Hi all,
I am currently trying to set up a read only boot on an embedded system. For
this purposes I use unionfs for some folders (/etc /var /opt) and put the
filesystem in read only.
As I am not very comfortable with such kind of settings I'd like to share
what I am doing.
I have a debian squeeze 6.0.1 with a light 2.6.35.7 kernel (light because I
delete all non required options) So I downloaded the 2.5.9.1 version of
unionfs for 2.6.35.9 and applyied it to my kernel sources. (is this the
right version for my kernel version ?) I activated unionfs in
Filesystem->Miscalleanous kernel option, compile, and deploy the kernel.
I created a boot_read_only script in /etc/init.d and add it with this
command line "update-rc.d boot_read_only start 00 S"
I edited my /etc/fstab to put "/" in ro.
I also created a special recovery console mode in my grub config with a
"--init=/bin/bash" option to the linux kernel loading line to be abble to
switch back to normal mode.
Does all this seems correct ? (especially my version of unionfs as I don't
have exactly the same kernel number)
Thanks for reading.
PS : Here is the boot_read_only script :
### BEGIN INIT INFO
# Provides: boot_read_only
# Required-Start:
# Required-Stop:
# Should-Start:
# Should-stop:
# Default-Start: S
# Default-Stop:
# X-Interactive: true
# Short-Description: Boot in read only mode.
### END INIT INFO
do_start () {
echo "start boot_read_only : montage unionfs"
/bin/mount -n -t tmpfs tmpfs /unionfs/etc -o size=32M
/bin/mount -n -t unionfs unionfs /etc -o dirs=/unionfs/etc=rw:/etc=ro
/bin/mount -n -t tmpfs tmpfs /unionfs/var -o size=128M
/bin/mount -n -t unionfs unionfs /var -o dirs=/unionfs/var=rw:/var=ro
echo "tmpfs /unionfs/etc tmpfs rw,size=32M 0 0" >> /etc/mtab
echo "unionfs /etc unionfs rw,dirs=/unionfs/etc=rw:/etc=ro 0 0" >>
/etc/mtab
echo "tmpfs /unionfs/var tmpfs rw,size=128M 0 0" >> /etc/mtab
echo "unionfs /var unionfs rw,dirs=/unionfs/var=rw:/var=ro 0 0" >>
/etc/mtab
}
case "$1" in
start)
do_start
;;
restart|reload|force-reload)
echo "Error: argument '$1' not supported" >&2
exit 3
;;
stop)
echo "stop boot_read_only : Rien a faire"
;;
rw)
echo "Transition to RW in progress..."
mount -w -o remount /
sleep 1
umount -n /etc
umount -n /var
echo "**** => type : 'umount -n /etc' to finish"
echo "Back to Read-Write mode"
echo "Ne pas brancher de cle USB avant de repasser en Read-Only !!"
exit 3
;;
ro)
echo "Return to Read-Only mode"
sync
mount -n -t unionfs unionfs /etc -o dirs=/unionfs/etc=rw:/etc=ro
mount -n -t unionfs unionfs /var -o dirs=/unionfs/var=rw:/var=ro
mount -r -o remount /
echo "C'est bon, on peut rebrancher des cles USB"
exit 3
;;
*)
echo "Usage: $0 start|stop" >&2
exit 3
;;
esac
:
_______________________________________________
unionfs mailing list: http://unionfs.filesystems.org/
[email protected]
http://www.fsl.cs.sunysb.edu/mailman/listinfo/unionfs
