How-to: Raspbian read-only root-fs

Revision for “How-to: Raspbian read-only root-fs” created on December 13, 2014 @ 21:39:27

Title
How-to: Raspbian read-only root-fs
Content
The following instructions will convert your Raspbian to R/O <em>Source: <a href="http://blog.gegg.us/2014/03/a-raspbian-read-only-root-fs-howto/">http://blog.gegg.us/2014/03/a-raspbian-read-only-root-fs-howto/</a> </em> &nbsp; <strong>Remove some stuff which is not needed or unsuitable for readonly operation:</strong> <pre>sudo su apt-get remove --purge  logrotate dphys-swapfile apt-get autoremove --purge</pre> <strong>Install busybox syslog instead of rsyslog:</strong> The reason for doing this is because we do not want logfiles, but we want to be able to do some debugging (read logfiles). busybox-syslogd does not write logfiles but logs to a ring-buffer in memory which can be displayed using the logread command: <pre>apt-get install busybox-syslogd dpkg --purge rsyslog</pre> The following steps are important, because we do not want any filesystem checks on our headless system at all! Comment <span style="color: #ff0000;"><strong>do_start</strong></span> in /etc/init.d/checkroot.sh Comment <span style="color: #ff0000;"><strong>do_start</strong></span> in /etc/init.d/checkfs.sh <pre>... case "$1" in start|"") #<span style="color: #ff0000;"><strong>do_start</strong></span> ;; restart|reload|force-reload) echo "Error: argument '$1' not supported" &gt;&amp;2 exit 3 ;; stop) # No-op ;; *) echo "Usage: checkfs.sh [start|stop]" &gt;&amp;2 exit 3 ;; esac ... </pre> Comment the <span style="color: #ff0000;"><strong>highlighted o</strong><strong>perations</strong></span> in /etc/init.d/checkroot-bootclean.sh <pre>... case "$1" in start|"") # Clean /tmp, /lib/init/rw, /run and /run/lock. Remove the # .clean files to force initial cleaning. This is intended # to # allow cleaning of directories masked by mounts while the # system was previously running, which would otherwise # prevent # them being cleaned. <strong><span style="color: #ff0000;">#rm -f /tmp/.clean /lib/init/rw/.clean /run/.clean /run/lock/.clean</span></strong> <strong><span style="color: #ff0000;">#clean_all</span></strong> exit $? ;; restart|reload|force-reload) echo "Error: argument '$1' not supported" &gt;&amp;2 exit 3 ;; stop) # No-op ;; *) echo "Usage: checkroot-bootclean.sh [start|stop]" &gt;&amp;2 exit 3 ;; esac ... </pre> Comment <strong><span style="color: #ff0000;">swaponagain ‘swapfile’</span></strong> in /etc/init.d/mountall.sh Remove a couple of startup scripts: <pre>insserv -r bootlogs insserv -r fake-hwclock </pre> Change /etc/fstab as follows: <pre>proc /proc proc defaults 0 0 /dev/mmcblk0p1 /boot vfat defaults,ro 0 2 /dev/mmcblk0p2 / ext4 defaults,ro 0 1 tmpfs /tmp tmpfs defaults 0 0 </pre> append <span style="color: #ff0000;"><strong>ro</strong> </span>in /boot/cmdline.txt: ... elevator=deadline rootwait <span style="color: #ff0000;"><strong>ro</strong></span> Make dhclient write its leases file to /tmp instead of /var/lib/dhcp/: <pre>rm -rf /var/lib/dhcp/ ln -s /tmp /var/lib/dhcp </pre> That's it! To quickly flip back to R/W mode, lets create a script: <pre>sudo nano /usr/local/bin/rw</pre> With the following content: <pre>#!/usr/bin/env bash sudo mount / -o remount,rw </pre> Make it executable: <pre>chmod +x /usr/local/bin/rw</pre> ..and another one to flip it back to r/o mode <pre>sudo nano /usr/local/bin/ro </pre> With the following content: <pre>#!/usr/bin/env bash sudo mount / -o remount,ro </pre> Make it executable: <pre>chmod +x /usr/local/bin/ro </pre> To switch to R/W mode just type "rw", go back to R/O y typing in "ro"
Excerpt


OldNewDate CreatedAuthorActions
December 13, 2014 @ 21:39:27 Martin