Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm using an embedded version of linux called white dwarf, which is based on slackware. I'm trying to mount the / filesystem as read only, but when I use:
mount -o ro,remount /
or
mount -o ro,remount /dev/hda1
I get a "device is busy" error. Also, I've tried going straight to fstab and changing the option from defaults to ro, but also with no success. After rebooting with the new fstab, I type mount and see that / is mount ro, but I can still write to it! I can change it back to rw with
mount -o rw,remount /
but it won't go back to ro at all. How can I mount this drive as read only?
Note: I have external storage that is rw if there are things that the system MUST write.
you cannot mount / as read only!!
there are certain programs in /bin and /sbin that
need to be executable in order for the system
to boot and run properly.
Can't programs still run on a read-only disk if they're not changing at all?? or does read-only mean that strictly? if so, then is there a read/execute mode? It would be nice to have a mode like this because I'm using a flash disk that has a limited number of writes and I'd like to keep it going as long as possible. I have external disk storage which is used for day-to-day stuff that is available for other stuff. Is it worthwhile to make some partitions on the external disk and drop /bin and /sbin on them?
You may want to read the FHS (Filesystem Hierarchy System) as well as the chroot howto's. The /proc, /tmp, /var, and /usr/local partitions need to be writable. The FHS guide goes into detail on which directories can be mounted readonly. The ones that need to be writable need to be mounted on a writable partition.
I don't think you can have the root partition mounted read-only since partitions are mounted under it that need to be writable. However, many of the partitions mounted under it can be. The /usr/local partition needs to be remounted writable when installing new software. You can have a separate partition for /usr/local and include a line in the fstab for it. That way, /usr can remain mounted readonly. The /proc is a pseudo file system, but to be writable by the kernel, the root partition needs to be writable. The /var partition is where the log files are written to, as well as other types of caches.
You may also want to google for 'embedded linux ram-disk'. Normally, during bootup, the partitions are first mounted read-only, with the root partition being the ramdisk 'initrd'. An option may be to retain the ram-disk as the root partition, but you'll need to do this research yourself. The chroot howto may help. I think there is also an embedded linux howto around also.
I'd be interested if you gave more infomation on what system you are using and what it is used for. Sounds like it might be interesting.
Distribution: RH 6.2, Gen2, Knoppix,arch, bodhi, studio, suse, mint
Posts: 3,304
Rep:
you can mount root as read-only but not on a fully running system. the filesystem is mounted as read-only at boot, if it is ext2, checked to see if it is clean, then if it is, it is remounted read-write. reiserfs cannot be mounted read-only, i think. a lot of software
needs to be able to write to the drive to run.
Since the logs in /var/cache are written to quite frequently, you may want to make sure they are either written to a hd or sent to a logging host rather than written to flash memory. Using a dedicated logging host connected directly to the computer is a security method I read about. The logging host may be connected directly to the computer sending the logs, rather than having a connection on the network switch. This makes it harder for hackers to cover their tracks, and reveals which files where comprimised. Look for the syslog or syslog.conf man page for information. There may be some programs running that can't be configured or able to log events via syslog however.
Since you are using an embedded system, I assume you might be using it as a gateway or router. If that is the case, consider having the root partition, and writable partitions in ramdisk, and the read-only partitions like /bin /usr /sbin /etc on the flash drive.
I want to hard drive to be read-only to reserve the onboard flash hard drive as long as possible, which has a limited number of writes. Setting up a ramdisk might not be the easiest option for me, since i have limited amount and i'd like to keep it available for computation, since i need data and control in realtime. right now, im taking a look at FHS. is it universal across all linuces? more importantly, is slackware compliant with it? (since thats what my bare bones version is based on)
i tried moving /sbin /bin /etc to partitions on the external storage, but that did not solve the problem.
Distribution: Slackware 9.1 but FUBAR with packages I compile myself, and OpenBSD (not exactly a distro) on QEMU
Posts: 153
Rep:
Well,
1. read-only doesn't mean no-execute
2. a filesystem can be mounted read-write, under the directory tree of a read-only filesystem (try it )
3. yes, logs can be redirected, or not made at all
4. since you are developing an embedded system, why not take a step further and customize everything you can? No need to stick to FHS
I don't think Slackware is FHS-compliant, but as I said before, you might as well customize everything to get a very small footprint and a realtime system
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.