Hi Rick,
Rick Moen writes:
> Quoting Olaf Meeuwissen (paddy-h...@member.fsf.org):
>
>> I used to mount /usr read-only on my server machines but that quickly
>> becomes a bore when you need to install security upgrades every so
>> often.
>
> Suggestion: Make remounting an automatic part of package operations.
>
> /etc/apt/apt.conf:
>
> DPkg {
> // Auto re-mounting of a read-only /usr
> Pre-Invoke { "mount -o remount,rw /usr"; };
> Post-Invoke { "test ${NO_APT_REMOUNT:-no} = yes || mount -o remount,ro
> /usr || true"; };
> };
I don't know how long this has been available but had I been aware of
it, I would have used it way back when I used to mount /usr read-only.
That's been a while ... maybe 10 years or so ;-)
Actually, staring at this, I may have done something like that and was
not quite happy with how it worked (or not) and just stopped mounting
/usr read-only. Or maybe I just stopped putting /usr on a file system
of its own (when I started using LVM). I honestly cannot remember why
and what.
Thanks anyway,
--
Olaf Meeuwissen, LPIC-2 FSF Associate Member since 2004-01-27
GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13 F43E B8A4 A88A F84A 2DD9
Support Free Software https://my.fsf.org/donate
Join the Free Software Foundation https://my.fsf.org/join
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
