FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User
Reload this Page Is it possible to setup read-only root ?

 
 
LinkBack Thread Tools
 
Old 07-01-2012, 05:01 PM
John Wendel
 
Default Is it possible to setup read-only root ?
Is it possible to setup Fedora, using Fedora provided tools/software,
with a read-only root partition?


There's an ancient wiki entry from the FC6 days that indicates that some
work was done, but I would assume that this depended on the SysV init
system. I've haven't seen any mention of read-only root setup with systemd.


Any clues would be greatly appreciated.

Thanks,

John
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 07-01-2012, 05:08 PM
Joe Zeff
 
Default Is it possible to setup read-only root ?
On 07/01/2012 10:01 AM, John Wendel wrote:

Is it possible to setup Fedora, using Fedora provided tools/software,
with a read-only root partition?

There's an ancient wiki entry from the FC6 days that indicates that some
work was done, but I would assume that this depended on the SysV init
system. I've haven't seen any mention of read-only root setup with systemd.

Any clues would be greatly appreciated.



If I'm not mistaken, /var needs to be on that partition and needs to be
writable. If so, then you can't have a read-only root partition. And,
just so we all know where we're going here, why would you want to?

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 07-01-2012, 05:11 PM
Reindl Harald
 
Default Is it possible to setup read-only root ?
Am 01.07.2012 19:08, schrieb Joe Zeff:
> On 07/01/2012 10:01 AM, John Wendel wrote:
>> Is it possible to setup Fedora, using Fedora provided tools/software,
>> with a read-only root partition?
>>
>> There's an ancient wiki entry from the FC6 days that indicates that some
>> work was done, but I would assume that this depended on the SysV init
>> system. I've haven't seen any mention of read-only root setup with systemd.
>>
>> Any clues would be greatly appreciated.
>>
>
> If I'm not mistaken, /var needs to be on that partition and needs to be writable.

it is not uncommon to have /var on a own partition

> If so, then you can't have a
> read-only root partition.

it works, but be really carefull

> And, just so we all know where we're going here, why would you want to?

in theory more security

imagine a root-exploit changing a system binary
much more difficult if the rootfs is readonly


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 07-01-2012, 05:23 PM
John Wendel
 
Default Is it possible to setup read-only root ?
On 07/01/2012 10:11 AM, Reindl Harald
wrote:





Am 01.07.2012 19:08, schrieb Joe Zeff:


On 07/01/2012 10:01 AM, John Wendel wrote:


Is it possible to setup Fedora, using Fedora provided tools/software,
with a read-only root partition?

There's an ancient wiki entry from the FC6 days that indicates that some
work was done, but I would assume that this depended on the SysV init
system. I've haven't seen any mention of read-only root setup with systemd.

Any clues would be greatly appreciated.




If I'm not mistaken, /var needs to be on that partition and needs to be writable.



it is not uncommon to have /var on a own partition



If so, then you can't have a
read-only root partition.



it works, but be really carefull



And, just so we all know where we're going here, why would you want to?



in theory more security

imagine a root-exploit changing a system binary
much more difficult if the rootfs is readonly







Extra security is certainly a plus. My main reason for wanting to
run a read-only root it to avoid wearing out the consumer grade
compact flash card that I'm using as my root device (yes, I'm
cheap).



Regards,



John







--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 07-01-2012, 05:25 PM
Reindl Harald
 
Default Is it possible to setup read-only root ?
Am 01.07.2012 19:23, schrieb John Wendel:
> On 07/01/2012 10:11 AM, Reindl Harald wrote:
>>
>> Am 01.07.2012 19:08, schrieb Joe Zeff:
>>> On 07/01/2012 10:01 AM, John Wendel wrote:
>>>> Is it possible to setup Fedora, using Fedora provided tools/software,
>>>> with a read-only root partition?
>>>>
>>>> There's an ancient wiki entry from the FC6 days that indicates that some
>>>> work was done, but I would assume that this depended on the SysV init
>>>> system. I've haven't seen any mention of read-only root setup with systemd.
>>>>
>>>> Any clues would be greatly appreciated.
>>>>
>>> If I'm not mistaken, /var needs to be on that partition and needs to be writable.
>> it is not uncommon to have /var on a own partition
>>
>>> If so, then you can't have a
>>> read-only root partition.
>> it works, but be really carefull
>>
>>> And, just so we all know where we're going here, why would you want to?
>> in theory more security
>>
>> imagine a root-exploit changing a system binary
>> much more difficult if the rootfs is readonly
>>
> Extra security is certainly a plus. My main reason for wanting to run a read-only root it to avoid wearing out the
> consumer grade compact flash card that I'm using as my root device (yes, I'm cheap)

even if it works - you have ALWAYS to remember remount it rw
on any yum-update - i personally would not do it because
of some hardware

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 
Old 07-01-2012, 05:26 PM
Joe Zeff
 
Default Is it possible to setup read-only root ?
On 07/01/2012 10:11 AM, Reindl Harald wrote:

it is not uncommon to have /var on a own partition


I thought that there were things in /var that the system needed before
the rest of the filesystem was mounted. Looks like I was wrong. Thanx,
Reindl, for the correction.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
 

Thread Tools




All times are GMT. The time now is 01:39 AM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org

Contact Us - Linux Archive - Archive - Top -