overlay filesystem

Question

I am trying to install a overlay filesystem, in order to make the sd-card read-only. I've used this script:

https://github.com/janztec/empc-arpi-linux-readonly

It ran without errors, and it has added "overlay=yes" to my /boot/cmdline.txt:

overlay=yes dwc_otg.lpm_enable=0 console=serial0,115200 console=tty4 root=PARTUUID=fa504fc4-02 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait dtoverlay=pi3-disable-wifi pi3-disable-bt  consoleblank=0 logo.nologo  logo.nologo quiet splash plymouth.ignore-serial-consoles  vt.global_cursor_default=0

but after a reboot, anything written to the fs still seems permanent. Here's the output of df:

Filesystem     1K-blocks    Used Available Use% Mounted on
/dev/root       15011056 1251204  13117476   9% /
devtmpfs          470180       0    470180   0% /dev
tmpfs             474788       0    474788   0% /dev/shm
tmpfs             474788   12224    462564   3% /run
tmpfs               5120       4      5116   1% /run/lock
tmpfs             474788       0    474788   0% /sys/fs/cgroup
/dev/mmcblk0p1     41853   21328     20525  51% /boot
tmpfs              94956       0     94956   0% /run/user/1000

It does seem to have made some tmpfs's, but I must have missed an important step somewhere..

Update: after adding "noswap fastboot ro" to /boot/cmdline.txt and editing /etc/fstab, the root and /boot fs now indeed are mounted readonly.

The remaining problem now is the programs I want to run, are to write to the readonly fs. for instance: xauth: error in locking authority file /home/pi/.Xauthority Should I somehow change the homerdir? and what about /tmp and /var ?

The author is really the first person to ask. What do they suggest? — joan, Jul 09 '18 at 09:16

Ingo · Answer 1 · 2018-07-10T16:28:58.290

I had a quick look at the script you have linked to. It says "WARNING!! EXPERIMENTAL SETTINGS" and something like "install it and believe it", not very helpful. To understand what may going wrong I have to dive into the scripts and analyze them what could going wrong. Instead of doing this I would suggest to use a tested and stable script that is more transparent what it does. I use one that answers How do I make the OS reset itself every time it boots up?.

score 1 · Answer 2 · answered Nov 14 '18 at 18:55

I've had more success with this alternative script in a initramfs that overlays the read-only SD card with a tempfs if you are still having difficulties, but YMMV.

https://gist.github.com/kidapu/a03dd5bb8f4ac6a4c7e69c28bacde1d3

Briefly...

Disable and remove the swapfile etc.etc. (as described in the original article)
Copy the script to /etc/initramfs-tools/scripts/init-bottom/root-ro and make it executable (chmod 0755 ...).
Add overlay to /etc/initramfs-tools/modules
Build the initramfs: mkinitramfs -o /boot/initrd
Adjust /boot/cmdline.txt and /boot/config.txt to use the new initramfs and overlay
Reboot.

Was working on my B+ with a fresh Raspbian/PIXEL install.

overlay filesystem

2 Answers2