On 05/08/2011 19:55, Bruce Dubbs wrote: > I've thought for a while that there should be a location that is > accessible across boots that is always available (not a mountpoint). > It's a catch-22 though. How do you mount / read only (for security) and > still be able to write this persistent data? The clock/ntp data is only > one area. Alsa and pci.ids/usb.ids are other areas of concern, although > they can certainly come after mountfs. This data probably should be in > an optionally mountable /var partition. > > For transient data, we now have /run. That helps, but is not a complete > solution. > > The first script to run is mountvirtfs. Perhaps we could have that > create a /dev device like /dev/sda? and mount that as /var before udev > ever starts.
Yeah, I started thinking along the same lines, and was wondering whether union mounts would work here. In effect, what it would mean is: 1) kernel mounts root device r/o 2) mountvirtfs mounts a r/w tmpfs over /var 3) udev bootscript runs 4) mountfs union mounts the real /var (if it's specified in fstab) over the existing tmpfs /var. The only note we'd need to put in the book is the need for the 'union' option in fstab for this to work correctly, I believe. I have a suspicion though, that if one has a single root partition (no separate /usr or /var) it will break because under that configuration steps 1-3 above remain the same, but then we get: 4) / is remounted r/w, and with /var on that FS, it won't have been 'unioned' with the tmpfs /var and will thus in effect hide it and any files on it. Maybe this is why initrd's are being encouraged so heavily? :-( Regards, Matt. -- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
