[CentOS] read only root file system
Brett Serkez
bserkez at gmail.com
Fri May 2 13:43:05 UTC 2008
On Fri, May 2, 2008 at 9:38 AM, Ralph Angenendt <ra+centos at br-online.de> wrote:
> Brett Serkez wrote:
> > On Fri, May 2, 2008 at 12:16 AM, Jason Pyeron <jpyeron at pdinc.us> wrote:
> > > I am looking at having a read only box, it will not use a swap partition.
> > > Any recommendations?
> >
> > You'll need to break out your hard drive into multiple partitions, as
> > there are certain portions of the file system that need to be writable
> > such as /var and /home. I setup systems in this manner to make them
> > more difficult to subvert, I'd suggestion searching for topics such as
> > "linux file system hardening".
>
> What do you do with /etc/mtab - where the system clearly wants to write
> into when you mount/unmount stuff?
Make it a soft-link to /var or other writable file system, perhaps
/etc/mtab -> /var/etc/mtab.
For the most part the Linux/UNIX file system is broken up into well
defined areas, but alas, exceptions need to be dealt with.
Brett
More information about the CentOS
mailing list