[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Secure rsync setup, bind-mount ro

On Monday, 2006-12-18 at 13:48:54 +0100, Dariush Pietrzak wrote:
> > filesystems into the chroot you want to rsync. Since Linux does not
> > support read-only loopback mounts, this leaves them open not only for
> > reading but also for writing...
>  It does support read-only bind mounts though.

Sorry, coming from a Solaris background, I tend to say loopback mounts
when I mean bind mounts. No, they are just an aliasing mechanism.

debian:~# uname -r
debian:~# mount -o bind,ro /tmp /mnt
debian:~# touch /mnt/foo
debian:~# ls -l /mnt/foo
-rw-r--r-- 1 root root 0 2006-12-18 16:44 /mnt/foo
lupe@debian::~$ touch /mnt/bar
lupe@debian::~$ ls -l /mnt/bar
-rw-r--r-- 1 lupe lupe 0 2006-12-18 16:45 /mnt/bar

No cigar...
Lupe Christoph

PS: Linux loopback mounts *can* be ro.
PPS: It might be possible to mount the same device multiple times with
     different options (rw vs. ro). I never tried it, and I don't want to
     crash my machine now ;-)
| You know we're sitting on four million pounds of fuel, one nuclear     |
| weapon and a thing that has 270,000 moving parts built by the lowest   |
| bidder. Makes you feel good, doesn't it?                               |
| Rockhound in "Armageddon", 1998, about the Space Shuttle               |

Reply to: