Date: Mon, 28 Sep 1998 09:11:06 -0400 (EDT) From: David Gilbert <dgilbert@velocet.net> To: Don Lewis <Don.Lewis@tsc.tdk.com> Cc: Anton Voronin <anton@urc.ac.ru>, Allen Smith <easmith@beatrice.rutgers.edu>, freebsd-security@FreeBSD.ORG Subject: Re: Booting from NT ? Message-ID: <199809281311.JAA15301@trooper.velocet.ca> In-Reply-To: <199809280933.CAA03313@salsa.gv.tsc.tdk.com> References: <anton@urc.ac.ru> <199809280933.CAA03313@salsa.gv.tsc.tdk.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Don" == Don Lewis <Don.Lewis@tsc.tdk.com> writes: Don> On Sep 28, 2:36pm, Anton Voronin wrote: } Subject: Re: Booting Don> from NT ? } Allen Smith wrote: } } > Question... what does Don> happen if one has a R/O root filesystem, } > including /dev, Don> without DEVFS? I'm constructing a firewall computer } > with a Don> (switchable - a nice facility of some Seagate drives) hard } > Don> drive for root, a second writeable drive for /var and swap, and a Don> /tmp } > MFS. What problems am I likely to run into with /dev? Don> I'd really } > prefer not to have it as a symlink to /var/dev or Don> some such... Don> } It needs to write /dev/console but it does this before mounting Don> according to } fstab. If you protect your hard drive it probably Don> won't work. Try to just } mount it with -ro option. Don> That should not be a problem. You should be able to write to Don> /dev/console or /dev/null even with a physically write-protected Don> disk, because writes to these devices don't require changing any Don> of the bits on the disk. Don> Just be sure to mount the filesystem read-only as well, otherwise Don> the kernel will get upset when it tries to update the mtime on Don> these devices and can't because the disk is write-protected. I was trying this using a bootable CDROM. The kernel hangs just before kicking off /etc/rc. My initial attempt has been with a standard install of 2.2.6 (was a month or two ago). Not that this is different to how the install boots from the cdrom. It has a writable RAM mounted root partition... preloaded inside the compressed kernel. Dave. -- ============================================================================ |David Gilbert, Velocet Communications. | Two things can only be | |Mail: dgilbert@velocet.net | equal if and only if they | |http://www.velocet.net/~dgilbert | are precisely opposite. | =========================================================GLO================ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809281311.JAA15301>