| blob | 270980ecc1c70f4ab6c75f275a5d0a56fe1f5041 |
1 TITLE: How to handle /etc/mtab on a read-only root partition
2 LFS VERSION: LFS CVS 2003-02-03 (pre LFS 4.1) and above
3 AUTHOR: Oliver Brakmann <obrakmann@gmx.net>
5 LAST CHANGES: 2003-02-27: forked from the original (now obsolete) mtab hint
7 SYNOPSIS:
8 A Linux system uses /etc/mtab to record which filesystems are
9 mounted. For this to work, that file has to reside on a writeable
10 partition. If, for some reason, you want your root partition
11 read-only, you have to take certain actions with regard to
12 /etc/mtab. This hint tells you what to do.
14 HINT:
16 Disclaimer: I take no responsibility whatsoever for any damage done to your
17 computer. Be careful doing this, you might badly screw your system.
19 OK, so we want to have a read-only root partition, but /etc/mtab
20 needs to be writeable. The simple solution is to put /etc/mtab
21 somewhere else! I will use /var/lib/misc/mtab in this hint, as
22 that is the most logical place as I read the FHS. The downside to
23 this approach is that you have to recompile glibc, util-linux and
24 possibly other software packages. To be compatible with scripts
25 and other (broken) pieces of software, we re-create /etc/mtab as a
26 link to our new mtab file.
28 Enough introduction, now we'll get our hands dirty:
30 1. Switch to single-user mode
32 # telinit 1
34 2. Remount / read-write
36 # mount -o remount,rw /
38 3. Rebuild glibc with the following patch applied:
39 (or just do the change by hand, which is probably faster *g*)
41 Please note that this patch works with both glibc 2.2.5 and 2.3.1.
43 ,---[ glibc.mtab-patch ]--------------->8--------------------------------------
44 diff -Naur glibc-2.2.5/sysdeps/unix/sysv/linux/paths.h.orig glibc-2.2.5/sysdeps/unix/sysv/linux/paths.h
45 --- glibc-2.2.5/sysdeps/unix/sysv/linux/paths.h.orig 2000-11-16 00:06:47.000000000 +0100
46 +++ glibc-2.2.5/sysdeps/unix/sysv/linux/paths.h 2003-01-02 13:37:12.000000000 +0100
47 @@ -51,7 +51,7 @@
48 #define _PATH_MAN "/usr/share/man"
49 #define _PATH_MEM "/dev/mem"
50 #define _PATH_MNTTAB "/etc/fstab"
51 -#define _PATH_MOUNTED "/etc/mtab"
52 +#define _PATH_MOUNTED "/var/lib/misc/mtab"
53 #define _PATH_NOLOGIN "/etc/nologin"
54 #define _PATH_PRESERVE "/var/lib"
55 #define _PATH_RWHODIR "/var/spool/rwho"
56 `-------------------------------------->8--------------------------------------
58 Look up the installation instructions for glibc in the LFS Book.
60 This patch makes newly compiled programs look for the mtab file
61 in /var/lib/misc/mtab.
63 4. Rebuild util-linux so that mount, umount and friends are
64 aware of mtab's new location. There are no patches required,
65 just look up the instructions in the LFS Book.
67 Other packages you might want to rebuild are the GNU fileutils
68 (df) and other programs that might access /etc/mtab. As long as
69 these programs do not write to that file, it is not absolutely
70 required, though. That is why we will set up that symlink.
72 5. Move /etc/mtab to /var/lib/misc/mtab, re-create /etc/mtab as a
73 link to /var/lib/misc/mtab (for compatibility reasons) and
74 unmount /var.
76 # mv /etc/mtab /var/lib/misc/
77 # chown root:root /var/lib/misc/mtab
78 # chown 644 /var/lib/misc/mtab
79 # ln -s ../var/lib/misc/mtab /etc/mtab
80 # umount -n /var
82 5. Create /var/lib/misc/mtab _on your root partition_. This file
83 should contain only two (or three) lines listing your root
84 partition mounted read-only, /proc, and /dev if you use devfs.
85 On my system, using devfs, it looked like this:
87 # mkdir -p /var/lib/misc
88 # cat > /var/lib/misc/mtab <<EOF
89 >/dev/discs/disc0/part2 / ext3 ro 0 0
90 >proc /proc proc rw 0 0
91 >devfs /dev devfs rw 0 0
92 >EOF
93 # chown root:root /var/lib/misc/mtab
94 # chmod 644 /var/lib/misc/mtab
96 Substitute your root device and file system according to your setup.
98 After you created that file, mount /var again:
100 # mount -n /var
102 6. Now you have to modify your init scripts so that they basically
103 do this:
105 1. mount -n /proc # this is in /etc/rc.d/init.d/mountproc
106 2. fsck # this is in /etc/rc.d/init.d/checkfs
107 3. mount -n /var # so that /var/lib/misc/mtab shows up
108 4. > /var/lib/misc/mtab # clear /var/lib/misc/mtab
109 5. mount -f / # update mtab with the already
110 6. mount -f /proc # mounted partitions.
111 7. mount -f /var #
112 8. mount -a # mount all remaining partitions
114 lfs-bootscripts-1.11 already does the first two steps correctly,
115 so you only need to change /etc/rc.d/init.d/mountfs:
117 ,---[ /etc/rc.d/init.d/mountfs ]------->8--------------------------------------
118 # Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
120 source /etc/sysconfig/rc
121 source $rc_functions
123 case "$1" in
124 start)
125 # Uncomment the following three lines if you do not have
126 # a read only root filesystem.
128 # echo "Remounting root file system in read-write mode..."
129 # mount -n -o remount,rw /
130 # evaluate_retval
132 echo "Recording existing mounts in /var/lib/misc/mtab..."
133 mount -n /var &&
134 > /var/lib/misc/mtab &&
135 mount -f / && mount -f /proc && mount -f /var
136 # add /dev above if you use devfs
137 evaluate_retval
139 # The following mount command will mount all file systems.
140 # If you have other (network based) file system that should
141 # not be or cannot be mounted at this time, add them to the
142 # NO_FS variable below. All file systems that are added to
143 # the variable in the form of no<filesystem> will be skipped.
145 NO_FS="nonfs,nosmbfs,noproc"
146 echo "Mounting remaining file systems..."
147 mount -a -t $NO_FS
148 evaluate_retval
149 ;;
151 [...remainder of the script omitted...]
152 `-------------------------------------->8--------------------------------------
154 If you use another set of init scripts, you are surely competent
155 enough to know how to implement these changes in your scripts.
157 7. Modify your /etc/fstab so that /proc and /var do not get mounted by
158 mount -a:
160 /dev/discs/disc0/part7 /var xfs noauto 0 0
161 proc /proc proc noauto 0 0
163 The important part here is the `noauto' keyword.
164 This is, again, what it looks like on my system. Change it
165 so that it fits your system.
166 Note that with the lfs-bootscripts, /proc does not really need
167 the `noauto' option. I'd recommend it, though.
169 10. You can now remount / read-only, since we are not changing any more
170 files.
172 # mount -n -o remount,ro /
174 11. If you have not unmounted any partitions other than /var during
175 the process, all those listed in /etc/fstab should still be
176 mounted. Check out /proc/mounts and be sure that it reports the
177 same mounted partitions as /var/lib/misc/mtab.
179 12. Finally done! You can telinit back to your favourite run-level now.
183 CONCLUSION
184 ==========
186 Credits are due to Seth W. Klein for teaching me through the process in the
187 first place and further corrections and suggestions. Also thanks to DJ Lucas,
188 Jesse Tie-Ten-Quee, Richard Lightman and Wouter Vanwalleghem for additional
189 feedback.
191 If you have any questions, comments or suggestions regarding this hint, write
192 to me at <obrakmann@gmx.net> or to the blfs-support mailing list.
194 I hope this helps some people out there.
196 Oliver Brakmann