AUTHOR: Archaic AUTHOR: Oliver Brakmann DATE: 2003-09-13 LICENSE: GNU Free Documentation License http://www.gnu.org/licenses/fdl.txt SYNOPSIS: How to create a read-only root file system DESCRIPTION: A read-only root file system has many advantages over read-write when the computer unexpectedly powers off. However, some parts of the file system still need read-write access. This hint will show how to split the file system into multiple partitions to achieve data stability. PREREQUISITES: The kernel must be compiled with tmpfs (virtual memory file system) support. HINT: Warning! Serious ruin of your system may occur if you mistype something. I offer no warranty or guarantee that this will work and your data will be safe. It is recommended that you backup (and test the backup) all data before beginning. If you use tar, don't forget the -p switch. I prefer to boot with a boot CD and then manipulate the hard drive ensuring all needed data is in a static state. Also, you cannot read just the tabbed commands and succeed. You must read the paragraphs as well. This hint assumes reiser file systems. I chose reiser for its stability and journaling capabilities. Ext2/3 file systems will work as well. For you uptime junkies, you will not like the many reboots in this hint, but that's the only true way to test the boot process. Now let's begin... First, we need to partition according to our needs. The bare minimum to run a read-only rootfs is / and /var. You may want /tmp as well, but this hint assumes /tmp is on tmpfs. Optionally, /usr can be separated, but unless you are sharing /usr or want it to be read-write, then it can stay on /. Additionally, most will want a partition for /home and possibly /root. Partition size is very subjective so I will not cover it here. This hint assumes you have the ability to add at least 1 extra partition for /var. Here is my partitioning scheme: hda1 / 2GB reiserfs hda2 /var 900Mb reiserfs hda3 /home 3.1GB reiserfs Now it's time to start splitting the file systems. You have two choices currently; static dev or devfs (when the 2.6 series kernel stabilizes, devfs will be deprecated and a new virtual /dev will be available). While devfs has many potentially good qualities, I do not like the workarounds needed, the lessened stability, and the soon to be extinct nature of it. If you want devfs then read the devfs and/or devfsd hints and get it working on your system first. Then continue with this hint, skipping the "Dev" section. ### Dev ### Here, we make the transition from a hard drive-based /dev tree to a virtual one. Start by making sure /dev/pts and /dev/shm are _not_ mounted. Also switch to single user mode and make sure all daemons are shut off. If your boot scripts and symlinks are in order you can do this by simply typing 'telinit 1'. We also want to copy the device files and directories to a new location. #umount /dev/shm #umount /dev/pts #telinit 1 #cd / #cp -a dev .dev Next, remove all device files and directories from /dev except console, then mount a tmpfs on /dev and copy the original device files to the new /dev. #mount dev /dev -t tmpfs #cp -a .dev/* dev/ Verify that everything is in order by catting /proc/mounts or using df to see if a tmpfs is mounted on /dev, and ls /dev to make sure the files are there. Now it's time to make /dev mount at boot time. Since some of the device files are needed by init, we need to mount /dev before init runs. Create the following script: #cat >/sbin/tmpdev < /etc/mtab mount -f / && mount -f /proc && mount -f /dev ^^^^^^^^^^^^^^^^ Lastly, we modify fstab to include the mount. Though not strictly necessary (as /dev is mounted before fstab is read), it's included for a sense of completeness. Note the 'noauto' option. That is to keep the mountfs script from trying to mount it again. #cat >>/etc/fstab <>/etc/fstab <>/etc/fstab <