{"id":53,"date":"2011-12-09T10:31:00","date_gmt":"2011-12-09T10:31:00","guid":{"rendered":"https:\/\/d-mashina.net\/index.php\/2011\/12\/09\/read-only-root-datotecni-sistem\/"},"modified":"2011-12-09T10:31:00","modified_gmt":"2011-12-09T10:31:00","slug":"read-only-root-datotecni-sistem","status":"publish","type":"post","link":"https:\/\/d-mashina.net\/index.php\/2011\/12\/09\/read-only-root-datotecni-sistem\/","title":{"rendered":"Read-Only root datote\u010dni sistem"},"content":{"rendered":"<div style=\"text-align: justify;\">\nNa SLES10 s SP2 in novej\u0161imi je mo\u017eno na sorazmerno enostaven na\u010din, razdelek root priklopiti v sistem v &#8220;read-only&#8221; na\u010dinu. Na\u010dinov je ogromno, najenostavnej\u0161i pa je slede\u010d. \u010ce ima kdorkoli kak drug predlog kako to izvesti, ga naj napi\u0161e med komentarje. Na sistemu, kjer to po\u010dnemo naj bo \/tmp in \/var\/tmp imenik na lo\u010denih radelkih, saj ta dva ne moreta biti read-only, ker sistem nanju aktivno zapisuje spremembe. Po kon\u010dani namestitvi sistema in ko kon\u010damo s konfiguracijo vseh servisov se prijavimo kot root in naredimo slede\u010de spremembe:<\/div>\n<p>&#8211; spremenimo \/etc\/fstab in pri \/ razdelku vpi\u0161emo ro, za &#8220;read-only&#8221; na\u010din<\/p>\n<p>Nato izvedemo naslednje ukaze:<\/p>\n<p>&nbsp; rm \/etc\/mtab<br \/>\n&nbsp; ln -s \/proc\/mounts \/etc\/mtab<br \/>\n&nbsp; mkdir \/var\/lib\/hwclock<br \/>\n&nbsp; mv \/etc\/adjtime \/var\/lib\/hwclock\/<br \/>\n&nbsp; ln -s \/var\/lib\/hwclock\/adjtime \/etc\/adjtime<\/p>\n<p>&#8211; \u010de uporabljamo DHCP stre\u017enik naredimo \u0161e slede\u010de:<\/p>\n<p>&nbsp; mv \/etc\/resolv.conf \/var\/lib\/misc\/<br \/>\n&nbsp; ln -s \/var\/lib\/misc\/resolv.conf \/etc\/resolv.conf<\/p>\n<p>&#8211; nazadnje naredimo \u0161e remount razdelka<\/p>\n<p>&nbsp; mount -o remount,ro \/<\/p>\n<p>&#8211; in ponovno za\u017eenemo stre\u017enik<\/p>\n<p>&nbsp; reboot<\/p>\n<div style=\"text-align: justify;\">\n\u010ce na stre\u017eniku uporabljamo \u0161e druge servise, ki uporabljajo imenike na \/ razdelku, uredimo simboli\u010dne povezave \u0161e za te servise. Napotek deluje tudi na drugih distribucijah Linuxa, seveda pa se lahko pri teh razlikujejo poti do datotek.<\/div>\n<div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Na SLES10 s SP2 in novej\u0161imi je mo\u017eno na sorazmerno enostaven na\u010din, razdelek root priklopiti v sistem v &#8220;read-only&#8221; na\u010dinu. Na\u010dinov je ogromno, najenostavnej\u0161i pa je slede\u010d. \u010ce [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-53","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/d-mashina.net\/index.php\/wp-json\/wp\/v2\/posts\/53","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/d-mashina.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/d-mashina.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/d-mashina.net\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/d-mashina.net\/index.php\/wp-json\/wp\/v2\/comments?post=53"}],"version-history":[{"count":0,"href":"https:\/\/d-mashina.net\/index.php\/wp-json\/wp\/v2\/posts\/53\/revisions"}],"wp:attachment":[{"href":"https:\/\/d-mashina.net\/index.php\/wp-json\/wp\/v2\/media?parent=53"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/d-mashina.net\/index.php\/wp-json\/wp\/v2\/categories?post=53"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/d-mashina.net\/index.php\/wp-json\/wp\/v2\/tags?post=53"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}