mirror of
https://bitbucket.org/mangelo/snippets.git
synced 2024-11-22 02:41:00 +02:00
Xubuntu readonly filesystem.
This commit is contained in:
parent
01efc4c6c2
commit
ebe1b09076
@ -11,16 +11,14 @@ Xubuntu 16.04 with read only root filesystem for SSD disk
|
|||||||
|
|
||||||
* install xubuntu 16.04 in /dev/sdc1.
|
* install xubuntu 16.04 in /dev/sdc1.
|
||||||
|
|
||||||
|
* boot with xubuntu 16.04 in /dev/sdc1.
|
||||||
|
|
||||||
* mount /dev/sda2 /mnt
|
* mount /dev/sda2 /mnt
|
||||||
|
|
||||||
* mkdir /mnt/tmp ; chmod 1777 /mnt/tmp
|
* mkdir /mnt/tmp ; chmod 1777 /mnt/tmp
|
||||||
|
|
||||||
* mkdir /mnt/home ; chmod 0755 /mnt/home
|
* mkdir /mnt/home ; chmod 0755 /mnt/home
|
||||||
|
|
||||||
* rsync -av /home/ /mnt/home/
|
|
||||||
|
|
||||||
* rm -fr /home/* /tmp/* /tmp/.* <-- CAUTION!
|
|
||||||
|
|
||||||
* mkdir -p /var/mounts/sda2 ; chmod 0755 /var/mounts/sda2
|
* mkdir -p /var/mounts/sda2 ; chmod 0755 /var/mounts/sda2
|
||||||
|
|
||||||
* mkdir -p /var/mounts/mediarw ; chmod 0755 /var/mounts/mediarw
|
* mkdir -p /var/mounts/mediarw ; chmod 0755 /var/mounts/mediarw
|
||||||
@ -29,66 +27,56 @@ Xubuntu 16.04 with read only root filesystem for SSD disk
|
|||||||
|
|
||||||
* mkdir -p /var/mounts/mediaro/share1 ; chmod 0755 /var/mounts/mediaro/share1
|
* mkdir -p /var/mounts/mediaro/share1 ; chmod 0755 /var/mounts/mediaro/share1
|
||||||
|
|
||||||
* /usr/local/bin/readonlyfs
|
* mkdir -p /var/mounts/log ; chmod 0775 /var/mounts/log ; chown root.syslog /var/mounts/log
|
||||||
|
|
||||||
#!/bin/bash
|
* mkdir -p /var/mounts/lightdm ; chmod 0755 /var/mounts/lightdm ; chown lightdm.lightdm /var/mounts/lightdm
|
||||||
### BEGIN INIT INFO
|
|
||||||
# Provides: readonlyfs
|
|
||||||
# Required-Start:
|
|
||||||
# Required-Stop:
|
|
||||||
# Default-Start: S
|
|
||||||
# Default-Stop:
|
|
||||||
# Short-Description: Read only root filesystem.
|
|
||||||
# Description: This script provides a read only root
|
|
||||||
# filesystem for use xubuntu with solid
|
|
||||||
# state drives.
|
|
||||||
### END INIT INFO
|
|
||||||
|
|
||||||
PATH=/usr/sbin:/usr/bin:/sbin:/bin
|
* rsync -av /home/ /mnt/home/
|
||||||
|
|
||||||
case "$1" in
|
* rm -fr /home/* ; rm -fr /home/.* <-- CAUTION!
|
||||||
start)
|
|
||||||
echo "Starting read only filesystem."
|
|
||||||
|
|
||||||
mount -t tmpfs -o size=1M tmpfs /var/mounts/mediarw
|
* rm -fr /tmp/* ; rm -fr /tmp/.*
|
||||||
mount -t aufs -o br=/var/mounts/mediarw=rw:/var/mounts/mediaro=ro -o udba=reval none /media
|
|
||||||
chmod 0755 /media
|
|
||||||
|
|
||||||
mount -o noatime /dev/sda2 /var/mounts/sda2
|
* rm -fr /var/tmp/* ; rm -fr /var/tmp/.*
|
||||||
mount --bind /var/mounts/sda2/home /home
|
|
||||||
mount --bind /var/mounts/sda2/tmp /tmp
|
|
||||||
mount --bind /var/mounts/sda2/tmp /var/tmp
|
|
||||||
|
|
||||||
mount -t tmpfs -o nosuid,nodev,mode=0755,rw,size=1M,uid=lightdm,gid=lightdm tmpfs /var/lib/lightdm
|
* rm -fr /var/log/* ; rm -fr /var/log/.*
|
||||||
mount --bind /var/lib/lightdm /var/lib/lightdm-data
|
|
||||||
|
|
||||||
mount -t tmpfs -o nosuid,nodev,mode=0777,rw,size=8M,uid=root,gid=syslog tmpfs /var/log
|
* rm -fr /var/spool/* ; rm -fr /var/spool/.*
|
||||||
mount --bind /var/log /var/spool
|
|
||||||
mount --bind /var/log /var/lib/blueman
|
|
||||||
;;
|
|
||||||
stop)
|
|
||||||
echo "Stopping read only filesystem."
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "Usage: readonlyfs start|stop"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
exit 0
|
|
||||||
|
|
||||||
* chmod 744 /usr/local/bin/readonlyfs
|
* rm -fr /var/lib/blueman/* ; rm -fr /var/lib/blueman/.*
|
||||||
|
|
||||||
* ln -s /usr/local/bin/readonlyfs /etc/init.d/readonlyfs
|
* rm -fr /var/lib/lightdm/* ; rm -fr /var/lib/lightdm/.*
|
||||||
|
|
||||||
* ln -s ../init.d/readonlyfs /etc/rcS.d/S99readonlyfs
|
* rm -fr /var/lib/lightdm-data/* ; rm -fr /var/lib/lightdm-data/.*
|
||||||
|
|
||||||
* update-rc.d readonlyfs disable
|
|
||||||
|
|
||||||
* update-rc.d readonlyfs enable
|
|
||||||
|
|
||||||
* /etc/fstab
|
* /etc/fstab
|
||||||
UUID=<UUID_/dev/sdc1> / ext4 ro,noatime,errors=remount-ro 0 0
|
#--- root & swap ---
|
||||||
UUID=<UUID_/dev/sda3> none swap sw 0 0
|
UUID=[UUID-SDC1] / ext4 ro,noatime,errors=remount-ro 0 1
|
||||||
<NFSSERVER>:/path/to/share1 /media/share1 nfs _netdev,rw,noauto,user,users,noexec,nosuid,nolock,noatime,nfsvers=3,sec=sys,udp,rsize=32768,wsize=32768 0 0
|
UUID=[UUID-SDA3] none swap sw 0 0
|
||||||
|
|
||||||
|
#--- home & tmp ---
|
||||||
|
UUID=[UUID-SDA2] /var/mounts/sda2 ext4 rw,noatime,errors=remount-ro,x-systemd.requires=/ 0 1
|
||||||
|
/var/mounts/sda2/home /home none bind,x-systemd.requires=/var/mounts/sda2 0 0
|
||||||
|
/var/mounts/sda2/tmp /tmp none bind,x-systemd.requires=/var/mounts/sda2 0 0
|
||||||
|
/var/mounts/sda2/tmp /var/tmp none bind,x-systemd.requires=/var/mounts/sda2 0 0
|
||||||
|
|
||||||
|
#--- logs ---
|
||||||
|
tmpfs /var/mounts/log tmpfs rw,nosuid,nodev,noatime,mode=0777,size=8M,uid=root,gid=syslog,x-systemd.requires=/ 0 0
|
||||||
|
/var/mounts/log /var/log none bind,x-systemd.requires=/var/mounts/log 0 0
|
||||||
|
/var/mounts/log /var/spool none bind,x-systemd.requires=/var/mounts/log 0 0
|
||||||
|
/var/mounts/log /var/lib/blueman none bind,x-systemd.requires=/var/mounts/log 0 0
|
||||||
|
|
||||||
|
#--- lightdm ---
|
||||||
|
tmpfs /var/mounts/lightdm tmpfs rw,nosuid,nodev,noatime,mode=0755,size=1M,uid=lightdm,gid=lightdm,x-systemd.requires=/ 0 0
|
||||||
|
/var/mounts/lightdm /var/lib/lightdm none bind,x-systemd.requires=/var/mounts/lightdm 0 0
|
||||||
|
/var/mounts/lightdm /var/lib/lightdm-data none bind,x-systemd.requires=/var/mounts/lightdm 0 0
|
||||||
|
|
||||||
|
#--- media ---
|
||||||
|
tmpfs /var/mounts/mediarw tmpfs rw,nosuid,nodev,noatime,mode=0755,size=1M,uid=root,gid=root,x-systemd.requires=/ 0 0
|
||||||
|
aufs /media aufs rw,noatime,br=/var/mounts/mediarw=rw:/var/mounts/mediaro=ro,udba=reval,x-systemd.requires=/var/mounts/mediarw 0 0
|
||||||
|
|
||||||
|
#--- shares ---
|
||||||
|
[NFSSERVER]:/path/to/nfs/share1 /media/share1 nfs _netdev,rw,noauto,user,users,noexec,nosuid,nolock,noatime,nfsvers=3,sec=sys,udp,rsize=32768,wsize=32768 0 0
|
||||||
|
|
||||||
* /etc/default/grub
|
* /etc/default/grub
|
||||||
GRUB_TIMEOUT=N
|
GRUB_TIMEOUT=N
|
||||||
|
Loading…
Reference in New Issue
Block a user