Once upon a time, Havoc Pennington <hp@xxxxxxxxxx> said: > A possibly related discussion; we've been wondering if we can make the > OS image read-only (mounting it that way, or via selinux). I run with /usr read-only already, and if I didn't have users in /etc/passwd I could mount / read-only. > Then have /tmp and probably /var in RAM (or wiped on boot), and have > home directories and server/app data such as web pages to be served on > network mounts. /var needs to continue across reboots, as that is where logs are (and not everything can do network logging, nor do you want to log to an NFS mount). I don't see you being able to get away from having some local writable storage. -- Chris Adams <cmadams@xxxxxxxxxx> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
