| View previous topic :: View next topic |
| Author |
Message |
trumee
Guru
Joined: 02 Mar 2003
Posts: 551
Location: London,UK
|
 Posted: Mon Aug 20, 2012 8:36 pm Post subject: Readonly root file system (OpenRC) |
 |
|
Hi all,
I am trying to setup a read only gentoo system following the http://www.gentoo-wiki.info/HOWTO_Read-only_root_filesystem.The wiki recommends to modify /sbin/rc in Step 3. Unfortunately, /sbin/rc is no longer a text file in current gentoo OpenRC.
Is there any alternate way i can mount /etc using unionfs/aufs?
Thanks |
|
| Back to top |
|
 |
SlashBeast
Retired Dev
Joined: 23 May 2006
Posts: 2922
|
| Posted: Mon Aug 20, 2012 9:32 pm Post subject: |
|
|
| You can mount tmpfs and aufs from rootfs on the initramfs level. Should be fairly simple but you will need a aufs-enabled kernel and userspace utils in initramfs as well. |
|
| Back to top |
|
|
trumee
Guru
Joined: 02 Mar 2003
Posts: 551
Location: London,UK
|
| Posted: Tue Aug 21, 2012 8:06 pm Post subject: |
|
|
Thanks for the suggestion. I got a partially working file together. Current problem is that as soon initramfs ends, the / is mounted and my aufs/tmpfs mounts go haywire.
Here is the init script
| Code: |
#!/bin/busybox sh
export PATH=/usr/local/bin:/usr/bin:/bin
# Mount the /proc and /sys filesystems.
mount -t proc none /proc
mount -t sysfs none /sys
echo /sbin/mdev > /proc/sys/kernel/hotplug
mdev -s
# Mount the root filesystem.
echo "Mount root fs"
mount -o ro /dev/mmcblk0p2 /mnt/root
# test for mount points on aufs file system
[ -d /aufs/etc ] || mkdir -p /aufs/etc
echo "create tmpfs"
# Create tmpfs /etc filesystem in ram.
mount -n -t tmpfs tmpfs /aufs/etc -o size=1M
#combine /mnt/root/etc and /etc with aufs
echo "Mount aufs"
mount -n -t aufs aufs /etc -o dirs=/aufs/etc=rw:/mnt/root/etc=ro
#set in mtab
echo "tmpfs /aufs/etc tmpfs rw,size=1M 0 0" >> /etc/mtab
echo "aufs /etc aufs rw,dirs=/aufs/etc=rw:/etc=ro 0 0" >> /etc/mtab
#cleanup
umount /proc
umount /sys
# Boot the real thing.
exec switch_root /mnt/root /sbin/init
|
And here is the output of df -h
| Code: |
Filesystem Size Used Avail Use% Mounted on
rootfs 5.5G 3.8G 1.5G 72% /
/dev/mmcblk0p2 5.5G 3.8G 1.5G 72% /
tmpfs 5.5G 3.8G 1.5G 72% /aufs/etc
aufs 5.5G 3.8G 1.5G 72% /etc
tmpfs 117M 148K 117M 1% /run
rc-svcdir 1.0M 56K 968K 6% /lib/rc/init.d
cgroup_root 10M 0 10M 0% /sys/fs/cgroup
udev 10M 0 10M 0% /dev
shm 117M 0 117M 0% /dev/shm
/dev/mmcblk0p1 70M 14M 56M 20% /boot
|
The tmpfs partition is the whole of rootfs instead of 1MB of size. Any idea what is wrong? |
|
| Back to top |
|
|
SlashBeast
Retired Dev
Joined: 23 May 2006
Posts: 2922
|
| Posted: Thu Aug 23, 2012 6:33 pm Post subject: |
|
|
You messed a bit the mountpoints, you do switchroot to /mnt/root so you want to mount aufs there, something like:
| Code: |
mount -o ro /dev/mmcblk0p2 /mnt/root
mount -n -t tmpfs etc-tmpfs /aufs/etc -o size=1M
mount -n -t aufs etc-aufs /mnt/root/etc -o dirs=/aufs/etc=rw:/mnt/root/etc=ro
|
first it mounts as read-only the /mnt/root
then it mounts tmpfs with name 'etc-tmpfs' inside /aufs/etc
on the end it mounts a aufs filesystem under /mnt/root/etc, with /aufs/etc as read-write and /mnt/root/etc as readonly branch.
and yes you can use mountpoint and readonly branch as the same path, then you switch_root to /mnt/root where /etc is read-write.
Also instead of writing mtab I would suggest leave it empty OR link it to /proc/mounts. |
|
| Back to top |
|
|
trumee
Guru
Joined: 02 Mar 2003
Posts: 551
Location: London,UK
|
| Posted: Thu Aug 23, 2012 9:35 pm Post subject: |
|
|
Thanks i have modified the init file to:
| Code: |
#!/bin/busybox sh
export PATH=/usr/local/bin:/usr/bin:/bin
# Mount the /proc and /sys filesystems.
mount -t proc none /proc
mount -t sysfs none /sys
echo /sbin/mdev > /proc/sys/kernel/hotplug
mdev -s
# Mount the root filesystem.
echo "Mount root fs"
mount -o ro /dev/mmcblk0p2 /mnt/root
# test for mount points on aufs file system
[ -d /aufs/etc ] || mkdir -p /aufs/etc
echo "create tmpfs"
# Create tmpfs /etc filesystem in ram.
mount -n -t tmpfs etc-tmpfs /aufs/etc -o size=1M
#combine /mnt/root/etc and /etc with aufs
echo "Mount aufs"
mount -n -t aufs etc-aufs /mnt/root/etc -o dirs=/aufs/etc=rw:/mnt/root/etc=ro
#set in mtab
#echo "tmpfs /aufs tmpfs rw,size=1M 0 0" >> /etc/mtab
#echo "aufs /etc aufs rw,dirs=/aufs=rw:/etc=ro 0 0" >> /etc/mtab
#cleanup
umount /proc
umount /sys
# Boot the real thing.
exec switch_root /mnt/root /sbin/init
|
The mounts after boot (/etc/mtab symlinked to /proc/mounts) looks like the following.
| Code: |
#df -h
Filesystem Size Used Avail Use% Mounted on
rootfs 5.5G 3.9G 1.4G 74% /
/dev/mmcblk0p2 5.5G 3.9G 1.4G 74% /
etc-tmpfs 5.5G 3.9G 1.4G 74% /aufs/etc
etc-aufs 1.0M 92K 932K 9% /etc
tmpfs 117M 156K 117M 1% /run
rc-svcdir 1.0M 56K 968K 6% /lib/rc/init.d
cgroup_root 10M 0 10M 0% /sys/fs/cgroup
udev 10M 0 10M 0% /dev
shm 117M 0 117M 0% /dev/shm
/dev/mmcblk0p1 70M 14M 56M 20% /boot
tmpfs 5.0M 4.0K 5.0M 1% /tmp
|
My /etc/fstab is as follows
| Code: |
/dev/mmcblk0p1 /boot vfat defaults,ro 0 0
/dev/mmcblk0p2 / ext4 defaults,ro,noatime 0 0
/dev/mmcblk0p3 none swap sw 0 0
tmpfs /tmp tmpfs size=5M 0 0
tmpfs /var/run tmpfs size=10M 0 0
|
If i write anything to /etc, i dont see anything getting written to /aufs/etc?
| Code: |
# mkdir /etc/abc
# ls -la /etc/abc
total 0
drwxr-xr-x 2 root root 40 Aug 23 22:31 .
drwxrwxrwt 47 root root 160 Aug 23 22:31 ..
# ls -la /aufs/etc/
total 8
drwxr-xr-x 2 root root 4096 Aug 23 22:24 .
drwxr-xr-x 3 root root 4096 Aug 23 22:24 ..
|
Also, how do i umount aufs so that i can make permanent changes to etc?
| Code: |
# mount / -o remount,rw
# umount -n /aufs/etc/
umount: /aufs/etc: not mounted
# umount -n /etc/
umount: /etc: device is busy.
(In some cases useful info about processes that use
the device is found by lsof(8) or fuser(1))
umount: /etc: device is busy.
(In some cases useful info about processes that use
the device is found by lsof(8) or fuser(1))
|
|
|
| Back to top |
|
|
SlashBeast
Retired Dev
Joined: 23 May 2006
Posts: 2922
|
| Posted: Fri Aug 24, 2012 10:46 am Post subject: |
|
|
the /aufs/etc is mounted outside /mnt/root, after switch_root you dont have access there as you are on different layer.
you mount your rootfs which container real /etc as read-only, if you want make permament maybe implament something to preserve /etc content, like on shutdown tar /etc and store it on /boot. then after mouting new aufs initramfs would unpack it to /mnt/root/etc or something. Umounting filesystem where something have open descriptior like /etc is impossible without shutting it down which pretty much means reboot. |
|
| Back to top |
|
|
|
Other Things Gentoo
