here the example hooks for readonly /usr and noexec /var that should be
added to /etc/apt/apt.conf to works with apt-get/aptitude:
DPkg {
// Auto re-mounting of a readonly /usr and noexec /var
Pre-Invoke { "mount -o remount,rw /usr && mount -o remount,exec /var"; };
Post-Invoke { "test ${NO_APT_REMOUNT:-no} = yes || mount -o remount,ro /usr
&& mount -o remount,noexec /var || true"; };
};
this is slightly modified from the debian wiki:
https://wiki.debian.org/ReadonlyRoot#Make_apt-get_remount_.2F_if_needed
ciao
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
