On Wed, 2004-03-31 at 15:38, Havoc Pennington wrote: > Hi, > > A possibly related discussion; we've been wondering if we can make the > OS image read-only (mounting it that way, or via selinux). > > Then have /tmp and probably /var in RAM (or wiped on boot), and have > home directories and server/app data such as web pages to be served on > network mounts. > > This allows you to maintain the OS image in a central location and the > homedirs and server/app data in central locations, and have a single > network-wide master copy of all important state. > > Any filesystem rearrangement probably impacts this plan (some > rearrangement may be needed for this plan). You need to talk to the kernel guys to get this workable. The file /etc/mtab will bite you. Having it be a symlink to /proc/mounts is not sufficient. The /etc/mtab file is where the mount options are stored. This is something that /proc/mounts doesn't have (other than rw/ro). Additionally, /proc/mounts has non-meaningful entries like: rootfs / rootfs rw 0 0 /dev/root / ext3 rw 0 0 It would be nice to get this fixed (incidentally Solaris does this correctly). Go bug Al Viro :) Dax Kelson Guru Labs
