Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 27 Feb 2002 18:23:31 -0500
From:      "Clark C . Evans" <cce@clarkevans.com>
To:        freebsd-hackers@FreeBSD.ORG
Subject:   read-only CD-ROM boot partition for vinum webfarm?
Message-ID:  <20020227182331.C17592@doublegemini.com>
next in thread | raw e-mail | index | archive | help 
Hello.  I was wondering if it is possible to make a read-only
boot partition (core kernel, static configuration, and /usr)
for a web-farm application.   I've posted this question to the
freebsd-small list as well and will try to solicit comments 
there as it seems that is the most appropriate list.  Thus 
far these are some of the challenges outlined on the freebsd-users@uk
list...

It sounds like the predictable outstanding issues are
(thanks to Paul and Jeff)...

 - /etc/motd gets updated at boot time, but you can turn
   that off in rc.conf

 - if you are using /etc/fbtab then /dev/console won't update,
   there may be other /dev issues  (tty files)

 - if you are using DHCP then dhclient will want to update
   /etc/resolv.conf

Kind Regards,

Clark

---
To: freebsd-small@FreeBSD.ORG
Subject: read-only CD-ROM boot partition for webfarm?

Hello.  I'm building a webfarm and other than the apache 
configuration and webpages, the core operating system and 
/usr partition is/should-be relatively static (scp used to 
update stuff in a /data partition).  I'm using vinum to 
mirror /data.

How hard would it be to make a bootable CD-ROM image with 
everything on it except the data, log-files, etc?  

This would have three advantages for me:

  - Vinum doesn't protect the boot partition since
    it is a kernel level module.

  - Having a true read-only file system really would
    make it hard for crackers.

  - Updating boxes on the webfarm could be as simple
    as swapping a new CD-ROM!

Thoughts?

Clark




----- End forwarded message -----

-- 
Clark C. Evans                   Axista, Inc.
http://www.axista.com            800.926.5525
XCOLLA Collaborative Project Management Software

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020227182331.C17592>