Running with a readonly root partition

Wojciech Puchar wojtek at
Fri Jun 13 18:29:37 UTC 2008

> As devfs is running by default, it seems to me that
> it would be relatively easy to run with a readonly
> root partition, assuming that the directories under
> which writing is necessary (ie; /tmp, /var, /home)
> are located in separate, writable partitions.

> The main advantages are that none of the configuration
> files or binaries in /etc and /usr (which may still

/etc is rather writable - for example when user changes password.

> be on a separate readonly partition) are vulnerable
> and the boot process update to /etc/motd).  Once these
> have been rectified by relocating the files and setting
> up symlinks, there have been no problems.
> My questions are:
> - does anyone else do this?

no that - but i do this on my liveDVD

> - if not, why not?

if you will set securelevel to prevent umounts - it may add much to the 

but - the same time - you'll have to reboot system to change anything!

More information about the freebsd-questions mailing list