All mass storage read-only - BSD

This is a discussion on All mass storage read-only - BSD ; I'm starting a project for an embedded FreeBSD system (not a standard PC-based system) that has one rather sticky requirement. The flash drive we are using for our filesystems must be read-only. This will be enforced by hardware, and will ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: All mass storage read-only

  1. All mass storage read-only

    I'm starting a project for an embedded FreeBSD system (not a standard
    PC-based system) that has one rather sticky requirement. The flash
    drive we are using for our filesystems must be read-only. This will be
    enforced by hardware, and will panic the system if a write attempt is
    made. There will be a small read-write RAM disk that is considered
    volatile and disposable. I've started scoping out what this will
    entail:

    - All system logging will be to the network.
    - Spool files will be in RAM disk.
    - No home directories or login areas are needed
    - Some daemons require /tmp and /var/tmp space; this will be on the
    RAM disk
    - What about crash dumps (which we must handle); can they be saved to
    the network?

    Has anyone else here designed such systems? What more am I
    overlooking? I'm assuming I'm going to need a handful of symlinks to
    the RAM disk, which will likely be mounted as /tmp. Just wondering
    what else will be waiting for me down the road.


  2. Re: All mass storage read-only

    BTW, this will be a FreeBSD 6.2 system.


  3. Re: All mass storage read-only

    On Fri, 24 Aug 2007 14:15:03 UTC, Andrew Duane
    wrote:

    > I'm starting a project for an embedded FreeBSD system (not a standard
    > PC-based system) that has one rather sticky requirement. The flash
    > drive we are using for our filesystems must be read-only. This will be
    > enforced by hardware, and will panic the system if a write attempt is
    > made. There will be a small read-write RAM disk that is considered
    > volatile and disposable. I've started scoping out what this will
    > entail:
    >
    > - All system logging will be to the network.
    > - Spool files will be in RAM disk.
    > - No home directories or login areas are needed
    > - Some daemons require /tmp and /var/tmp space; this will be on the
    > RAM disk
    > - What about crash dumps (which we must handle); can they be saved to
    > the network?
    >
    > Has anyone else here designed such systems? What more am I
    > overlooking? I'm assuming I'm going to need a handful of symlinks to
    > the RAM disk, which will likely be mounted as /tmp. Just wondering
    > what else will be waiting for me down the road.


    Yes, this is all pretty easy. I have a small firewall system (it does a
    few other things too) that runs off a CF card. I use a small writeable
    area just for changes. It's based on nanoBSD (see the document at
    freebsd.org).

    In general, setting up the RAMdisks is easy. You have a read only /etc
    and /var, and each of these has a RAM disk mounted on them. There's
    another directory which contains images of what should be on the RAM
    disk, together with control files that say how big the RAM disk should
    be. On boot, it pretty well all happens automagically, as you can see if
    you look at /etc/rc.initdiskless.

    Start by looking at /usr/src/tools/tools/nanobsd. Email me if you have
    specific questions.

    --
    Bob Eager
    begin 123 a new life...take up Extreme Ironing!

  4. Re: All mass storage read-only

    Andrew Duane wrote:
    > BTW, this will be a FreeBSD 6.2 system.


    generate your own distribution-image having a file named
    /etc/diskless

    man 8 diskless provides you with details; originally thought for
    etherboot and the like, but does a great job with CF-Cards too.
    /etc/rc.initdiskless gives some clues how the ramdisks are
    populated (I'm building router-images this way).

    Or use things like nanoBSD, m0n0wall or the like.

    cu
    Clemens.
    --
    /"\ http://czauner.onlineloop.com/
    \ / ASCII RIBBON CAMPAIGN
    X AGAINST HTML MAIL
    / \ AND POSTINGS

  5. Re: All mass storage read-only

    On Fri, 24 Aug 2007 19:30:04 +0000, Bob Eager wrote:

    > On Fri, 24 Aug 2007 14:15:03 UTC, Andrew Duane
    > wrote:
    >
    >> I'm starting a project for an embedded FreeBSD system (not a standard
    >> PC-based system) that has one rather sticky requirement. The flash
    >> drive we are using for our filesystems must be read-only. This will be
    >> enforced by hardware, and will panic the system if a write attempt is
    >> made. There will be a small read-write RAM disk that is considered
    >> volatile and disposable. I've started scoping out what this will
    >> entail:
    >>
    >> - All system logging will be to the network. - Spool files will be in
    >> RAM disk.
    >> - No home directories or login areas are needed - Some daemons require
    >> /tmp and /var/tmp space; this will be on the RAM disk
    >> - What about crash dumps (which we must handle); can they be saved to
    >> the network?
    >>
    >> Has anyone else here designed such systems? What more am I overlooking?
    >> I'm assuming I'm going to need a handful of symlinks to the RAM disk,
    >> which will likely be mounted as /tmp. Just wondering what else will be
    >> waiting for me down the road.

    >
    > Yes, this is all pretty easy. I have a small firewall system (it does a
    > few other things too) that runs off a CF card. I use a small writeable
    > area just for changes. It's based on nanoBSD (see the document at
    > freebsd.org).
    >
    > In general, setting up the RAMdisks is easy. You have a read only /etc
    > and /var, and each of these has a RAM disk mounted on them. There's
    > another directory which contains images of what should be on the RAM
    > disk, together with control files that say how big the RAM disk should
    > be. On boot, it pretty well all happens automagically, as you can see if
    > you look at /etc/rc.initdiskless.
    >
    > Start by looking at /usr/src/tools/tools/nanobsd. Email me if you have
    > specific questions.


    You might also look at http://www.ultradesic.com/index.php?section=21
    These guides are intended for Soekris hardware (www.soekris.com) but I
    have found them very useful generally.

    Steve.

+ Reply to Thread