Xubuntu 16.04 with read only root filesystem for SSD disk
----------------------------------------------------------

* example:
    /dev/sda: HDD disk (mechanical disk)
    /dev/sdc: SSD disk (solid state disk)

    /dev/sda2: /home /tmp /var/tmp
    /dev/sda3: swap
    /dev/sdc1: /

* install xubuntu 16.04 in /dev/sdc1.

* mount /dev/sda2 /mnt

* mkdir /mnt/tmp ; chmod 1777 /mnt/tmp

* mkdir /mnt/home ; chmod 0755 /mnt/home

* rsync -av /home/ /mnt/home/

* rm -fr /home/* /tmp/* /tmp/.*  <-- CAUTION!

* mkdir -p /var/mounts/sda2 ; chmod 0755 /var/mounts/sda2

* mkdir -p /var/mounts/mediarw ; chmod 0755 /var/mounts/mediarw

* mkdir -p /var/mounts/mediaro ; chmod 0755 /var/mounts/mediaro

* mkdir -p /var/mounts/mediaro/share1 ; chmod 0755 /var/mounts/mediaro/share1

* /usr/local/bin/readonlyfs

    #!/bin/bash
    ### BEGIN INIT INFO
    # Provides:          readonlyfs
    # Required-Start:
    # Required-Stop:
    # Default-Start:     S
    # Default-Stop:
    # Short-Description: Read only root filesystem.
    # Description:       This script provides a read only root
    #                    filesystem for use xubuntu with solid
    #                    state drives.
    ### END INIT INFO

    PATH=/usr/sbin:/usr/bin:/sbin:/bin

    case "$1" in
        start)
            echo "Starting read only filesystem."

            mount -t tmpfs -o size=1M tmpfs /var/mounts/mediarw
            mount -t aufs -o br=/var/mounts/mediarw=rw:/var/mounts/mediaro=ro -o udba=reval none /media
            chmod 0755 /media

            mount -o noatime /dev/sda2 /var/mounts/sda2
            mount --bind /var/mounts/sda2/home /home
            mount --bind /var/mounts/sda2/tmp /tmp
            mount --bind /var/mounts/sda2/tmp /var/tmp

            mount -t tmpfs -o nosuid,nodev,mode=0755,rw,size=1M,uid=lightdm,gid=lightdm tmpfs /var/lib/lightdm
            mount --bind /var/lib/lightdm /var/lib/lightdm-data

            mount -t tmpfs -o nosuid,nodev,mode=0777,rw,size=8M,uid=root,gid=syslog tmpfs /var/log
            mount --bind /var/log /var/spool
            mount --bind /var/log /var/lib/blueman
            ;;
        stop)
            echo "Stopping read only filesystem."
            ;;
        *)
            echo "Usage: readonlyfs start|stop"
            ;;
    esac
    exit 0

* chmod 744 /usr/local/bin/readonlyfs

* ln -s /usr/local/bin/readonlyfs /etc/init.d/readonlyfs

* ln -s ../init.d/readonlyfs /etc/rcS.d/S99readonlyfs

* update-rc.d readonlyfs disable

* update-rc.d readonlyfs enable

* /etc/fstab
    UUID=<UUID_/dev/sdc1>         /               ext4   ro,noatime,errors=remount-ro    0   0
    UUID=<UUID_/dev/sda3>         none            swap   sw                              0   0
    <NFSSERVER>:/path/to/share1   /media/share1   nfs    _netdev,rw,noauto,user,users,noexec,nosuid,nolock,noatime,nfsvers=3,sec=sys,udp,rsize=32768,wsize=32768  0  0

* /etc/default/grub
    GRUB_TIMEOUT=N
    GRUB_RECORDFAIL_TIMEOUT=$GRUB_TIMEOUT
    update-grub

* /usr/local/bin/remountrw + chmod 744
    mount -o remount,rw /

* /usr/local/bin/remountro + chmod 744
    sync
    sleep 1
    mount -o remount,ro /

* Network Manager: wired connection with fixed IP address:
    "/etc/NetworkManager/system-connections/Wired Connection" + chmod 600

        [ethernet]
        duplex=full
        mac-address=xx:xx:xx:xx:xx:xx

        [connection]
        id=Wired Connection
        uuid=66b010e7-d2b0-4e5a-a2d8-f1d8191a241d
        type=ethernet
        timestamp=1440124541

        [ipv6]
        method=auto
        ip6-privacy=0

        [ipv4]
        method=manual
        dns=<IP_ADDRESS>;
        address1=<IP_ADDRESS>/<MASK 0-30>,<DEFAULT_GATEWAY>
        may-fail=false

* Issues:
    * The guest session not work: /etc/password and /etc/shadow are read only.
    * Lightdm can not remember the last user logged.