From owner-freebsd-current@FreeBSD.ORG Sat Nov 3 16:18:58 2012 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 86330427; Sat, 3 Nov 2012 16:18:58 +0000 (UTC) (envelope-from m.e.sanliturk@gmail.com) Received: from mail-vc0-f182.google.com (mail-vc0-f182.google.com [209.85.220.182]) by mx1.freebsd.org (Postfix) with ESMTP id 1B0078FC08; Sat, 3 Nov 2012 16:18:57 +0000 (UTC) Received: by mail-vc0-f182.google.com with SMTP id fw7so6172635vcb.13 for ; Sat, 03 Nov 2012 09:18:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=GROdrpIZVAFFo+61I8ed3ykRxmST8Re5933rUAJ4p3E=; b=hgt5ZtYyu2UX/h3Eb/+ppEROnzNjHx4ob8N3AgHDR2E4dDsspazCMbfmc6iTC52WxX 1WnawHUO2fEiSYzCEoRVAmsCm6EilqbQhD0XBG6buKImiX94Vade1X2TNO2Y7ElobrP9 BwkJ8lVrMEBxGUs2Rddv2yY6UqAW3U/ciS/vrACBfyRjnGaX0U2+w1n6b8I5HdW4WoEU 4pwIBN/aRhL+E7/Ciad58/yNlQw9Yae4Zhxtw/oVcQYm4HGqYayGfMe7Oi/6VNkGwi4O mFxwZqzKcFwnY7PSE/oCp+ttF98lp0wC+0p3zTC4XyarC9LKHvaGdF7XagJiUh9O6gAc oL6w== MIME-Version: 1.0 Received: by 10.52.90.212 with SMTP id by20mr4299578vdb.118.1351959537033; Sat, 03 Nov 2012 09:18:57 -0700 (PDT) Received: by 10.58.218.35 with HTTP; Sat, 3 Nov 2012 09:18:57 -0700 (PDT) In-Reply-To: References: <1167404891.20121103170049@serebryakov.spb.ru> <1351956625.1120.44.camel@revolution.hippie.lan> Date: Sat, 3 Nov 2012 09:18:57 -0700 Message-ID: Subject: Re: FreeBSD as read-only firmware From: Mehmet Erol Sanliturk To: Alexander Yerenkow Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: Ian Lepore , lev@freebsd.org, freebsd-current X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Nov 2012 16:18:58 -0000 On Sat, Nov 3, 2012 at 9:08 AM, Alexander Yerenkow wrote: > Actually in my case, base system image r24243.vmdk, have exactly two > partitions (gpt's freebsd-boot, and roots = freebsd-ufs), and second one is > used only in read-only :) > > For virtual machines approach, base image can be even ISO, which will be > implied RO for system, and upgrade is just switch ISO. > > For real hardware, it can be done with such approach - make two partitions > with fixed size, and when you need upgrade - just `dd` new image to other > partition, mark it as [bootonce] (And if all is ok, as [bootme]), reboot = > and you have new OS very quick, with same configs (except for some LARGE > changes which could happen in /etc and touch your configs), and with same > packages. > > BTW, when you mount /etc-rw union over /etc, when you'll need upgrade, > mergemaster could take less time, less places for errors - since you had to > merge only changed files(which present on /etc-rw). > I think these days with current hw, no one will complain against lost 1Gb > to achieve clean and simple OS upgrade. > > I'm not saying about possible way to shrink it further (no debug, gzip, > etc) - get lesser partition, but still RO, and get ability to make > something dd if=/dev/gpt/rootfs bs=1M | sha256 > > > -- > Regards, > Alexander Yerenkow > I am assuming that ANY SOFTWARE read-only protection , whatever it is , has security vulnerability . Therefore , the first approach should be to provide HARDWARE read only . If this is supplied , the next necessity is that , programs in write-protected part should not attempt to write anything onto write-protected part . Thank you very much . Mehmet Erol Sanliturk