Path: utzoo!utgpu!water!watmath!clyde!rutgers!gatech!bloom-beacon!husc6!cmcl2!brl-adm!adm!rbj@icst-cmr.arpa From: rbj@icst-cmr.arpa (Root Boy Jim) Newsgroups: comp.unix.wizards Subject: UNIX RO Filesystems Message-ID: <11246@brl-adm.ARPA> Date: 13 Jan 88 20:43:41 GMT Sender: news@brl-adm.ARPA Lines: 49 Several people have mentioned the possibility of read-only roots or other file systems. I will attempt to describe my solution. On our VAX, we have three separate parallel filesystems. The first contains the 4.3BSD tapes (except the source, which is mounted another place, also read only) as distributed, mounted read only in a file system called /ro. The second is a merged root and /usr 46M partition on an RM03 with hacked partition tables; the last 33440 sectors are the swap space and the rest is root/usr. Large sections of the root are symbolically linked to the corresponding file in the /ro partition. This includes /usr/doc and /usr/man/man?, as well as quite a few `unused' programs in /usr/bin, such as the plot stuff. These rarely used programs are available at the cost of a symlink translation if needed. The third is /rw, which contains any (or rather, most) changes to the virgin root/usr file system. I use makefiles and rdist (in a rather nonobvious way, using *relative* path names) to distribute changes from the /rw filesystem to the real root/usr. There are several advantages to this approach, as well as drawbacks. First, we don't have jillions of backup tapes with /usr/doc on them. Our root/usr backup fits on one tape. Second, we have two copys of our precious configuration files, the real one, and the one in /rw. Old versions are also kept in /rw. The main drawback is setting everything up, and understanding how to use it, altho if you want to change /x/y, you cd to /rw/x, change y, and type make. Another drawback is that we must have two copys of critical stuff, such as /bin, /etc, and often used stuff in /usr/{bin,ucb,lib} etc. Currently, this is about the size of a root partition, or 8M. Lastly, if one wants to hack something in a symbolically linked directory, one must remove the link, symbolically link all the files in that directory except the replacement files, and update the whole mess. This can get complicated when subdirectorys are involved. Details upon request. Comments anyone? (Root Boy) Jim Cottrell National Bureau of Standards Flamer's Hotline: (301) 975-5688 I've read SEVEN MILLION books!! P.S. Fortunately, none by Jerry Pournelle!