Re: /boot partition changes when it should not



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bob McGowan wrote:
It is almost certainly the mount count.

I just manually unmounted and mounted the device a few times. With the
arguments I have in fstab ("ro","noatime"). In other words, I did

umount /boot; mount /boot; dd_rescue /dev/sda1 /tmp/boot1;
umount /boot; mount /boot; dd_rescue /dev/sda1 /tmp/boot2;
diff /tmp/boot1 /tmp/boot2

Result: No change. Hence it does not increment a mount count as long as
it is manually unmounted and remounted while the system is up.

What do I have to change in the boot process so that the mount count
does not get updated? How do I get the boot process to honor the fstab
options?

It is worth noting that the read-only mount prevents writes via "normal"
filesystem functions, only.

You could still have a write done directly to the device, using the
reverse of what the OP did to get the checksum, and completely destroy
the disk content.

Or, more to the point, use a "disk editor" and twiddle a bit here and
there.

Malicious modifying of files with a disk editor is exactly the undesired
stuff that this whole checksumming is supposed to detect.

To get an absolute, no write, ever, to the device, the OP will need to
figure out how to force read only permissions on the device /dev/sda1,
across boots.

Phantastic idea! Can it be done? I have not heard about this yet. It
would be great.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkuVopMACgkQ+VSRxYk4408KQwCg54fWN8Vgb0/onHgM/YqHJ/1o
wUMAoLgmBikojb51vtXAT11GOM4F0jFy
=lEFC
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
Archive: http://lists.debian.org/4B95A293.1030001@xxxxxx



Relevant Pages

  • proper procedure for bug report against Debian Wheezy boot process
    ... occasions out of five the boot process has ended abnormally. ... Skipping volume group bigd-mach01 ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • Re: How to stop a message which requires the Enter key
    ... I still have the same annoying glitch in the boot process. ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • Re: Live CD says all fs clean, but...
    ... Just to exclude the obvious: ... filled up and thus the boot process can't write to it. ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • RE: help.. my fedora hung up and I cant login
    ... But after I reboot the machine, the boot process hung up. ... To unsubscribe or change subscription options: ... Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines ...
    (Fedora)
  • Re: "No devices found" in X
    ... the beginning of the boot process, although, as I've explained, I can ... actually get a working system by waiting for the completion of the boot ... source projects (kernel, network drivers, VGA, MeeGo, VT...), is just ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)