差分
この文書の現在のバージョンと選択したバージョンの差分を表示します。
| 両方とも前のリビジョン 前のリビジョン 次のリビジョン | 前のリビジョン | ||
|
vps:050-010protect [2017/07/07 06:11] admin |
vps:050-010protect [2017/07/07 07:35] (現在) admin |
||
|---|---|---|---|
| ライン 1: | ライン 1: | ||
| - | ======リードオンリー化運用 検討====== | + | ======リードオンリー化 検討====== |
| =====Jessieでのpivot root問題===== | =====Jessieでのpivot root問題===== | ||
| ライン 197: | ライン 197: | ||
| exit 0 | exit 0 | ||
| </code> | </code> | ||
| + | |||
| + | ===== メモ ===== | ||
| + | ・chroot環境をJessie上に構築する | ||
| + | http://niwatolli3.hatenablog.jp/entry/2015/07/07/223404 | ||
| + | ・debian-wheezy-arm-2010822c これでうまくいってそう | ||
| + | http://lotuseater365.tumblr.com/post/97562640533/raspberry-pi-%E3%82%92-unionfs-fuse-%E3%81%A7%E3%83%97%E3%83%AD%E3%83%86%E3%82%AF%E3%83%88%E3%81%99%E3%82%8B | ||
| + | |||
| + | =====unionfsテスト===== | ||
| + | # touch /etc/init.d/protect-fs | ||
| + | # update-rc.d protect-fs defaults (登録) | ||
| + | # vi protect-fs | ||
| + | |||
| + | <code sh protect-fs> | ||
| + | #!/bin/sh | ||
| + | |||
| + | ### BEGIN INIT INFO | ||
| + | # Provides: protect-fs | ||
| + | # Required-Start: mountall-bootclean | ||
| + | # Required-Stop: | ||
| + | # Default-Start: S | ||
| + | # Default-Stop: | ||
| + | # X-Start-Before: procps udev-mtab urandom | ||
| + | # Short-Description: UnionFS mode | ||
| + | # Descrition: Shutdown process will not be required | ||
| + | ### END INIT INFO | ||
| + | |||
| + | # Copyright: Bernd Schubert <bernd.schubert@fastmail.fm> | ||
| + | # BSD license, see LICENSE file for details | ||
| + | |||
| + | FUSE_OPT="-o allow_other,use_ino,suid,dev,nonempty" | ||
| + | CHROOT_PATH="/tmp/unionfs" | ||
| + | UNION_OPT="-ocow,chroot=$CHROOT_PATH,max_files=32768" | ||
| + | |||
| + | UBIN=/usr/bin/unionfs-fuse | ||
| + | |||
| + | cd /etc/protect-fs | ||
| + | file=noprotect | ||
| + | if [ -e ${file} ]; then | ||
| + | echo "protect-fs: disable" | ||
| + | exit 0 | ||
| + | fi | ||
| + | echo "protect-fs: enable" | ||
| + | |||
| + | #mount -o remount,ro /dev/mmcblk0p1 /boot | ||
| + | |||
| + | #mount -t proc proc /proc | ||
| + | mount -t tmpfs tmpfs /tmp | ||
| + | |||
| + | mkdir -p $CHROOT_PATH/root | ||
| + | mkdir -p $CHROOT_PATH/rw | ||
| + | mkdir -p /tmp/union | ||
| + | |||
| + | mount --bind / $CHROOT_PATH/root | ||
| + | |||
| + | $UBIN $FUSE_OPT $UNION_OPT /rw=RW:/root=RO /tmp/union | ||
| + | |||
| + | mount -t proc proc /tmp/union/proc | ||
| + | |||
| + | cd /tmp/union | ||
| + | mkdir -p oldroot | ||
| + | pivot_root . oldroot | ||
| + | |||
| + | # exit 0 | ||
| + | |||
| + | mount -r -t ext4 -o remount /dev/root /oldroot | ||
| + | #for d in dev run run/lock sys run/shm dev/pts boot | ||
| + | for d in dev run run/lock sys run/shm dev/pts | ||
| + | do | ||
| + | mount --bind /oldroot/$d /$d | ||
| + | done | ||
| + | |||
| + | init q | ||
| + | |||
| + | #/usr/local/sbin/a-unionfs-fuse-omit-pid.sh | ||
| + | exit 0 | ||
| + | </code> | ||
| + | |||
