On 10/29/06, Edgars <[EMAIL PROTECTED]> wrote:
Tobias Weisserth wrote: > Hi everybody, > > I have setup an old Pentium with OpenBSD 3.9 to do some basic > filtering and NAT at my parents place after a Smoothwall installation > I did some two years ago got rooted recently. > > Everything works just fine, except I have a problem with mounting > partitions from /etc/fstab that I don't understand. > > This is what my /etc/fstab looks like at the moment: > > /dev/wd0a / ffs ro 1 1 > /dev/wd0g /home ffs rw,nodev,noexec,nosuid 1 2 > /dev/wd0f /tmp ffs rw,nodev,noexec,nosuid 1 2 > /dev/wd0d /usr ffs rw,nodev 1 2 > /dev/wd0e /var ffs rw,nodev,noexec,nosuid 1 2 > > After I boot the machine, mount -v outputs this: > > /dev/wd0a on / type ffs (rw, local, ctime=Sun Oct 29 11:04:57 2006) > /dev/wd0g on /home type ffs (rw, local, nodev, noexec, nosuid, > ctime=Sun Oct 29 11:04:57 2006) > /dev/wd0f on /tmp type ffs (rw, local, nodev, noexec, nosuid, > ctime=Sun Oct 29 11:04:57 2006) > /dev/wd0d on /usr type ffs (rw, local, nodev, ctime=Sun Oct 29 > 11:04:57 2006) > /dev/wd0e on /var type ffs (rw, local, nodev, noexec, nosuid, > ctime=Sun Oct 29 11:04:57 2006) > > Why is / not mounted read-only? Is it because the system needs it to > be writable during system startup? Do I have to remount it ro after > booting? > / is rw - read-write not ro
I other words: yes. The operation of mounting requires you to be able to write to the filesystem you are mounting on to (at least, that's how my intuition tells me it should work; otherwise an attacker with "mount" might be able to overload the mounted filesystems on a read-only filesystems, defeating the purpose of the read-only) I believe just rerunning mount with different options on the already-mounted fs will do it, right? -Nick