[CentOS] read only root file system

Sat May 24 17:29:37 UTC 2008
Fred Noz <Fred at Noz.net>

On Saturday 24 May 2008 12:05:30 Fred Noz wrote:
> Responding to a question posted earlier this month, Centos 5.1
> includes configuration files for enabling the read-only root
> filesystem. Actually, all filesystems can be mounted read-only with
> particular files and directories mounted on a read-write tmpfs (in
> RAM). This capability comes directly from the upstream provider.

> When your computer comes back up, the root and any other system
> partitions will be mounted read-only.  All the files and directories
> listed in /etc/rwtab will be mounted read-write on a tmpfs filesystem.
> You can add additional files and directories to rwtab to make them
> writable after reboot.
> Note that this system is stateless.  When you reboot again, everything
> written to the tmpfs filesystem vanishes and the system will be
> exactly as it was the last time it was booted. You could add a
> writable filesystem on disk or NFS for writing files you want to
> retain after rebooting.

This is very interesting. Thanks for the sharing Fred. So, it's somekind
of Live CD on a disk? I can't think of a practical benefit of using such
system, is it to protect it from unwanted modification?

Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial

There are many practical reasons why one would want to run a
Linux system, whether it be desktop or server, with a read-only root.

One reason is for ease of maintenance, especially when there are many
systems to maintain.  You might be administering computers in a
classroom, internet access point, or library and you want to be
certain that after reboot, the system is exactly as it was the last
time it was rebooted, even if the users mess with the system
accidentally or on purpose.

For example, if a user fills up the /tmp filesystem and causes the
system to crash, after booting, the system will have an empty /tmp
filesystem.  It will not require that fsck to be run because the other
filesystems were mounted read-only.  This implies no risk of filesystem
corruption (except due to physical failures on the disk).  Not needing
fsck saves time on boot.

You could use read-only root on embedded systems where there is no way
an administrator could get to the system to fix it.

Read-only root is beneficial on a system running on flash media because
this avoids having recurring writes wear out some sectors on the media.

This is a practical way to run a large group of diskless systems.  A
single read-only root filesystem can be made available on a network from
an NFS server.  Many diskless clients can use this readonly-root

Of course, this is a way to implement a live CD.

In addition to easy maintenance, readonly-root adds a layer of security. 
The security is broken if someone gains access to the root user, but 
then many security protections are lost if someone gains root.

Even a Database server can benefit from being run on read-only root.
The data disk would certainly be mounted read-write, but there is
no reason why the operating system and database application software
need to be on disks mounted read-write.

When an administrator wants to perform an update, upgrade, software,
installation. or other system change, the administrator sets the
readonly filesystems to read-write using a simple mount command.
After the administrator finishes making the changes, a simple mount
command (or reboot) sets the readonly filesystems back to read-only.

Of course, on systems where the root and system filesystems have 
no physical write capability, such as on a live CD, they cannot be
set to read-write.

     - Fred
  Fred Noz
  Fred at Noz.net