On Mon, May 11 2009, Goswin von Brederlow wrote:
> Henrique de Moraes Holschuh <h...@debian.org> writes:
>
>> On Mon, 11 May 2009, Goswin von Brederlow wrote:
>>> > A separate /usr *is* the way to go if you don't want any writes in
>>> > that filesystem 99.9% of the time (i.e. when you're not doing an
>>> > upgrade).
>>>
>>> A read-only / does the trick just as well. And if you don't want
>>> writes to /usr you probably don't want writes to /bin or /sbin
>>> either. So read-only / is really the way to go. Not a strong argument
>>> for a seperate /usr.
>>
>> No, RO / is a lot more difficult to pull off (remember: some of us don't
>> want initrds), while RO /usr is really just a three-char change on fstab
>> (and if you want apt to remount things automatically, two lines in a config
>> file).
>
> Why would you need an initrd for a read-only /?
>
> A read-only / should work out of the box just like a read-only /usr. I
Except it does not.
> haven't installed a fresh one in a long while though so if you know of
> problems speak up so bugs can be filed and packages can be fixed.
There is the /etc/mtab issue, and then there are things like
resolvconf that try to scribble in /etc. I have not tried recently, so
I don't know if there are more blocker. Oh, and /root is a home
directory; unless we move that, a read only / would affect root
negatively.
A read-only / would be nice, but unless you try it on a real
box, I don't think you assert it should be working out of the box.
manoj
--
"Vendi, vidi, parenthesi" -- I came, I saw, I programmed in Lisp!" Dave
W. Kimball
Manoj Srivastava <sriva...@debian.org> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
