[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: file system with no gratuitous writes?
On 02.01.2011 22:42, Steven Bellovin wrote:
> I'm building a compact flash-based system for a Soekris box.
> I'd like to set it up so that there are no write operations that
> are not specifically initiated by the administrator. That is, if
> I modify a configuration file, of course that should be flushed to
> disk; however, I don't want writes at any other time, such as
> rewriting the superblock every 30 seconds. Is there some way I can
> do it?
> In an older instance of this system, the disk was mounted read-only;
> I'd mount it read-write to updated it, flush the buffer cache, then
> remount it read-only. On 5.0 and later, however (and as has been
> discussed ad nauseum), that is no longer supported. The next
> possibility is to have some way to mount the file system so there are
> no such writes. Specifying noatime will certainly help -- but is that
> enough? (Log files and such use tmpfs, so they're not a problem.)
> I've also thought about mounting /var/db as a FAT file system -- would
> that do the trick? Any other suggestions?
Apart mounting /dev, /etc, and /var via mfs mounts (I use this for NFS
root read-only mounts, and works quite nicely), one possibility I can
think of (albeit very impractical) would be to select the file systems
you want to be "administratively writable at a specific time", mirror
them in hierarchy that you only know of, and mount_null it in the right
$ mount_null -o ro /null_mounts/usr/ /usr/
Makes it read only, but you can still modify the files if you do it via
/null_mounts, in case of updates.
Happy new year!
Main Index |
Thread Index |