On Thu, Feb 24, 2011 at 02:25:26PM +0100, Lennart Poettering wrote:
> > snapshotted every time we perform a package/admin operation (and
> > perhaps also just on regular intervals for good measure), what would
> > we then gain by adding a read-only rootfs to the mix?
> Security, robustness: you can be sure that nothing tempers with your
> basic OS tree and it is always in a defined state, unless put in a
> specific "admin mode", where the image may be changed/administered,
> i.e. / is remounted rw.
It'd be nice to support a separate /usr in this case as well, because
changes to /etc are usually a different use-case than changes to /usr -- the
former is administrator configuration actions, and the latter almost
exclusively package updates, installations, or removals. (Installing
packages may or may not also entail changes to /etc, of course.)

Matthew Miller <mat...@mattdm.org>
Senior Systems Architect -- Instructional & Research Computing Services
Harvard School of Engineering & Applied Sciences
devel mailing list

Reply via email to