>If both of your /tmp/rw and / exist on the same filesystem, then I'd >recommend you to mount tmpfs to /tmp/rw. Aufs will not complain when two >filesystems are different. > > >J. R. Okajima
Thank you! That seems to work. But I still think that that option would be better. Tmpfs puts everything in RAM, and for big applications it may be a lot of RAM. >Wrong tool. Sounds like you want Linux-VServer, not auFS - - > >That way you can 'jail' anything from a single application to >an entire Linux distribution. > >It also supports immutable links with CoW breaking - allowing >you to have whatever you want on the 'main' file system visible >in the 'jail context' and the only things present will be the >changed files. > >Ref: >http://linux-vserver.org/Welcome_to_Linux-VServer.org >You can use the 'experimental' link or the table on that page, or: >http://vserver.13thfloor.at/Experimental/ >and page-down (a lot) - the newest stuff is at the bottom of page. > >Don't be put off by the word 'Experimental' - - >Their idea of 'Experimental' puts some projects idea of 'Stable-Mature' >to shame. ;) > >Mike Yes, I know that it may not be the best tool. I want to do exactly this: http://klik.atekon.de/wiki/index.php/Virtualization_Options. There is that "Plash" which seems to have almost no documentation, and VServer, which is used by the OLPC project for the same purpose. However, my first idea was to use Union FS or aufs to prevent filesystem modification, which would prevent 99% of applications from modifying the system, and then perhaps AppArmor to prevent the rest. Vserver seemed a little too much, considering that it needs a modified kernel and such, but maybe I'll reconsider it. ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com
