From owner-freebsd-questions Thu Aug 3 15:44: 7 2000 Delivered-To: freebsd-questions@freebsd.org Received: from camelot.bitart.com (BITart-45.BITart.com [206.103.221.45]) by hub.freebsd.org (Postfix) with SMTP id 01C5437B5D6 for ; Thu, 3 Aug 2000 15:44:04 -0700 (PDT) (envelope-from gerti@bitart.com) Received: (qmail 11172 invoked by uid 101); 3 Aug 2000 22:44:07 -0000 Message-ID: <20000803224407.11171.qmail@camelot.bitart.com> Content-Type: text/plain MIME-Version: 1.0 (NeXT Mail 4.2mach v148) X-Nextstep-Mailer: Mail 4.2mach (Enhance 2.2p1) Received: by NeXT.Mailer (1.148) From: Gerd Knops Date: Thu, 3 Aug 2000 17:44:07 -0500 To: freebsd-questions@freebsd.org Subject: Hardening system via RO filesystems? Reply-To: gerti-freebsdq@BITart.com Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, I have a lot of FreeBSD systems in the field that frequently experience power outages do to a variety of reasons that can't be easily fixed with a UPS and auto-shutdown etc. My goal is to keep those systems remotely accessible at all times. But sometimes a 'hard down' causes file system corruption that requires a manual fsck run. Now I have encapsulated the 'work' partition by actually mounting it via a fault tolerant rc script that notifies me if it wasn't able to fsck or mount the partition. That leaves the system partitions. Would the following schema be advisable, and did anyone experiment with it: a) system uses 3 partitions: /, /usr, /var b) During normal operation, only var is mounted RW, / and /usr are mounted RO c) rc is modified to run a 'fsck -y' on the /var partition when needed I realize that this could cause data loss on /var, but I'd rather loose some log files than the ability to remotely access the system. Comments anyone? And am I correct to assume that a RO mounted FS is not marked 'dirty'? Thanke and regards Gerd To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message