LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Shortening the rope (around RH's neck)

Shortening the rope (around RH's neck)

Posted Apr 5, 2009 17:11 UTC (Sun) by JoeF (subscriber, #4486)
In reply to: Shortening the rope (around RH's neck) by fmarier
Parent article: Shortening the rope

Why not mount /, /bin,... read-only?
Keep everything you need to write to, e.g., /tmp, /var, on separate filesystems.
That's what I do, and it works nicely.
Of course, you could still end up deleting your home directory...

(Log in to post comments)

Shortening the rope (around RH's neck)

Posted Apr 7, 2009 13:44 UTC (Tue) by hmh (subscriber, #3838) [Link]

You need /etc to be RW, and you need that very early in the boot sequence, so it traditionally has to be inside /. That's the only thing that gets in the way of mounting / RO.

accidental deletion and read-only root filesystem

Posted Apr 9, 2009 23:37 UTC (Thu) by giraffedata (subscriber, #1954) [Link]

You do have to use a rather different filesystem layout than what comes with conventional Linux to have a read-only root filesystem. I've been doing it for years, though. Sometimes it's as easy as having symbolic links from the root filesystem to a read/write filesystem, but other times it's as hard as having to modify a program to eliminate a hardcoded file name.

I also do daily automated backups. Deleting my home directory wouldn't be particularly severe for me.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds