I want to use UML for security purpose and I want to run UML
with READ-ONLY root fs to avoid tampering with files.
I tried user_mode_linux-220.127.116.11um-0.i386.rpm on Redhat 8.0,
and it works fine when root fs is mounted read-write.
But when mounted read-only (command line is: linux ubd0r=root_fs con=pty con0=fd:0,fd:1),
UML seems to hang after attempted to write on read-only filesystems for two or three times.
The root fs I used is root_fs_toms1.7.205 .
Write attempted on readonly ubd device 0
end_request: I/O error, dev 62:00 (User-mode block device), sector 2
Also, I tried 2.4.20-6um compiled from source on Redhat 8.0, but the result was same.
The bug seems to exist in arch/um/drivers/ubd_kern.c, in function prepare_request(),
"return error immediately if the request is WRITE and fs is READ-ONLY".
If this check is disabled, UML didn't hang no longer when mounted READ-ONLY.
But this time, I've got another problem... User can create files on root fs mounted READ-ONLY!
(Though files are not modified when UML is rebooted, but not good for my purpose.)
I don't need COW, nor I don't want to use COW, to avoid tampering.
I want UML just return error as the REAL kernel does when attempted to write.
Is it possible to run UML with root fs mounted READ-ONLY?
I have a root fs based on Redhat 8.0 that is available for READ-ONLY mounted use.
It works fine on REAL kernel, and I want to run it on UML.
Tetsuo Handa a5497108@...
>>>>> "Tetsuo" =3D=3D Tetsuo Handa <a5497108@...> writes:
Tetsuo> Hello. I want to use UML for security purpose and I want to
Tetsuo> run UML with READ-ONLY root fs to avoid tampering with files.
I second that. I've also tried running with RO filesystems and failed.
This is very useful when you frequently rsync your UMLs around -- with
filesystems properly split, you only have to rsync the one that's
actually changing, not all the static stuff.