[CentOS] read only root file system

Fri May 2 15:29:47 UTC 2008
William L. Maltby <CentOS4Bill at triad.rr.com>

On Fri, 2008-05-02 at 15:38 +0200, Ralph Angenendt wrote:
> Brett Serkez wrote:
> > On Fri, May 2, 2008 at 12:16 AM, Jason Pyeron <jpyeron at pdinc.us> wrote:
> > > I am looking at having a read only box, it will not use a swap partition.
> > >  Any recommendations?
> > 
> > You'll need to break out your hard drive into multiple partitions, as
> > there are certain portions of the file system that need to be writable
> > such as /var and /home.  I setup systems in this manner to make them
> > more difficult to subvert, I'd suggestion searching for topics such as
> > "linux file system hardening".
> What do you do with /etc/mtab - where the system clearly wants to write
> into when you mount/unmount stuff?

ln -s /proc/mounts /etc/mtab

There are some "gotchas" if you have some loopback mounts instituted by
the mount command. Since /proc/mounts is a symlink to self-mounts, maybe
pointing directly there would work too.

> Cheers,
> Ralph
> <snip sig stuff>