Opened 8 years ago
Closed 8 years ago
#5886 closed enhancement (wontfix)
nvram option to mount jffs2 on boot in Read Only
| Reported by: | ddmk | Owned by: | developers |
|---|---|---|---|
| Priority: | response-needed | Milestone: | Features Paradise |
| Component: | base system | Version: | Trunk |
| Keywords: | root fs ro jffs2 | Cc: |
Description
There are errors in packages which can potentially allow writes on flash when no any write is needed
(as a matter of fact - mc is writing command history to flash by default)
This can be simple prevented - make an NVRAM option (and export it to WEB interface!)
based on which jffs2 filesystem mounted in RO mode.
i.e. instead :
mount "$(find_mtd_part rootfs_data)" /jffs -t jffs2 && \
fopivot /jffs /rom
do
mount "$(find_mtd_part rootfs_data)" /jffs -o ro -t jffs2 && \
fopivot /jffs /rom
in /sbin/mount_root
i have a problem to make full image
P.S. web interface modification is required because of bugs
https://dev.openwrt.org/ticket/2670#comment:8
and
https://forum.openwrt.org/viewtopic.php?id=12448
or Admin can be halted with ro filesystem and no ssh access to remount it.
Attachments (0)
Change History (3)
comment:1 Changed 8 years ago by nico
- Milestone changed from Kamikaze to Kamikaze Features Paradize
- Version changed from Kamikaze 8.09 to Trunk
comment:2 Changed 8 years ago by spudz76
- Priority changed from normal to response-needed
comment:3 Changed 8 years ago by nbd
- Resolution set to wontfix
- Status changed from new to closed
NVRAM based filesystem mounting hacks have no chance of getting merged.
If you need an image that won't modify its filesystem, I suggest trying initramfs.
[patchteam] Not sure how this is a problem, but could be used as a "config lock" option as well. Also not sure how some packages would behave, including those which expect to be able to change their own UCI settings on the fly. Setting to response-needed to bring in some more comments and discussion on this.