On Thu, Nov 15, 2018 at 10:28:56PM -0700, Don NetBSD wrote:
> I've a box with a DoM. I'd like to mount / as ro and create a
> tmpfs for /var (and /tmp). I don't think anything else NEEDS to
> be rw (the infrequent changes to /etc can be made by unlocking /
> to make those changes).
>
> I imagine I can just make a tarball of a skeletal /var and
> unpack this over /var, once mounted?
>
> Is there a preexisting mechanism for this sort of thing?
> Or, do I roll my own?
I have done this before.
I added an rc script for copying filesystems on non-volatile (NV)
storage to memory filesystems and then null-mount the memory
filesystems on top of the NV directories. See attachment.
I added a line to /etc/fstab,
swap /mfs tmpfs rw,-s8M 0 0
I modified my rc.conf to 1) indicate that /etc, /var, temporary and
home directories should be on (ephemeral!) memory filesystems, and 2)
ensure that the prerequisite filesystems (/usr) were mounted before
mountcritmem ran.
# When /usr is on a different filesystem than /, I mount it
# before the memory filesystems so that pax can run programs
# from it.
#
critical_filesystems_beforemem="/usr"
# Do not mount /var, it's a memory fs. Superfluous, since NetBSD
# will not mount /var a second time, anyway.
#
# critical_filesystems_local=""
# Don't mount /usr, it comes with / on the CD-ROM.
#
critical_filesystems_remote=""
# Don't mount /usr, it comes with / on the CD-ROM.
#
critical_filesystems_memory="/etc /home /root /tmp /var"
If this works for you, too, maybe mountcritmem should go into the base
system.
Dave
--
David Young
dyo...@pobox.com Urbana, IL (217) 721-9981
#!/bin/sh
#
# $NetBSD$
# $Id: mountcritmem 4133 2006-08-26 06:10:29Z dyoung $
#
# PROVIDE: mountcritmem
# REQUIRE: root
# BEFORE: mountcritlocal
$_rc_subr_loaded . /etc/rc.subr
name="mountcritmem"
required_dirs="/mfs /permanent $critical_filesystems_memory"
for _d in $critical_filesystems_memory; do
d=${_d#/}
required_dirs="$required_dirs /permanent/$d"
done
start_cmd="mountcritmem_start"
stop_cmd="mountcritmem_stop"
#
# Example /etc/fstab
#
# /dev/wd0a / ffs ro 0 0
# swap /mfs mfs rw,-s=10880k,-i=256 0 0
abort_mountcritmem()
{
if [ "$autoboot" = yes ]; then
echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!"
kill -TERM $$
exit 1
fi
}
mountcritmem_start()
{
if [ "${critical_filesystems_memory:-}" = "" ]; then
return 0
fi
echo "Mounting critical memory filesystems"
_fs_list=
for _d in $critical_filesystems_memory; do
d=${_d#/}
_fs_list="$_fs_list $d"
done
for d in $_fs_list; do
if [ ! -d /permanent/$d ]; then
echo "ERROR: missing /permanent/$d"
abort_mountcritmem
return 1
fi
done
for d in $_fs_list; do
if ! mount /mfs; then
echo "ERROR: cannot mount /mfs"
abort_mountcritmem
return 1
fi
break
done
for d in $_fs_list; do
if ! mkdir /mfs/$d; then
echo "ERROR: cannot mkdir /mfs/$d"
abort_mountcritmem
return 1
fi
done
for d in $_fs_list; do
if ! mount -t null /$d /permanent/$d; then
echo "ERROR: cannot mount /permanent/$d"
abort_mountcritmem
return 1
fi
done
for d in $_fs_list; do
cd /permanent/$d
if ! mount -t null /mfs/$d /$d; then
echo "ERROR: cannot mount /mfs/$d"
abort_mountcritmem
return 1
fi
if ! pax -pe -rw . /$d ; then
echo "ERROR: cannot populate /mfs/$d"
abort_mountcritmem
return 1
fi
cd -
done
}
mountcritmem_stop()
{
if [ "${critical_filesystems_memory:-}" = "" ]; then
return 0
fi
_rev_fs_list=
for _d in $critical_filesystems_memory; do
d=${_d#/}
_rev_fs_list="$d $_rev_fs_list"
done
for d in $_rev_fs_list; do
umount /mfs/$d
umount /permanent/$d
done
for d in $_rev_fs_list; do
umount /mfs
break
done
}
load_rc_config $name
run_rc_command "$1"
