Read only target file system

From RidgeRun Developer Wiki

Overview

Typically the root file system, also called the target file system from an SDK perspective, contains the device's applications and libraries. These should not be modified during normal device operation. The simpliest way to ensure the files are not changed is to mount the entire root file system read-only.

The challange is some common files, like /etc/network/interfaces gets modified. To allow for the handful of standard POSIX configuration files to be modified, symbolic links are used. the actual file reside in a separate file system that is mounted read / write.

SDK configuration

To configure your target file system to be mounted read-only, run the SDK configuration tool and select:

  • File System Configuration ---> Create read only target file system

SDK read-only target file system creation process

The target file system is created as normal. Then the following additional steps are performed:

  • After the target file system is created, the contents of $DEVDIR/fs/overlay-ro are overlaid on the target file system. The contents of the overlay-ro directory is typically symbolic links for the files whose contents can change.
  • When the kernel command line ($DEVDIR/images/cmdline) is created, the ro root file system attribute is included instead of rw.
  • Optionally the configuration files that are are symbolic links can have a default contents for each file stored in the target file system which gets copied to the read-write file system on boot if cooresponding symbolic link doesn't point to an existing file. This is handled by $DEVDIR/myapps/rw-partition, which also handles formatting the rw partion if necessary and other related tasks.

Initial device boot

The first boot up will optionally handle making a usable rw partition. This is often useful to allow the rw partition size to be decided based on the installed media. During the initial boot, once the rw partition is usable, any default configuration files are copied to the matching directory in the rw partition. For example:

Device file system before first boot

  • /etc/network/interfaces.default
  • /etc/network/interfaces -> /mnt/rw/etc/network/interfaces
  • /mnt/rw # empty, or may not even exist

Device file system before first boot

  • /etc/network/interfaces.default
  • /etc/network/interfaces -> /mnt/rw/etc/network/interfaces
  • /mnt/rw/etc/network/interfaces # contains the contents of /etc/network/interfaces.default

Device operation during boot

Besides handling the rw partition during boot up as needed, the /etc/init.d/mountall script remounts the root file system as read only, using a command similar to: 

/bin/mount -o remount,noatime,nodiratime,ro /dev/root /

Remounting target file system as read write

If during device update or some other need to write to the root file system, it can be remounted with read write permissions using a command similar to: 

mount -o remount,noatime,nodiratime /dev/root /
Retrieved from "http://developer.ridgerun.com/wiki/index.php?title=Read_only_target_file_system&oldid=11851"