Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
What is the best approach for /etc/mtab if root is read-only
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo
View previous topic :: View next topic  
Author Message
jonathan183
Tux's lil' helper
Tux's lil' helper


Joined: 13 Dec 2011
Posts: 76

PostPosted: Sat Feb 22, 2014 3:19 pm    Post subject: What is the best approach for /etc/mtab if root is read-only Reply with quote

Question 1:- how do you set /etc/fstab and /etc/mtab to correctly fsck partitions at boot and update mtab if / is mounted read-only?
Question 2:- apart from /etc/resolv.conf (and possibly /etc/mtab) are there other files I should copy to a read/write partition and symlink from a read-only root?

Some of the background:-
I have been looking at the wiki https://wiki.gentoo.org/wiki/File_System_Security
I'm setting up separate partitions for /usr /var /tmp /home and I'm using mdev as the device manager.
I want to mount / as read-only, but when I do so /etc/mtab is not updated during boot.

First I tried creating /var/etc and moving /etc/mtab to that location and then sym linking /etc/mtab to /var/etc/mtab
the problem is during boot I get the following messages

Code:
 * Checking local filesystems  ...
Gentoo-80GB: clean, 36132/851968 files, 391220/3407616 blocks
ext2fs_check_if_mount: Can't check if filesystem is mounted due to missing mtab file while determining whether /dev/hda6 is mounted.
ext2fs_check_if_mount: Can't check if filesystem is mounted due to missing mtab file while determining whether /dev/hdb7 is mounted.
user-data has been mounted 1 times without being checked, check forced.
user-data-80GB: clean, 371471/2195456 files, 3165845/8763933 blocks
user-data: 95715/5242880 files (9.6% non-contiguous), 18138613/20970841 blocks                                                                                                                                                           
[ ok ] * Remounting filesystems ...                                                                                                                                                                                                             
[ ok ] * Skipping mtab update (mtab is a symbolic link)


I have a user-data partition set to fsck every time it mounts which is being fsck'd, which is hda6 - which is fsck'd after the error message.

I also came across http://www.gentoo-wiki.info/HOWTO_Read-only_root_filesystem but I'm not sure how current the issues are ... but from the wiki archives
Quote:
checkfs

If the method chosen is a link to /proc/mounts, there is no problem.

If the method chosen for mtab is the link to /var/etc/mtab, then /etc/init.d/checkfs won't be able to access mtab and will complain at boot time for systems labelled in /etc/fstab as noauto. For example:

ext2fs_check_if_mount: No such file or directory while determining whether /edv/hdax is mounted

The filesystems for which it cannot guess whether they are mounted or not are precisely those which are not mounted. So the failure of check_if_mount is no problem (see e2fsprogs/e2fsck/unix.c, function check_mount).


which suggests it's an error message I don't need to worry about.

I have also tried creating a symlink to /proc/mounts ... ln -s /proc/mounts /etc/mtab
this works but results in mtab contents being different, from the above wiki archive ...

Quote:
However, in some cases including loop devices, this may not work, because information provided by /proc/mounts are less precise than those in /etc/mtab

What are others doing if they have a read-only root? is there a better approach than above which I should be taking?
Back to top
View user's profile Send private message
eccerr0r
Advocate
Advocate


Joined: 01 Jul 2004
Posts: 3599
Location: USA

PostPosted: Sat Feb 22, 2014 4:14 pm    Post subject: Reply with quote

On my read-write filesystem I have /etc/mtab -> /proc/mounts ... should be fine...
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed to be advocating?
Back to top
View user's profile Send private message
PaulBredbury
Watchman
Watchman


Joined: 14 Jul 2005
Posts: 7310

PostPosted: Sat Feb 22, 2014 4:22 pm    Post subject: Reply with quote

The wiki archives are old info.

I believe the current situation is this: e.g. from systemd's README:
Quote:
systemd will warn you during boot if /etc/mtab is not a symlink to /proc/mounts. Please ensure that /etc/mtab is a proper symlink.


Although systemd's actual code in src/core/main.c is:
Code:
        if (readlink_malloc("/etc/mtab", &p) >= 0) {
                bool b;

                b = streq(p, "/proc/self/mounts") || streq(p, "/proc/mounts");
Back to top
View user's profile Send private message
666threesixes666
Veteran
Veteran


Joined: 31 May 2011
Posts: 1223
Location: 42.68n 85.41w

PostPosted: Sat Feb 22, 2014 6:17 pm    Post subject: Reply with quote

yeah

ln -s /proc/self/mounts /etc/mtab

rc-update del mtab boot
or
rc-update del mtab default

i cant remember which run level mtab init script is at.
_________________
cat /etc/*-release
Funtoo Linux - baselayout 2.2.0
consider this warning no. 1
http://ecx.images-amazon.com/images/I/81Ku-vxIb3L._SL1500_.jpg
http://wiki.gentoo.org/wiki/Special:Contributions/666threesixes666
Back to top
View user's profile Send private message
jonathan183
Tux's lil' helper
Tux's lil' helper


Joined: 13 Dec 2011
Posts: 76

PostPosted: Sun Feb 23, 2014 1:33 am    Post subject: Reply with quote

It sounds like a symlink to /proc/mounts is the way to go with this in my case, I use sudo to mount/umount partitions so user mount is not an issue for me. I also don't tend to use loop so I'm not expecting that to be a major issue for me either.

I was thinking there may have been a suitable way to symlink /etc/mtab to /var/etc/mtab but I guess that would have meant a special case workaround for mounting of /var ...

The other concern I had was somehow managing to run fsck on a mounted partition with potential to trash my data partitions ... replace s with another letter :roll:

btw I have symlink /etc/resolv.conf to /var/etc/resolv.conf are there any other files lurking in /etc I should really symlink to /var/etc ?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum