Hi, usually the root-fs is mounted read-only by the kernel itself. The init-process reads fstab and mounts the filesystems according to it after checking them (see /sbin/init.d/boot for details). I don't think that you can perform any writes to an ro-mounted fs. I suppose instead that your root-fs is mounted rw. To test it use mount w/o any parameters. The output will look like this: /dev/hda1 on / type ext2 (rw) proc on /proc type proc (rw) /dev/hdc5 on /home type ext2 (rw,usrquota) devpts on /dev/pts type devpts (rw,gid=5,mode=0620) The last field in brackets shows the mounting options. I would expect your System showing / mounted rw. So you should seek for any calls to mount within the init-scripts, that remount / rw. The call should look like this: mount -no remount,rw / If you find the scripts beeing modified, you should check whether you have been hacked... hope that helps! Jürgen. Btw: It sounds stupid, bud stupid mistakes are often hard to find - is there another line below your entry "/ ext2 (ro)" that causes a second remount of your root-fs rw? Nikolai Dahlem wrote:
Hi,
I try to mount my root-fs readonly. My fstab contains / ext2 (ro) and the msg during boot process say it mounted read-only, but in fact it's not; I can cp/mv/rm files and evertyhing. Strange thing is /boot ext2 (ro) works. Any suggestions ?
--------------------------------------------------------------------- Jürgen Ellinger Siemensstraße 44 88250 Weingarten e-mail: ellinger@informatik.uni-tuebingen.de ellinger@student.uni-tuebingen.de ellinger@spohn.rv.bw.schule.de