[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: devel files and libraries in /lib

On 2011-01-05 08:46 +0100, Mike Hommey wrote:

> On Wed, Jan 05, 2011 at 03:29:08AM +0100, Michael Biebl wrote:
>> 
>> Nice write-up, you raise many good points I agree with.
>> 
>> Just a small remark:
>> 
>> On 05.01.2011 01:25, Roger Leigh wrote:
>> 
>> > 2) /usr is mounted read-only for security and safety
>> > 
>> >    Mounting /usr read-only is common practice; I even do this myself
>> >    with apt-get configured to remount read-write when changes are made
>> >    and then remount read-only afterwards.
>> 
>> This can easily be achieved using a bind mount, without requiring /usr being a
>> separate partition.
>> 
>> mount --bind /usr /usr
>> mount -oremount,ro /usr
>
> It requires a recent kernel, though. IIRC, Lenny kernels don't support
> readonly bind mounts.

They do, readonly bind mounts were introduced in Linux 2.6.26:

http://kernelnewbies.org/Linux_2_6_26#head-84b0b94f54cc4be3dd955b16a41cab633d11645b

Sven
Reply to: