4.2 Request - readonly ROOT filesystem

[Dan Ts'o]

Hi,
	Your suggestion to mount the ROOT filesystem at UNIX initialization
time *should* work. But besides calling mountfs() in main() with 1 to flag
a readonly rootdev, there may be other problems to deal with (some difficult
to predict without trying).
	You mentioned wanting to put /dev/kmem on this readonly rootdev. I
assume you wanted this as extra protection so you couldn't write on /dev/kmem
even if the write permissions were on. (This doesn't make much sense to me...)
In any case, if you look in access() in 4.2BSD, it checks if the inode being
opened is a char or block dev and *allows* write access *even* if the inode
is on a readonly filesystem. (Some older UNIX systems do not check this case.)
Even if you commented out this check, a bad side effect would be that nobody
could open /dev/tty* for writing.
	Since pipes in 4.2BSD are not inodes but sockets, you're okay here.
Older UNIX's would have to make sure (I think) that pipedev was not readonly.
Swapdev in 4.2BSD is almost never the root filesystem partition and would never
be a part of the root filesystem itself.
	There are a few files which UNIX like to write on in the root
filesystem. These would have to be moved, either by changing programs and
utilities to use different path names which reside on writeable filesystems,
mounting a writeable filesystem on the relevent directory, or using symbolic
links to point to a file in a writeable filesystem. One such file that comes
to mind is /etc/utmp. There may be others. 
	I believe that what you want is quite do-able, but it might take a
little experimentation. Certain UNIX is general is amenable to the idea.
Something similar and (probably) far more work was done in the HP Integral.

					Cheers,
					Dan Ts'o
					Dept. Neurobiology
					Rockefeller Univ.
					1230 York Ave.
					NY, NY 10021
					212-570-7671
					...cmcl2!rna!dan