mnt-system read-only?

[moritz.b]

Hallo,

is there any way to boot Knoppix 7.20 with mnt-system read-only?
I have configured my Knoppix with overlays and would like to use the system without write access to my usb-stick.


Thank's Moritz

[utu]

Greetings, moritz.b.

The purpose of Knoppix using a LiveUSB is usually to allow writing data
to a persistence file somewhere on it.

/mnt-system is usually on a fat32 partition with all your cloop-compacted
overlays. Using a separate reiserfs partition for persistence makes it
unnecessary to write anything to the fat32 system, unless you want to modify
some /boot, /efi or reference material there.

If you actually never want to record ANY changes, then a LiveCD or LiveDVD
would seem a better and cheaper answer than restricting a LiveUSB to read-only.

[moritz.b]

Greetings, moritz.b.

/mnt-system is usually on a fat32 partition with all your cloop-compacted
overlays. Using a separate reiserfs partition for persistence makes it
unnecessary to write anything to the fat32 system, unless you want to modify
some /boot, /efi or reference material there.

Yes, I use a separate reiserfs partition for persistence and I a want to prevent anyone to write on my KNOPPIX-Partition.

If you actually never want to record ANY changes, then a LiveCD or LiveDVD
would seem a better and cheaper answer than restricting a LiveUSB to read-only.

Knoppix from stick is very faster.

Thanks Moritz

[moritz.b]

I have my problem solved with a new cheatcode and adaption the init.

moritz.b

[fredvej]

Please post your solution, the boot parameter list and the adaptation to init. I would like to implement it.

[Capricorny]

This is very interesting in the context of USB, and possibly also SSD-disk, use. If, for example, /mnt-system is mounted ro, and the overlay is on ramdisk, concerns about media wear-out are greatly reduced. Overlay could, for example, be read into ramdisk from /mnt-system, or another partition, on boot, and on shutdown, there could be an option for saving it. There are also safety concerns - if overlay is never saved after performing potentially dangerous operations (typically websites wanting to run scripts modifying your browser configuration), one is much better protected.

I consider publishing modified init scripts here a part of best Knoppix practices

[utu]

I have my problem solved with a new cheatcode and adaption the init.

moritz.b

I have two concerns with the initial premise here.

Unless your Knoppix user is denied root privileges,
making that partition which contains /mnt-system read-only on a write-able
medium offers no real protection against unauthorized changes to the contents
of /mnt-system.

If the Knoppix user is denied root privileges completely,
there are many useful things his Knoppix can't do.

I'd like to see how changes to init might get around these considerations.

[Capricorny]

I have two concerns with the initial premise here.

Unless your Knoppix user is denied root privileges,
making that partition which contains /mnt-system read-only on a write-able
medium offers no real protection against unauthorized changes to the contents
of /mnt-system.

If the Knoppix user is denied root privileges completely,
there are many useful things his Knoppix can't do.

I'd like to see how changes to init might get around these considerations.

Even if it is possible to remount /mnt-system rw, having it mounted ro by default is clearly a safety measure. And, for example, everything could be placed in loop-mounted ISO images. So that you have to re-create it each time you want to update your persistent store. This could be equivalent to using one or more cloop/squashfs overlays.

[utu]

I have configured my Knoppix with overlays and would like to use the system without write access to my usb-stick.

I think of cloops as read-only by definition, only written by specific intent, not somehow 'accidentally'. I count on this myself as
protection against my overwriting a rw persistence file. Once my rw persistence content is relatively 'mature', I button its content up
in a cloop to protect against possibly spoiling it myself. This also compacts things and I never really see any performance penalty.

My expectation is that Moritz might be expecting to protect against another Knoppix user purposefully changing Moritz' product,
which I expect that user probably can do if he has Knoppix root privileges. If he doesn't, he surely misses a lot of its power.