| View previous topic :: View next topic |
| Author |
Message |
jonathan183
Guru
Joined: 13 Dec 2011
Posts: 318
|
 Posted: Sat Feb 22, 2014 3:19 pm Post subject: What is the best approach for /etc/mtab if root is read-only |
 |
|
Question 1:- how do you set /etc/fstab and /etc/mtab to correctly fsck partitions at boot and update mtab if / is mounted read-only?
Question 2:- apart from /etc/resolv.conf (and possibly /etc/mtab) are there other files I should copy to a read/write partition and symlink from a read-only root?
Some of the background:-
I have been looking at the wiki https://wiki.gentoo.org/wiki/File_System_Security
I'm setting up separate partitions for /usr /var /tmp /home and I'm using mdev as the device manager.
I want to mount / as read-only, but when I do so /etc/mtab is not updated during boot.
First I tried creating /var/etc and moving /etc/mtab to that location and then sym linking /etc/mtab to /var/etc/mtab
the problem is during boot I get the following messages
| Code: | * Checking local filesystems ...
Gentoo-80GB: clean, 36132/851968 files, 391220/3407616 blocks
ext2fs_check_if_mount: Can't check if filesystem is mounted due to missing mtab file while determining whether /dev/hda6 is mounted.
ext2fs_check_if_mount: Can't check if filesystem is mounted due to missing mtab file while determining whether /dev/hdb7 is mounted.
user-data has been mounted 1 times without being checked, check forced.
user-data-80GB: clean, 371471/2195456 files, 3165845/8763933 blocks
user-data: 95715/5242880 files (9.6% non-contiguous), 18138613/20970841 blocks
[ ok ] * Remounting filesystems ...
[ ok ] * Skipping mtab update (mtab is a symbolic link) |
I have a user-data partition set to fsck every time it mounts which is being fsck'd, which is hda6 - which is fsck'd after the error message.
I also came across http://www.gentoo-wiki.info/HOWTO_Read-only_root_filesystem but I'm not sure how current the issues are ... but from the wiki archives
| Quote: | checkfs
If the method chosen is a link to /proc/mounts, there is no problem.
If the method chosen for mtab is the link to /var/etc/mtab, then /etc/init.d/checkfs won't be able to access mtab and will complain at boot time for systems labelled in /etc/fstab as noauto. For example:
ext2fs_check_if_mount: No such file or directory while determining whether /edv/hdax is mounted
The filesystems for which it cannot guess whether they are mounted or not are precisely those which are not mounted. So the failure of check_if_mount is no problem (see e2fsprogs/e2fsck/unix.c, function check_mount).
|
which suggests it's an error message I don't need to worry about.
I have also tried creating a symlink to /proc/mounts ... ln -s /proc/mounts /etc/mtab
this works but results in mtab contents being different, from the above wiki archive ...
| Quote: | However, in some cases including loop devices, this may not work, because information provided by /proc/mounts are less precise than those in /etc/mtab
|
What are others doing if they have a read-only root? is there a better approach than above which I should be taking? |
|
| Back to top |
|
 |
eccerr0r
Watchman
Joined: 01 Jul 2004
Posts: 9679
Location: almost Mile High in the USA
|
| Posted: Sat Feb 22, 2014 4:14 pm Post subject: |
|
|
On my read-write filesystem I have /etc/mtab -> /proc/mounts ... should be fine...
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching? |
|
| Back to top |
|
|
PaulBredbury
Watchman
Joined: 14 Jul 2005
Posts: 7310
|
| Posted: Sat Feb 22, 2014 4:22 pm Post subject: |
|
|
The wiki archives are old info.
I believe the current situation is this: e.g. from systemd's README:
| Quote: | | systemd will warn you during boot if /etc/mtab is not a symlink to /proc/mounts. Please ensure that /etc/mtab is a proper symlink. |
Although systemd's actual code in src/core/main.c is:
| Code: | if (readlink_malloc("/etc/mtab", &p) >= 0) {
bool b;
b = streq(p, "/proc/self/mounts") || streq(p, "/proc/mounts"); |
|
|
| Back to top |
|
|
666threesixes666
Veteran
Joined: 31 May 2011
Posts: 1248
Location: 42.68n 85.41w
|
| Posted: Sat Feb 22, 2014 6:17 pm Post subject: |
|
|
yeah
ln -s /proc/self/mounts /etc/mtab
rc-update del mtab boot
or
rc-update del mtab default
i cant remember which run level mtab init script is at. |
|
| Back to top |
|
|
jonathan183
Guru
Joined: 13 Dec 2011
Posts: 318
|
| Posted: Sun Feb 23, 2014 1:33 am Post subject: |
|
|
It sounds like a symlink to /proc/mounts is the way to go with this in my case, I use sudo to mount/umount partitions so user mount is not an issue for me. I also don't tend to use loop so I'm not expecting that to be a major issue for me either.
I was thinking there may have been a suitable way to symlink /etc/mtab to /var/etc/mtab but I guess that would have meant a special case workaround for mounting of /var ...
The other concern I had was somehow managing to run fsck on a mounted partition with potential to trash my data partitions ... replace s with another letter 
btw I have symlink /etc/resolv.conf to /var/etc/resolv.conf are there any other files lurking in /etc I should really symlink to /var/etc ? |
|
| Back to top |
|
|
|
Other Things Gentoo
