Re: Secure rsync setup, bind-mount ro
On Monday, 2006-12-18 at 13:48:54 +0100, Dariush Pietrzak wrote:
> > filesystems into the chroot you want to rsync. Since Linux does not
> > support read-only loopback mounts, this leaves them open not only for
> > reading but also for writing...
> It does support read-only bind mounts though.
Sorry, coming from a Solaris background, I tend to say loopback mounts
when I mean bind mounts. No, they are just an aliasing mechanism.
debian:~# uname -r
debian:~# mount -o bind,ro /tmp /mnt
debian:~# touch /mnt/foo
debian:~# ls -l /mnt/foo
-rw-r--r-- 1 root root 0 2006-12-18 16:44 /mnt/foo
lupe@debian::~$ touch /mnt/bar
lupe@debian::~$ ls -l /mnt/bar
-rw-r--r-- 1 lupe lupe 0 2006-12-18 16:45 /mnt/bar
PS: Linux loopback mounts *can* be ro.
PPS: It might be possible to mount the same device multiple times with
different options (rw vs. ro). I never tried it, and I don't want to
crash my machine now ;-)
| You know we're sitting on four million pounds of fuel, one nuclear |
| weapon and a thing that has 270,000 moving parts built by the lowest |
| bidder. Makes you feel good, doesn't it? |
| Rockhound in "Armageddon", 1998, about the Space Shuttle |