[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Root Parition
- To: Jeff Flowers <sikak43@gateway.net>
- Subject: Re: Root Parition
- From: Chuck <chuck+obsd@snew.com>
- Date: Thu, 2 Mar 2000 21:02:40 -0800
- Cc: misc@openbsd.org
- Mail-Followup-To: Jeff Flowers <sikak43@gateway.net>, misc@openbsd.org
- References: <3.0.6.32.20000224172055.00a52740@pilot.msu.edu> <38B5EA0D.A944D578@gateway.net>
The only bump I've run into is that remote logins want to change
the ownership of the tty device (/dev/tty[p-r]N).
I didn't notice this in a month of running root R/O on my
firewall as I only ever log in via console (as root).
Other than that, remarkably little needs to change.
Passwords are moot if you have real security (kerberos and the like).
By the way:
I noticed, in playing with Solaris "8" (SunOS 5.8), that they are
mounting mtab into /etc/ from swap. Seemed a neat idea (/var/run/
and some other things would be better, but they're Sun, so we just
look with pity and wonder why they went to SysV).
Also, RedHat 6.2 has, like many, an nsswitch.conf file. Seems that
if you have a libnssNAME.so in the right dir (I don't recall), then
NAME becomes a valid service. Neat hooks in libc for that. Means
that you can quickly add ldap (or NDS if you can write the routines)
for backending your services. Tres flexible that way.
Quoting Jeff Flowers (sikak43@gateway.net):
> Actually, that's what I want, as I am the only user on my system and I
> do not want any alterations to my setup. I was just curious if there
> would be a problem or gotcha that wouldn't be obivious.
>
> Thanks,
>
> Jeff Flowers
>
> STeve Andre' wrote:
> >
> > You don't want to do that.
> >
> > Consider the /etc directory, which contains mostly read only things, but
> > also some files like /etc/master.passwd which need to be updated when a
> > passwword is changed. Thats the first problem that comes to mind and I'm
> > sure there are more.
> >
> > I recognize the desire to keep things "right", but really, backups do that,
> > and let you recover from disasters so much better.
> >
> > --STeve Andre'
> > andres@msu.edu
> >
> > At 04:07 PM 2/24/2000 -0500, Jeff Flowers wrote:
> > >I have my computer set up the way that I like it and would like to make
> > >the root partition read only.
> > >My A6 partition has slices for / ,/tmp, /usr, /var, /home, and swap, of
> > >course. Is there any problems
> > >with doing this that I should know about before I precede?
> > >
> > >TIA,
> > >
> > >Jeff Flowers