On 2011-01-05 08:46 +0100, Mike Hommey wrote: > On Wed, Jan 05, 2011 at 03:29:08AM +0100, Michael Biebl wrote: >> >> Nice write-up, you raise many good points I agree with. >> >> Just a small remark: >> >> On 05.01.2011 01:25, Roger Leigh wrote: >> >> > 2) /usr is mounted read-only for security and safety >> > >> > Mounting /usr read-only is common practice; I even do this myself >> > with apt-get configured to remount read-write when changes are made >> > and then remount read-only afterwards. >> >> This can easily be achieved using a bind mount, without requiring /usr being >> a >> separate partition. >> >> mount --bind /usr /usr >> mount -oremount,ro /usr > > It requires a recent kernel, though. IIRC, Lenny kernels don't support > readonly bind mounts.
They do, readonly bind mounts were introduced in Linux 2.6.26: http://kernelnewbies.org/Linux_2_6_26#head-84b0b94f54cc4be3dd955b16a41cab633d11645b Sven -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87lj2zu61l....@turtle.gmx.de
