Date: Thu, 3 Aug 2000 17:44:07 -0500 From: Gerd Knops <gerti@bitart.com> To: freebsd-questions@freebsd.org Subject: Hardening system via RO filesystems? Message-ID: <20000803224407.11171.qmail@camelot.bitart.com>
next in thread | raw e-mail | index | archive | help
Hi, I have a lot of FreeBSD systems in the field that frequently experience power outages do to a variety of reasons that can't be easily fixed with a UPS and auto-shutdown etc. My goal is to keep those systems remotely accessible at all times. But sometimes a 'hard down' causes file system corruption that requires a manual fsck run. Now I have encapsulated the 'work' partition by actually mounting it via a fault tolerant rc script that notifies me if it wasn't able to fsck or mount the partition. That leaves the system partitions. Would the following schema be advisable, and did anyone experiment with it: a) system uses 3 partitions: /, /usr, /var b) During normal operation, only var is mounted RW, / and /usr are mounted RO c) rc is modified to run a 'fsck -y' on the /var partition when needed I realize that this could cause data loss on /var, but I'd rather loose some log files than the ability to remotely access the system. Comments anyone? And am I correct to assume that a RO mounted FS is not marked 'dirty'? Thanke and regards Gerd To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000803224407.11171.qmail>