How can I mount the boot filesystem in read only?

Forum: HD Install
Topic: How can I mount the boot filesystem in read only?
started by: xmrkite

Posted by xmrkite on Oct. 26 2006,04:46

Hello. I want to have it so that the user can simply just power off the linux box without there being any problems.

Now I'm new to linux, so correct me if I'm wrong, but I believe I need to do this:

/dev/hda1 - swap partition
/dev/hda2 - linux OS partition (DSL Linux)
/dev/hda3 - User account partition (/home/dsl)

I want /dev/hda2 to be read only and the user "dsl" would be able to save all his stuff to /dev/hda3 aka /home/dsl or something like that.

How can i do it so that when root logs in, he can read and write to the filesystem (install programs, change settings, all that good stuff)?

If this is not possible, what are my options (and how) for making the entire /dev/hda2 partition read-only?

-Thanks

Posted by ^thehatsrule^ on Oct. 26 2006,13:33

What type of installation are you going to do your hard drive?

If you do a frugal, all you have to do is remove the "frugal" line from the bootloader to mount the partition that the DSL image is on as RO by default. Using "toram" as well might be even better if you just want it in your volatile memory. Of course root could still mount it as rw. Just a note: usually a non-root user can only write to /home and /tmp anyways (user 'dsl' has sudo access by default however).

Use the bootcode home= (in your example, this would be hda3) to mount /home on it.

I suppose for a "traditional" hd-install, you can modify fstab to make the root partition RO.

Posted by xmrkite on Oct. 26 2006,15:04

Hello, where do i go to make those changes though? And also, if the entire partition is read only to the dsl user, will i be able to just unplug the laptop (an oldie but a goodie) and not worry about data loss on the hda2 partition (the OS and programs)?

Also, it's a standard HD install.
-Thanks

Posted by ^thehatsrule^ on Oct. 26 2006,18:53

Not using a frugal, but a "traditional"?
fstab is located in /etc

Just a question: if you unplug the laptop, doesn't the battery go active?
Anyways, I don't know about turning things suddenly off. I hear it's okay to do it when it's RO, but personally I don't do that for any mounted drive.

Posted by xmrkite on Oct. 27 2006,05:27

Hey again. A few things.
1. Laptop has no battery (dead)
2. I'm find doing either a Frugal or a traditional install. I did traditional cause I thought it'd be faster, haven't tried the frugal yet. (what's your opinion on that?)
3. Boot Loader is Lilo (never used grub before)

Now my question...If i make the filesystem read only, how can i then go back to that same filesystem which has the fstab and change it since it's now read only? Or, does it set it to read only based on the user (so root would still be read/write)? Looking at /etc/fstab, what do i change to do this? For /dev/hda2 (my root partition), it currently reads:

Quote

/dev/hda2 / ext2 defaults,errors=remount-ro 0 1
proc /proc proc defaults 0 0

Also, since the filesystem will be read only, do i need to move the /temp directory and how? (as you can tell, i'm still a newbie to linux)

-Thanks for your help. I really appreciate it.

Posted by ^thehatsrule^ on Oct. 27 2006,16:06

Merging from < http://damnsmalllinux.org/cgi-bin....29;st=0 >

2. True, traditionals load up faster - but I only use frugals (assuming that the hardware is sufficient)
3. Boot loader doesn't matter, they both work - but you won't need to add bootcodes with a trad install. You'll need to modify your lilo.conf (usually in /etc) then run lilo to write to the mbr (use -C /path/to/my/lilo.conf if it isn't the one in /etc). Advantage of grub in this case would be not needing to write to the mbr every time (stage 2 looks on some specified parition)

For your fstab questions... searching around on google might give you a more indepth picture on what you want to do exactly. If you want to change it while read-only, I guess you'd just have to remount it manually (or reboot with a livecd, etc). You can set the permissions to do what you want (umask, uid, guid may be helpful here).

I suppose you mean /tmp - is it listed anywhere under `mount`? If not, you can either use something like mounting /tmp on tmpfs/none on startup, or change the TMPDIR env var around to point it to a rw possible mountpoint.