#3581 NORM Untriag: Base Filesystem should be read-only.
Zarro Boogs per Child
bugtracker at laptop.org
Tue Sep 18 18:58:54 EDT 2007
#3581: Base Filesystem should be read-only.
--------------------+-------------------------------------------------------
Reporter: cscott | Owner: jg
Type: defect | Status: new
Priority: normal | Milestone: Untriaged
Component: distro | Version:
Keywords: | Verified: 0
--------------------+-------------------------------------------------------
We currently write a number of files in the base filesystem. For a number
of reasons, we'd like to reduce this number -- writable files should live
in /home/olpc, /security, or a tmpfs.
This bug will track efforts to reduce the number of writable files in the
base os. The current list of files written is:
/dev/.in_sysinit
/etc/X11/xorg.conf
/etc/ssh/ssh_host_rsa_key.pub
/etc/ssh/ssh_host_key.pub
/etc/ssh/ssh_host_key
/etc/ssh/ssh_host_dsa_key.pub
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
/etc/alsa/asound.state
/etc/mtab
/etc/dhclient.conf
/etc/avahi/etc/localtime
/etc/hosts
/etc/sysconfig/i18n
/etc/resolv.conf
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/fs/fat/fat.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/fs/vfat/vfat.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/net/ieee80211/ieee80211_crypt.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/net/ieee80211/ieee80211.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/drivers/i2c
/i2c-dev.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/drivers/net/wireless/libertas/libertas.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/drivers/net/wireless/libertas/usb8xxx.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/drivers/char/cs5535_gpio.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/drivers/scsi/sg.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/drivers/input/mouse/psmouse.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/drivers/input/serio/serio_raw.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/drivers/input/mousedev.ko
/lib/modules/2.6.22-20070828.4.olpc.e009125a2683ebc/kernel/drivers/input/joydev.ko
/var/lib/dbus/machine-id
/var/lib/random-seed
/var/log/wtmp
/var/run/utmp
/var/cache/hald/fdi-cache
/var/empty/sshd/etc/localtime
/root/.bash_history
/.olpc-configured
/.autofsck
Some of these are not part of 'stateless' because they are written to by
creating a new file and mv'ing it on top of the old file; this procedure
doesn't work if the file is bind-mounted.
Notable entries above:
- sshd should create its keys in /security, if it creates them at all.
- we shouldn't need to write xorg.conf on first boot -- let's install the
XO version, and only write a new one if on an emulator, if at all.
- why the heck are we writing (or possible 'touch'ing) the kernel's
modules? Maybe depmod is doing this?
- random-seed should live in /security, or be dropped (since we've got a
real hardware RNG)
--
Ticket URL: <https://dev.laptop.org/ticket/3581>
One Laptop Per Child <https://dev.laptop.org>
OLPC bug tracking system
More information about the Bugs
mailing list