2

I have an embedded system (specifically, Google Coral with Mendel Linux), which will be running some models. I expect it to get turned off in not a secure way (basically plugging it off) mostly every time, so I want to make a robust system that won't have any data loss or corruption. After reading a lot and doing research, I found that making a Read-Only file system is what can work best (+ having an external micro-SD card that can be r-w, and in case of corruption of that, check that on every boot and repair it).

But there is something I am not understanding. Everywhere I read, it says

making RO the root filesystem

And after running lsblk -l, I can see that in my system, there is /, /boot and /home. And I am not sure what is the difference between making / RO or making all mmcblk0 partitions RO. I did not find any explanation or differentiation. In some places they just did /boot and / RO (as home was not always present). From what I understand, / is the "beginning" of the fs, and everything else pends from it, so /boot should be under it?

lsblk -l
NAME         MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
mmcblk0      179:0    0  7,3G  0 disk 
mmcblk0p1    179:1    0  128M  0 part /boot
mmcblk0p2    179:2    0    1M  0 part 
mmcblk0p3    179:3    0    2G  0 part /home
mmcblk0p4    179:4    0  5,1G  0 part /
mmcblk0boot0 179:32   0    4M  1 disk 
mmcblk0boot1 179:64   0    4M  1 disk 
mmcblk0rpmb  179:96   0  512K  0 disk 
mmcblk1      179:128  0 28,8G  0 disk 

cat /etc/fstab 
/dev/mmcblk0p4 / ext4 noatime,defaults 0 1
/dev/mmcblk0p1 /boot ext2 noatime,defaults 0 2
/dev/mmcblk0p3 /home ext4 noatime,nosuid,nodev,defaults 0 3

Sources I have read:

muru
  • 69,900
  • 13
  • 192
  • 292
M.K
  • 143
  • 6
  • 1
    with that `fstab`, any files in `/home`, e.g. `/home/mk/hello.txt` would be stored in `/dev/mmcblk0p3`. Anything outside `/home` or `/boot`, e.g. the contents of `/var`, or `/root` would be stored in `/dev/mmcblk0p4`. And making `/` read-only would still allow writing to `/home` and `/boot`. If you only had `/` the whole filesystem tree would come from one storage device. Mounting a filesystem sort or overrides part of that tree with data from another storage device. – ilkkachu Jun 21 '22 at 09:12
  • I see. So I guess making those `RO ` would not alter the behaviour of the system, if I am not going to write anything in there. Only run some models and write whatever output on the microSD card. Also, why would anyone write on `/boot`? I was concerned as having the `/boot ` partition corrupt might make the system not boot as it has the bootloader, but from what I read, the system boots thanks to `/ `. @ilkkachu – M.K Jun 21 '22 at 09:42
  • 1
    well you'd write to `/boot` at least if you updating the system or changing the boot settings. :) Probably not otherwise. `/` is hairier, since e.g. `/var` has things like `/var/log` which might want to be writable. And probably others too, since it is for _var_-iable data. – ilkkachu Jun 21 '22 at 10:45
  • Okay! It seems that some kind of overlay fs might do the job in terms of having to write in an upper layer while not modyfing the lower layer (or smth like that... I'm not really an expert). My hopes on making it `RO` were that it could write but changes would be discarded on reboot, making it doable for changes to happen in `/var` but not risking in case of power failure. Very insightful, grateful for your comments! @ilkkachu – M.K Jun 21 '22 at 18:12

0 Answers0