On Thu, Feb 24, 2011 at 02:25:26PM +0100, Lennart Poettering wrote: > > snapshotted every time we perform a package/admin operation (and > > perhaps also just on regular intervals for good measure), what would > > we then gain by adding a read-only rootfs to the mix? > Security, robustness: you can be sure that nothing tempers with your > basic OS tree and it is always in a defined state, unless put in a > specific "admin mode", where the image may be changed/administered, > i.e. / is remounted rw. It'd be nice to support a separate /usr in this case as well, because changes to /etc are usually a different use-case than changes to /usr -- the former is administrator configuration actions, and the latter almost exclusively package updates, installations, or removals. (Installing packages may or may not also entail changes to /etc, of course.) -- Matthew Miller <mattdm@xxxxxxxxxx> Senior Systems Architect -- Instructional & Research Computing Services Harvard School of Engineering & Applied Sciences -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
