RE: Read Only File System

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Yes, you can mark certain files as append only using chattr, but this does 
not stop them being deleted by root as quite simply, root can do anything.

What it sounds like you need is a printer that syslog messages or the like 
are streamed to.

Unless of course physical access to the box is an issue as well in which 
case you are pretty much out of options..

You may want to look into putting a box in with DOS 6.x or the like, 
connected via a serial cable only and a log daemon that takes log 
messages from the serial port and writes them to a file. You may find that 
there is a syslog type daemon out there that will stream output to a 
serial port and then you can collect this on the DOS machine and you end 
up with a reasonably secure logging box.

You may end up having to write some software yourself to do this, but may 
find that there is already something out there on the net to do something 
similar.


-- 
Steve.


On Tue, 8 Jun 2004, Nathaniel Hall wrote:

> Ok, building on that, is there anyway to make an append only file system and
> make it where root cannot change or delete anything in the logs?
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~
> Nathaniel Hall
> Intrusion Detection and Firewall Technician
> Ozarks Technical Community College -- Office of Computer Networking
> 417-799-0552
> 
> 
> -----Original Message-----
> From: Henry Axelrod [mailto:AxelrodH@xxxxxxxxxxxx] 
> Sent: Tuesday, June 08, 2004 3:03 PM
> To: halln@xxxxxxx; redhat-list@xxxxxxxxxx
> Subject: Re: Read Only File System
> 
> You can do this by creating a sepreate partition or drive to mount for
> that fs. When you add the entry to /etc/fstab you can place "ro" in the
> options column. For Example:
> 
> LABEL=/home     /home      ext3     ro    1 1
> 
> The preceding line will mount the home directory as read only. You will
> of course have to remeber to label the partition as /home. You will also
> probably want to add more options then just read only. This is just an
> example.  
> 
> >>> halln@xxxxxxx 6/8/2004 3:44:25 PM >>>
> I am working a creating a remote log server using RedHat Advanced
> Server 3.
> I would like to be able to make an entire file system read only where
> root
> can't even change the contents.  Does anybody know of a way to do
> this?
> 
>  
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Nathaniel Hall
> 
> Intrusion Detection and Firewall Technician
> 
> Ozarks Technical Community College -- Office of Computer Networking
> 
> 417-799-0552
> 
>  
> 
> 


-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux