switching from linux to freebsd

Erik Nørgaard norgaard at locolomo.org
Tue Aug 1 15:26:42 UTC 2006

Freminlins wrote:
> On 01/08/06, *Erik Norgaard* <norgaard at locolomo.org
> <mailto:norgaard at locolomo.org>> wrote:
>     you may
>     even want to mount it read-only for security. (I think these are good
>     advises on any system).
> I used to agree with this (specifically the mantra was "mount /usr read
> only") - until I tried to patch anything! Then it's useless.

You usually don't patch up your system everyday. Remount rw do the
patching and remount ro. The problem is more that some 3rd party
applications assume that /usr is writeable. I found the problem more
annoying with / whenever I need to change some system file.

However, most important is to have /tmp on a separate partition. Then
there will only be few writes on /.

> What you end up with is a machine which in which the base install is
> more secure, but all your data isn't. The base install is the one thing
> I know I can get back (i.e. reinstall) in 5 minutes. The data I cannot.

I think it is very valuable to get the system up so I can rescue my
data. Having base system go down along with my data doesn't seem to have
any clear advantages.

Mounting / and/or /usr ro will get your systems up faster and that
seemed to be the issue.

Cheers, Erik
Ph: +34.666334818                      web: http://www.locolomo.org
X.509 Certificate: http://www.locolomo.org/crt/8D03551FFCE04F0C.crt
Key ID: 69:79:B8:2C:E3:8F:E7:BE:5D:C3:C3:B1:74:62:B8:3F:9F:1F:69:B9
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4128 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20060801/0feafa46/smime.bin

More information about the freebsd-questions mailing list