Subject: Re: abusing mfs to make read-only
To: matthew sporleder <msporleder@gmail.com>
From: Steven M. Bellovin <smb@cs.columbia.edu>
List: tech-embed
Date: 05/07/2007 23:48:54
On Mon, 7 May 2007 23:29:07 -0400
"matthew sporleder" <msporleder@gmail.com> wrote:
> In an effort to save my CF card some writes, I added this to my fstab:
> /dev/wd0b /var/run mfs rw,-s1m 0 0
> /dev/wd0b /var/log mfs rw,-s10m 0 0
>
> (I would use tmpfs, but this is 3.1)
>
> and then modified /etc/rc.d/syslogd like so: (in syslogd_precmd())
> # Touch files in syslog.conf -- MSPO
> if [ -f /etc/syslog.conf ]; then
> awk '{ if (($2 ~ /^\/var/) && ($0 !~ /^#/))
> { system("touch " $2 ); } }' /etc/syslog.conf
> fi
> # END MSPO
> return 0
>
> This should boot and read from the CF card like normal (I'm not using
> a crunchgen here) and then set the only places I write to be in
> memory.
>
> Can anyone think of another place writes might happen?
>
/dev, for device accesses?
I have all of /var on mfs, because of things like dhcpd refreshes. I
should, I suppose, copy those files to the real dhcpd.leases file.
In fact, I use the following script I found in a how-to:
#!/bin/sh
#
# mount_mfs_fs: mount memory file system /var and /dev
# by roby, 23 jun 2003
# PROVIDE: mount_mfs_fs
# REQUIRE: root
$_rc_subr_loaded . /etc/rc.subr
name="mount_mfs_fs"
start_cmd="mount_mfs_fs_start"
stop_cmd=":"
mount_mfs_fs_start()
{
# Mount /dev fs
#
#X echo "Mounting memory file system: /dev:"
#X mount /dev
#
# build device files
#X (cd /dev && /MAKEDEV all)
# Mount /var fs
#
echo "Mounting memory file system: /var:"
mount /var
#
# build dir/files in var
cd /
tar -xzpf /var-image.tar.gz -C /
echo "Mounting memory file systems: Done."
}
load_rc_config $name
run_rc_command "$1"