On 10/5/07, Robert Connolly <[EMAIL PROTECTED]> wrote: > Hi. I checked around a lot to see if any advancements have been made in > mounting / read-only, and it doesn't look like it. I found 3 methods: > > Symlink /etc/mtab to /proc/mounts. The downside to this is that loopback > mounts don't show up, and so umount doesn't take down the loop device. > > Symlink /etc/mtab to a real file, like /var/lib/mtab. The readonly_rootfs.txt > suggested hard coding the new file in Glibc and Util-linux. > > Third is mounting /etc as it's own partition. See: > http://www.seifried.org/oag/advanced-filesystem/ > I like this one best, personally, because it makes it easy to reuse /etc when > upgrading (if all config's are put there), and because /etc can be read-write > while / is read-only. I have two / and two /usr partitions, so I can upgrade > to a scratch system, so reusing an /etc partition (along with /boot > and /home) would be nice. This also allows /etc to be mounted, to change > passwords or whatever, without mounting /. The downside to this is /etc/fstab > exists twice (one on /, another on /etc, partitions), and need to both be > valid, and there's still an issue with /etc/mtab. > > /etc/resolv.conf might also need a symlink to /somewhere/resolv.conf, > depending on whether you change this file during uptime. > > Any other ideas? > > Also, for the above reason and more, I'm always looking for better ways to > partition. This is my latest idea (with 3 drives), for a desktop: > > devpts on /dev/pts type devpts (rw,nosuid,gid=4,mode=620) > shm on /dev/shm type tmpfs (rw,nosuid,nodev,mode=1777) > tmpfs on /tmp type tmpfs (rw,nosuid,nodev,size=512m,mode=1777) > Symlink /var/tmp to /tmp > > ide 80G. These partitions get reused with dual-boots: > extended 80G > /boot 2G ro,noexec,nosuid,nodev > ext3 > /etc 512M ro,noexec,nosuid,nodev > ext3 > /root 4G rw,noexec,nosuid,nodev > ext3 > /var 4G rw,nosuid,nodev > ext3 > /var/spool 4G rw,noexec,nosuid,nodev,noatime,sync > ext2 AES128 > /multimedia - rw,noexec,nosuid,nodev,noatime,sync > ext2 AES128 > > Note: As per the loop-aes README file, if a journaling file system is used > then write cache should be disabled on the drive to allow the file system to > handle all the writes. For this drive I prefer to leave write caching enabled > and use ext2 with the sync option, which is only sane with the noatime > option. On a server, something like the Mars or Twofish algorithm might be a > better idea for performance, but requires additional kernel modules to be > loaded. > > Symlink /etc/resolv.conf to /tmp/resolv.conf > Symlink /etc/mtab to /tmp/mtab > Symlink /var/log to /var/spool/log > Symlink /var/mail to /var/spool/mail > > sata 250G (write caching disabled via `hdparm` in bootscript): > /home - rw,nosuid,nodev,noatime > ext3 AES256 > > sata 80G: > extended 80G > swap 4G > AES128 > / 2G ro,nodev > ext3 > /usr 12G ro,nodev > ext3 > / 2G ro,nodev > ext3 > /usr 12G ro,nodev > ext3 > /usr/src - > rw,noexec,nosuid,nodev,noatime ext3 > > Symlink /opt to /usr/opt. > Use /dev/shm for builds, or a /usr/obj. > > robert > > -- > http://linuxfromscratch.org/mailman/listinfo/hlfs-dev > FAQ: http://www.linuxfromscratch.org/faq/ > Unsubscribe: See the above information page > > >
Hereis a practiceI generally do. If daemons or other services need to start, have /var/run under a small tmpfs. Thats all I have for the moment. -- Kevin Day -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
