Freminlins wrote:
> On 01/08/06, *Erik Norgaard* <[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>> wrote:
>     you may
>     even want to mount it read-only for security. (I think these are good
>     advises on any system).
> I used to agree with this (specifically the mantra was "mount /usr read
> only") - until I tried to patch anything! Then it's useless.

You usually don't patch up your system everyday. Remount rw do the
patching and remount ro. The problem is more that some 3rd party
applications assume that /usr is writeable. I found the problem more
annoying with / whenever I need to change some system file.

However, most important is to have /tmp on a separate partition. Then
there will only be few writes on /.

> What you end up with is a machine which in which the base install is
> more secure, but all your data isn't. The base install is the one thing
> I know I can get back (i.e. reinstall) in 5 minutes. The data I cannot.

I think it is very valuable to get the system up so I can rescue my
data. Having base system go down along with my data doesn't seem to have
any clear advantages.

Mounting / and/or /usr ro will get your systems up faster and that
seemed to be the issue.

Cheers, Erik
Ph: +34.666334818                      web:
X.509 Certificate:
Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to