hi, On Mon, Nov 11, 2002 at 05:53:34PM +0100, Robert Ian Smit wrote: > OP mentioned some problems wrt to remounting file-systems. Although > the discussion that followed was very interesting, that issue and > even more so a solution, is unclear to me. > > I had to reboot a system after a security upgrade to make /usr ro. > I messed up the installation at first (issueing commands with /usr > ro and /tmp noexec), so I decided to blame myself for the reboot, > while still feeling unease at the reminiscence of the "Restart > Computer (yes/no)" syndrome. if you want to remount /usr read only, and have physical access to the machine, just going into single user mode and remounting it should do the trick, and then when you come back up into multi-user mode /usr will stay ro. if you don't, you can probably do something along the lines of - write a script that - deletes itself - remounts /usr ro - changes runlevel back to default put that in rcS.d, and then remotely tell it go into single user mode. never had to do that, but i think it'd work... --sean
Attachment:
pgpTcA5KXvos9.pgp
Description: PGP signature