Hi Rick, Rick Moen writes:
> Quoting Olaf Meeuwissen (paddy-h...@member.fsf.org): > >> I used to mount /usr read-only on my server machines but that quickly >> becomes a bore when you need to install security upgrades every so >> often. > > Suggestion: Make remounting an automatic part of package operations. > > /etc/apt/apt.conf: > > DPkg { > // Auto re-mounting of a read-only /usr > Pre-Invoke { "mount -o remount,rw /usr"; }; > Post-Invoke { "test ${NO_APT_REMOUNT:-no} = yes || mount -o remount,ro > /usr || true"; }; > }; I don't know how long this has been available but had I been aware of it, I would have used it way back when I used to mount /usr read-only. That's been a while ... maybe 10 years or so ;-) Actually, staring at this, I may have done something like that and was not quite happy with how it worked (or not) and just stopped mounting /usr read-only. Or maybe I just stopped putting /usr on a file system of its own (when I started using LVM). I honestly cannot remember why and what. Thanks anyway, -- Olaf Meeuwissen, LPIC-2 FSF Associate Member since 2004-01-27 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13 F43E B8A4 A88A F84A 2DD9 Support Free Software https://my.fsf.org/donate Join the Free Software Foundation https://my.fsf.org/join _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng