Is it possible to setup read-only root ?
Reindl Harald
h.reindl at thelounge.net
Sun Jul 1 17:37:25 UTC 2012
Am 01.07.2012 19:32, schrieb Joe Zeff:
> On 07/01/2012 10:23 AM, John Wendel wrote:
>> Extra security is certainly a plus. My main reason for wanting to run a
>> read-only root it to avoid wearing out the consumer grade compact flash
>> card that I'm using as my root device (yes, I'm cheap).
>
> I'd suggest, then, using a distro that doesn't update as frequently as Fedora. /sbin is on the root device and
> you'd need to set it to rw every time one of its programs gets updated. Also, if you're using Fedora, have a
> separate /boot that's not on that card to make kernel updates easier.
i do it the other direction
/var/cache, /var/lib, /boot, /var/tmp, /var/log and /tmp on own partitions
or in case of virtual machines even on drives because i can have rootfs as
small as possible without fearing it gets full
this would have the same effect without the problem of have to
remeber remount rw before updates
with "yum-plugin-security" and "yum update --security" you can
even on Fedora minimize updates most of the time if you really
want while you can update packages selective from the normal
repos if a update fixes a bug which affects you
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20120701/c458f554/attachment.sig>
More information about the users
mailing list