[Bug 575469] Re: recovery mode mounts filesystems read-write rather than read-only

Mon Aug 29 03:26:10 UTC 2011

I just had a quick look at mountall and can't find any easy way to mount everything read only. So bypassing mountall at this point means having only the root filesystem mounted in read-only mode, which should work in most cases when people stick to default partitioning.
It'll lead to a non working rescue environment for people who have split their /usr or /var to another partition though.

A quick look at the current scripts gives me that list:
 - apt-snapshots (not exactly sure what it needs)
 - clean (requires at least write access to /var)
 - dpkg (requires write access to everything)
 - failsafeX (probably requires everything to be mounted, it's calling gdm directly and won't work with lightdm)
 - fsck (requires write access to / as it's just touching /forcefsck)
 - grub (requires write access to /boot)
 - netroot (requires write access to /var/lib/dhcp/ for the dhclient lease file)
 - root (safe to run in read-only mode)

So to avoid introducing another script prompting the user about either
getting an early root shell or starting to mount everything read/write
and start friendly-recovery, I think we have two ways of doing it:

1)
  - Add a flag to mountall to force it to mount everything read-only and another to remount everything as read/write.
  - We could then have mountall's init script check if we are in a rescue environment, if that's the case, mount all local storage read-only and ignore any network storage.
  - Then modify all existing friendly-recovery scripts to ask mountall to remount everything read/write and write a new one for a "read-only root shell" that'd only show up if none of the others have been called yet.
  - Exiting friendly-recovery should also trigger a remount of everything in read/write so the system can boot properly.

2)
  - Move all of friendly-recovery out of /usr
  - Modify mountall's script not to do anything when in recovery mode unless a specific environment variable is set
  - Then modify all existing friendly-recovery scripts to call mountall to mount everything read/write and write a new one for a "read-only root shell" that'd only show up if none of the others have been called yet.
  - Exiting friendly-recovery should also trigger mountall in case none of the other scripts did it already.

So far I only had a quick look at mntctl and mountall itself and I
couldn't find any flag to force it to mount everything read-only.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to friendly-recovery in Ubuntu.
https://bugs.launchpad.net/bugs/575469

Title:
  recovery mode mounts filesystems read-write rather than read-only

Status in “friendly-recovery” package in Ubuntu:
  Confirmed
Status in “friendly-recovery” source package in Oneiric:
  Confirmed

Bug description:
  Binary package hint: friendly-recovery

  In recovery mode, filesystems should probably be mounted read-only,
  since pending any problems they can safely be remounted read-write,
  while the reverse is not necessarily true.  This means that operations
  such as fsck, badblocks, zerofree, etc. are not possible without
  having to use a boot CD, and ensuring that any additional binaries are
  compatible.  One should assume that booting into recovery mode is
  either deliberate or has come about because of a problem.

  f-r 0.2.10 on lucid/2.6.32-21-generic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/friendly-recovery/+bug/575469/+subscriptions