Fedora Security :: Make The Root File System Read-only

Jun 23, 2009

I am interested in making the root file system is read-only. I've moved /var and /tmp file systems to another partitions. There are two files in the /etc directory that need to be writable.

These are:

I've moved this files to /var and linked it. I've added command to the /etc/rc.d/rc.local file:

That's it. Are there other solutions to make the root file system is read-only?

View 1 Replies


ADVERTISEMENT

General :: Make A File Read-only Even For Root?

Jun 2, 2010

Remember back in the days of MS-DOS, a file could have 4 different attributes: archive, read-only, hidden, system. As you know, MS-DOS didn't have any user rights or privileges. Files had no owner. If you were at the command line, you could do whatever you wanted, you could change or delete any files you wanted to... so long as they weren't read-only. Under MS-DOS, if you had a read-only file and tried to delete it, you would get an error saying "Cannot delete read-only file". There was a simple remedy to this, just turn off the read-onlyness:

Code:

attrib -r hello.txt

The point I'm trying to make here is that even though you had full permissions over the file, you still had to turn off its read-onlyness before you could make a change. Well I'm trying to do something similar in Linux. Under Linux, the root user has full permissions over every file. But I need to make a particular file read-only so that not even the root user can alter it. I have a few programs on my computer that need to be run as root because they do some low-level networking (raw sockets and the like), and these programs alter my "/etc/resolv.conf" file. Well I need to find a way of making my "/etc/resolv.conf" file READ-ONLY, even for the root user. It doesn't seem as though the Linux filesystem provides a means of doing this, reason being that the root user will always be able to alter any file it wants to. I was thinking though... there's some way I could turn my "/etc/resolv.conf" file into a virtual file of some sort, like maybe I could use some sort of mount program to mount the file as read-only... ?

View 9 Replies View Related

Ubuntu Servers :: Root File System Keeps Getting Remounted Read Only?

May 13, 2010

I have a 9.04 64bit Ubuntu server that I use for a home file server and for downloading duties, every few days the root filesystem gets remounted as read only, usually requiring a reboot and fsck to get everything running again. The box is tucked away in the roof space to keep the noise down so it's a bit of a pain to keep pulling it out to get console access.troubleshoot what might be causing this?/ is on a raid 1 array on 2 8GB usb sticks last few lines of DMESG EXT3-fs error (device md3): ext3_journal_start_sb: Detected aborted journal

Code:
[632280.290419] journal_bmap: journal block not found at offset 23180 on md3
[632280.290470] Aborting journal on device md3.

[code]....

View 9 Replies View Related

Debian Configuration :: Start X Server In A Read Only Root File System?

Apr 27, 2010

For my project, it's absolutely necessary to have a read-only root partition system. I have a writable /opt/project partition.But, I also need to start x server. startx This tries to write to some temporary files and fails as / is readonly. Is there any how-to on how to move this temporary files to the writable portions of the file system.

View 3 Replies View Related

General :: Root File System Is Mounted Read-only On Boot On Gentoo?

Sep 27, 2010

I am using Gentoo Linux and for a while now, the root file system is mounted read-only on booting. For obvious reasons, this is quite annoying as most services do not start up correctly (I do not use a separate file system for /var). After the system is up, I have to log in, remount the root file system read-write, fix /etc/mtab, mount all other file systems in from /etc/fstab and then start up all the missing daemons. I know that there are ways to make a system run properly with a read-only file system, but I would rather restore the old behaviour of a writable root file system.

The strange thing is that after running mount / -o remount,rw, the file system is mounted in writable mode without any errors. I suspected some problem with fsck, but now I have disabled automatic file system checks on the partition (tune2fs -c0 -i0).When I run dmesg, only these lines mention the partition at all, although I am not sure if not something gets lost because /var/log is not writable:

EXT3-fs (sda5): mounted filesystem with writeback data mode</code>
EXT3-fs (sda5): using internal journal
The line in /etc/fstab looks like this:

[code]....

View 2 Replies View Related

Software :: Make Initrd That Contains Root File System?

May 19, 2010

I am attempting to PXE boot Redhat 5.4 and load the OS into RAM. Here is how far I have gotten so far:

I have successfully configured my DHCP, TFTP, and PXE servers. The PC that is booting up Redhat 5.4 is able to get a DHCP IP address from the server, grab the kernel and initrd from the TFTP server, and boot up from there. I have this setup working if I store the root file system on a NFS share on the server and use the kernel's NFSROOT parameter. Long story short, I now need to get this same setup working without using NFS if possible. I have spent several hours google searching how to create a RAM disk (initrd) that also contains the root file system. I must be searching the wrong keywords. Anyway, based on what I have read so far, I need to do the following:

1. I need to pass different kernel parameters. It needs to look something like:

2. It seems like newer versions of initrd are created using the cpio tool. So would this simply be a matter of booting to my hard drive that has Redhat 5.4 loaded on it and running:

To create the RAM disk with a root file system attached to it? I have a feeling it has to be more complicated than that but I just cannot find any sites that specifically explain what would be involved with creating an initrd file that can also be used as the root file system.

3. Would I need to modify the init script (many sites call it "linuxrc") at all in order to accomplish what I want to do? For example, I found this site:[url]

My understanding of this page is that you have to create a linuxrc script that basically does the work of decompressing the file system into /dev/ram0 and mounting it to /root. Is something like this actually needed?

4. The kernel must have certain parameters set such as enabling RAM disk support.

I have most of this setup working. I just need to figure out how to basically store the contents of the OS on the TFTP server and then tell the kernel to load that OS into memory. Based on what I have read, this should be possible (otherwise, how do Live CD's work?).

View 5 Replies View Related

Ubuntu Installation :: Cannot Make Enough Space / No Root File System?

Jun 27, 2011

I've been trying to install ubuntu 11.04 64 bit on a partition next o windows 7 64 bit.When I use the default option (no matter how large I make the partition) I get the error message that not enough space could be created. I read this could e solved by defragmenting the hard drive which I did, but the problem persists.I next tried to partition manually but go the error message that there was "No root file system is de or something similar

View 4 Replies View Related

Fedora Security :: How To Become The Root On System

May 8, 2009

i still can't see quite well the security reason for not allowing one logging in as root on Fedora, but anyway...how to become the root on my system, Fedora 10, please?i did open a terminal and typed s - root then my password, now im the root, but only on the terminal, as CLI, but what if i want to change the munu.lst inside grub i.e.? and some other files or settings that there's no option to just type in the root password, how to overcome that please?

View 9 Replies View Related

Ubuntu Security :: Access To A Virtual File System For The Thermocrom Without Needing To Launch Owfs As Root?

Feb 12, 2011

I have been trying to use my DS2490 USB to serial device with a Maxim .DG1921G thermocron with owfs. It is supposed to give me access to a virtual file system for the thermocrom without needing to launch owfs as root.

Code:
/var/log/messages gives:
Feb 8 16:22:45 norman-HP-G56-Notebook-PC kernel: [ 236.140141] usb 5-1: new full speed USB device using ohci_hcd and address 2[code]....

but if ds2490 module is loaded it works when run sudo.It seems from this that it is a lack of permissions to USB but I have tried all the methods on at http://owfs.org/index.php?page=udev etc. to overcome this and a few others but none work.I am running Ubuntu 10.10 kernel 2.6.35-22-generic #33-Ubuntu SMP

View 1 Replies View Related

Fedora :: Cannot Create Regular File Read Only File System?

Jun 16, 2009

All my torrents go to my home/username/Download/ folder, I could read/write yesterday but now I cant even copy the files to a flash drive.The error i get is "Cannot create regular file '/home/username/Download/file' : Read only file system.

View 14 Replies View Related

General :: Remount Root Filesystem As Read/write After Modify Readonly-root File?

Dec 21, 2010

My linux distro is CentOS 5.3. Today I edited /etc/sysconfig/readonly-root and set "READONLY" to yes, now my /etc/sysconfig/readonly-root file is like this:

# Set to 'yes' to mount the system filesystems read-only.
READONLY=yes
# Set to 'yes' to mount various temporary state as either tmpfs

[code]...

View 3 Replies View Related

Fedora Security :: Log Files Empty - System Does Not Allow Root To Login ?

Feb 2, 2010

For a month or so now, I have been enabling ssh and opening port 22. I cron'ed the start and stop commands to leave them open only a few hours a day. After a bit, I checked my logs to find that some IP or another was attempting to brute force my root account.

I took little real threat by the offense.

(1) my system does not allow root to login and

(2) it would cut them off sooner than later when my system issued the stop command.

fast forward

Today I log in to find that all of my log files, as viewed from the gnome log file viewer, were empty of entries from about noon yesterday and prior.

Though I haven't noticed anything at all out of the ordinary with my system, I would like to get more opinions on the matter. Would there be any conceivable way that this was an automatic system routine, a clean up action of something? Additionally, if I was indeed the victim of a hack, what can I do to further protect my system (keeping in mind that I do want to access my system via ssh from time to time)?

View 4 Replies View Related

General :: Make The Root Device Read/write?

Mar 4, 2011

I need to change a filename but when I boot up I get the message root device is read-only. Is there a way of changing this so that I can change the filename. I have a Mac Pro running Leopard OSX. The graphics card an NVIDIA 7500GT or driver has failed. It was suggested elsewhere that I change the relevant kext files to filename.kext.old, which I did, now when I try to boot start in OSX I get a message in various languages telling me to restart. I have tried booting in safe mode and from original Installation CD. In Safe Mode I get the same multi language splash screen, from CD I still have the graphic card problem, screen freezes and artifacts appear. So I boot up straight into CLI by holding down CMD-S hoping to be able to change filenames back but it says device read-only.

View 2 Replies View Related

Security :: Get Root Through TR069 And Read Access?

Jul 13, 2010

I have an ADSL modem and router, its OS is linux. It runs ftp service, and I can read files in its file system, but I have no permission to list files and to write files. It has TR069 protocol connections and can upgrade remotely.It has ssh, but not started.

View 1 Replies View Related

Ubuntu :: Error Creating File System: Helper Exited With Exit Code 1: Cannot Open /dev/mmcblk0p1: Read-only File System

May 2, 2010

I bought a new SD card which I intend to put some MP3s on - except that I can't write to it because it tells me the destination is Read Only. No-probs thinks I: I'll just reformat it.

"Error creating file system: helper exited with exit code 1: cannot open /dev/mmcblk0p1: Read-only file system"

Various chmod commands all result in Read-only file system. I tried umount then mount commands, but it couldn't find it to mount once I'd unmounted it using the same /media/ file path (I assume it's the only one).

View 9 Replies View Related

Red Hat :: File System Corruption - Super Block Could Not Be Read Or Don't Describe A Clear Ext2 File System

Jul 12, 2010

My Redhat Enterprise Linux 4 with 6x partitions (/, /boot,/home, /usr, /var, /tmp) of 6.0 GB IDE Hardisk was working quite fine. I decided to create LVM on /home and /var partitions but due to some errors occured and I delete the /home partitions. That's why partition table altered. I then delete 4,5,and 6th partitions (/home, /var, /tmp) partitions and now try to create one by one but following error is coming:-

[Code]....

The Super block could not be read or do not describe a clear ext2 file system. E2fsck b 8193 <device> I have tried following commands,but could not successful:- e2fsck -p /dev/hda7 (where hda7 was created but afterthat it was deleted) e2fsck -a /dev/hda7

View 2 Replies View Related

Fedora X86/64bit :: User That Can Only Make The Sound Card Work On A F10 X86_64 System Is Root

May 4, 2009

The only user that can make the sound card work on a F10 x86_64 system is root. For non root users, I am not seeing any error messages when a app tries to use/access the sound card, just nothing plays. As I said, for root everything works as expected. I am sure this is a permission/setup issue, but I have no idea where to start.

View 3 Replies View Related

Ubuntu Security :: Make Port 80 Read-only?

Apr 3, 2011

I am running a ubuntu server for home use and am currently hosting a website for testing urposes I am worried because I have to leave my port 80 open for this to work. an Idea I have is to make it that port 80 is read only.

View 9 Replies View Related

Red Hat / Fedora :: Unlinked Inode, Aborted Journal And Read Only File System?

Apr 7, 2010

I am running centos 5 on adaptec 2405 raid 10

PHP Code:

I get this error:

[code]....

View 9 Replies View Related

OpenSUSE Install :: Get A 64 Bit File System To Read 32 Bit File System Drives?

Feb 2, 2010

Have just assembled a new computer and thought I would install the 64 bit version of openSUSE 11.2 in a "Windows free zone". After a hiccup or two I have managed to get a system of sorts running but on trying to copy files from my old computer(via a memory stick) it tells me that Vfat is an unknown file system.On my old computer I am running 32 bit openSUSE 11.2 as a dual boot system with Windows XP and have no problems moving files between the two different file systems.Is it possible to get a 64 bit file system to read 32 bit file system drives and if so how do I do it?

View 7 Replies View Related

Fedora :: Could Not Find The File System Drv/root

Oct 11, 2009

well i was messing with the Gparted live disk and i deleted a small partition of about 6 megs (yes megs). trying to be efficient doing some cleanup of course. but when i rebooted my Fedora 10 i get the black screen saying," could not find the file system. /dev/root". ok, i am useing the fedora 10 live cd now. can i copy that file to my hard drive from the cd? or do i need to reinstall Fedora?

View 1 Replies View Related

Fedora :: Root File System Out Of Memory?

May 22, 2011

I have worked in linux for a long time but never managed the system until I got my own server, which is running Fedora 14. I have a 3 TB Drive and apparently can only handle 2 TB. At least the Disk Analyzer is telling me that 2TB is 100% max capacity. Also viewing disk analyzer, I am only using 50GB of my 2TB but I am out of memory in the Root file system. If I run df -h, I get he following:

Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_dev1-lv_root
50G 40G 7.2G 85% /

[code]....

View 4 Replies View Related

Security :: File Permission - Read An Execute Only File

Dec 16, 2009

Suppose I have a binary program with only execute permission enabled for the current user. How (in general) would I be able to obtain a core dump of the file? I think I have read it somewhere but I want to know if there are more ways of doing it.

View 1 Replies View Related

General :: Mass Change_owner Happend To Root File System In Fedora?

Nov 21, 2010

I have a fedora 14 system. I booted a suse installation that existed on an external harddisk and wanted to access my original fedora user home directory using non-root preveliges(so that i can use the gui file manager), so I searched on the internet and made a command to (chown -R mysuseUser:Users *) thinking that it will only affect the current mount permissions (not permenantly) put it did change the file system... i realized and cut it in the middle but some corruption was done. and then my fedora gui login screen was missing any username. tried to fix that by going to my fedora and executing chown (once using --from , and once without --from) and changed all root file system recursively to be owned by root and then changed my /home/myuserName ownerships all recursively to be owned by myUserName after that... still the system is corrupted..... when i login to genome i have several crash messages (gdiskutility is one of them) and networking is disabled (i cannot connect to neither wireless nor wired nor wireless broadband). also when i plug USB/esata harddisks nothing happens

now i can only do work from my external harddisk`s suse linux. what can i do to restore my system ? I have a previous dd image of my entire harddrive, but it is more than one month old and also I don`t want to do a restore to my entire harddrive.. can i clone some ownerships from files in dd image to their corresponding ones in my fedora system ? if so, how can i even mount a dd image ?

View 6 Replies View Related

Fedora Installation :: Installing Live CD - Message - Cannot Find Root File System ?

Jan 30, 2010

I have a LiveCD (DVD with many linux versions on it) and no other software on my computer at the moment. The computer specs are as follow:

When I use the live cd I get the following message: Cannot find root file system

I have tried the suggestion along the lines of:

Then it either goes back to Bash or I get "Kernel panic - not syncing: Attempted to kill init"

Then my install just freezes there and I need to restart my computer.

View 5 Replies View Related

Fedora Security :: Encrypt Ext3 / Ext4 File System?

Jan 6, 2011

I want encrypt my fedora file system.
How to i can encrypt ext3 or ext4 file system.

View 5 Replies View Related

Security :: Encrypt Entire File System - Fedora 11 64bit?

Jul 11, 2009

I recently installed Fedora 11 64bit and I am curious about encrypting my entire file system for security purposes. I've been on Google for a while now and I keep finding info on how to encrypt a specific folder or home directories but nothing on the entire file system (or I'm missing something big here). It's hard for me to imagine that it isn't. If so, do I need to encrypt the partition my file system is on before installing it? What software should I use? There seems to be so many, it's difficult to keep them all straight.

View 5 Replies View Related

Ubuntu Security :: Root Password To Make Admin Printer Changes?

Jan 23, 2010

I try to install my printer again after reinstall ubuntu 9.04. ("downgraded from 9.10"). Instead of asking for the local-user-login password, as it does for other system changes, it asks for a root password that I never had. What happened? How can I set this right?I made a printscreen.

View 3 Replies View Related

Ubuntu :: Unable To Create Trashing Info File: Read-only File System

Jul 21, 2010

I plugged in my USb drive into my computer yesterday and tried to delete a folder. I was unable to do so and got the following message

Cannot move file to trash, do you want to delete immediately? The file "my file" cannot be moved to the trash. Show Details Unable to create trashing info file: Read-only file system

So when I click on delete I get another error message:

Error while deleting.
There was an error deleting Case Study Database. Show Details Error removing file: Read-only file system

At this point I can only click on Skip, Skip All, or Cancel.

I have not changed anything on the stick recently so I dont know what is causing the problem.

View 7 Replies View Related

OpenSUSE Install :: User 'root' Can Read The Content Of The File

Apr 12, 2011

I came across this issue today and it changes everything I know about file permissions in linux. I created the following files in my system :

Code:

/tmp> ls -lad /tmp/testperm/
drwx------ 2 sagi users 4096 Apr 12 20:23 /tmp/testperm/
/tmp> ls -lad /tmp/testperm/file.txt
-rw------- 1 sagi users 12 Apr 12 20:23 /tmp/testperm/file.txt

[code]....

One more thing, as you can see I also set that only the owner of the directory (which is me again) can read and cd (the execute bit) to the directory. how come user 'root' can read the content of the file ?

Code:

# id
uid=0(root) gid=0(root) groups=0(root)
# cat /tmp/testperm/file.txt
Hello world

[code]....

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved