Yes, but the system mountes them from root so if we have corrupted root,
the system will not boot.
On 18.05.2011 1:09, Stacy W. Smith wrote:
That's probably not worth the hassle. The operating system is already mounted
as a set of read-only memory-disk file systems from ISO images embedded within
the install package. In addition, the verified-exec functionality will only
allow Juniper-signed binaries to be executed.
--Stacy
lab@mxC-1> show system storage
Filesystem Size Used Avail Capacity Mounted on
/dev/da0s1a 885M 141M 673M 17% /
devfs 1.0K 1.0K 0B 100% /dev
/dev/md0 43M 43M 0B 100%
/packages/mnt/jbase
/dev/md1 231M 231M 0B 100%
/packages/mnt/jkernel-ppc-10.3R1.9
/dev/md2 15M 15M 0B 100%
/packages/mnt/jpfe-MX80-10.3R1.9
/dev/md3 6.4M 6.4M 0B 100%
/packages/mnt/jdocs-10.3R1.9
/dev/md4 72M 72M 0B 100%
/packages/mnt/jroute-ppc-10.3R1.9
/dev/md5 18M 18M 0B 100%
/packages/mnt/jcrypto-ppc-10.3R1.9
/dev/md6 2.8G 8.0K 2.6G 0% /tmp
/dev/md7 2.8G 4.3M 2.6G 0% /mfs
/dev/da0s1e 98M 14K 90M 0% /config
procfs 4.0K 4.0K 0B 100% /proc
/dev/da1s1f 2.8G 279M 2.3G 11% /var
lab@mxC-1> start shell
% mount
/dev/da0s1a on / (ufs, local, noatime)
devfs on /dev (devfs, local)
/dev/md0 on /packages/mnt/jbase (cd9660, local, noatime, read-only, verified)
/dev/md1 on /packages/mnt/jkernel-ppc-10.3R1.9 (cd9660, local, noatime,
read-only, verified)
/dev/md2 on /packages/mnt/jpfe-MX80-10.3R1.9 (cd9660, local, noatime, read-only)
/dev/md3 on /packages/mnt/jdocs-10.3R1.9 (cd9660, local, noatime, read-only,
verified)
/dev/md4 on /packages/mnt/jroute-ppc-10.3R1.9 (cd9660, local, noatime,
read-only, verified)
/dev/md5 on /packages/mnt/jcrypto-ppc-10.3R1.9 (cd9660, local, noatime,
read-only, verified)
/dev/md6 on /tmp (ufs, local, noatime, soft-updates)
/dev/md7 on /mfs (ufs, local, noatime, soft-updates)
/dev/da0s1e on /config (ufs, local, noatime)
procfs on /proc (procfs, local, noatime)
/dev/da1s1f on /var (ufs, local, noatime)
On May 17, 2011, at 1:43 PM, Tima Maryin wrote:
Did anyone try to hack /etc/fstab in order to mount / as read-only?
Can it help ?
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp