Recently, for an embedded project, I was asked to emulate on Linux the effects of the Enhanced Write Filter (EWF) of Windows XP Embedded.
In particular, I need a sort of EWF for:
- avoiding to write too many times on
disk (we use CFs); - protecting programs/config files after accidental reboots/failures/erroneous changes.
As far as I know, Linux has no feature similar EWF and it doesn't write as much as Windows on disk (see this answer), but my chief asked me to investigate something that can provide a solution for both the requirements.
At the moment I'm trying this simple strategy:
- I've a little partition (mount point: /safe) with the data/directories I should protect (i.e. the whole /etc directory)
- during system bootup I mount in RAM (tmpfs) all the directories that I must protect then I copy data from /safe into them.
- if all goes right, I can unmount /safe. If needed, a little script allows me to mount /safe and "commit" changes to files, if needed.
- I can force / read-only: all programs I need are in RAM and they're writing stuff in RAM.
Any idea/suggestion?
I'm using a stripped-down Debian Lenny with Ext2-formatted partitions on x86 architecture (BTW, any suggestions for a simple journaled/COW filesystem suitable for this task?).
Thanks.
Best Answer
Solved by following the excellent How To: Build A Read-Only Linux System.
From one of the two little scripts making the magic (uses an aufs union):
Results: system protected and apps can write their stuff (in RAM).
If I reboot without "committing" all the changes on the system will be lost, but if I need something to stay permanent, I can remount the partition read-write (this time r/w means "on disk" not "on RAM"), do the "commit" and remount the partition as read-only.
Scripts are so elegant that I can also switch between "protected" (for production) or "unprotected" (for development) modes by choosing its correct labelled entry in GRUB.