ] || mknod --mode=666 /dev/ptmx c 5 2
>
> # Set pseudo-terminal access permissions.
> #
> if [ ! -c /dev/.devfsd ] && [ -c /dev/ttyp0 ]
> then
> 	chmod 666 /dev/tty[p-za-e][0-9a-f]
> 	chown root:tty /dev/tty[p-za-e][0-9a-f]
> fi

The first works fine with devfs, the later checks for devfs which you
should be using anyway. :)

> 
> #
> # Update /etc/motd.
> #
> if [ "$EDITMOTD" != no ]
> then
> 	uname -a > /etc/motd.tmp
> 	sed 1d /etc/motd >> /etc/motd.tmp
> 	mv /etc/motd.tmp /etc/motd
> fi

MfG
        Goswin

Reply to:

References:
- r/o root filesystem?
  - From: Greg Stark <gsstark@mit.edu>

Prev by Date: Bug#183674: ITP: libtk-jpeg-perl -- JPEG loader for Tk::Photo
Next by Date: DebConf was Re: Cheap accomodation in Oslo
Previous by thread: Re: r/o root filesystem?
Next by thread: Re: r/o root filesystem?
Index(es):
- Date
- Thread