Ok I have a feeling I know where this sort of configuration would be wanted :) :).. so I figured I should let you know the various problems we have seen with diskless workstations, clusters and other things
On Thu, 2004-04-01 at 03:54, Dave Jones wrote:
On Wed, 2004-03-31 at 23:38, Havoc Pennington wrote:
A possibly related discussion; we've been wondering if we can make the OS image read-only (mounting it that way, or via selinux).
If we do this, apt/yum/up2date/rpm will also need smarts to remount rw when upgrading. Having to do this by hand each time would annoy the hell out of me enough to just make it permanently rw again.
The issues I see are the following:
python items that get recompiled. I have to treat my scripts to ok various .pyc files that seem to change md5sums every now and then.
The following filesystems are heavily mutable and have to be rw /etc mtab configurations and such being pushed out by cfengine, et al. [Rebooting to get the new configuration is not why we switched to Linux :)] /dev permission changes and such
One of the old Unix boxes here had the ability to set / ro (unless single user) and then overmounted a rw /dev /etc with all the entries that were mutable. The only problem we had was when the new sysadmin (me) didnt know that booting single user didnt overmount, and so the changes to /etc/passwd disappeared :).
Things that can be mounted via ramdisk /tmp /var/tmp /var/spool/mqueue/xf/ ## Also /var/spool/MIMEdefang/ if you use it.
Things that have to be available over a reboot/power-outage/etc /var/spool/ /var/log/ [even with central logging it is needed to cross check logs]
Then have /tmp and probably /var in RAM (or wiped on boot)
Errr, if /var/log disappeared, I'd be very annoyed.
Ditto /var/spool. Imagine a scenario where I had a few hundred emails in /var/spool/mqueue, and for some reason the box locked up. Right now, I can reboot, and they'll still be there, and I can just restart the MTA and everything carries on. With your proposal, that spool is *gone*.
Same is possibly true for other bits of /var too.
This allows you to maintain the OS image in a central location and the homedirs and server/app data in central locations, and have a single network-wide master copy of all important state.
This sounds problematic for laptops. Things like AFS sound like a solution, but from what I've heard about it, I'm not sure I'm ready to trust my /home to it.
I doubt very much you would want to run this configuration on a laptop... :).
Dave