You are not logged in.

#1 2019-08-05 07:53:01

Colonel Panic
Member
Registered: 2018-11-13
Posts: 128

Is a read-only partition for operating system files a good idea?

I've just seen this distro mentioned on Distrowatch, and it caught my interest;

* * * * *
"Resilient Linux 1.0

The first project on my experimental list is Resilient Linux. Resilient is based on Debian 9 "Stretch" and is designed to run with the operating system on a read-only partition. A second partition, referred to as the persistence partition, includes system updates and user data. This arrangement offers a few benefits. One is that we can backup the entire system by taking a snapshot or archive of the persistence partition. Another is that attackers cannot directly corrupt or compromise the main operating system partition since they cannot write to it. Finally, it should be very easy to restore or transfer an existing system by installing Resilient and then copying the persistence partition to the new operating system.

The Resilient website reports that the persistence partition can be encrypted for additional security and the distribution is available in Desktop and Server editions. At the moment, Resilient is available for 64-bit computers (x86_64) only. The distribution's Desktop edition is available as a 3.2GB Zip file, which unpacks to a 4.3GB image file.

I tried booting off the image file and, each time, the system began to boot and then dropped me to an initramfs prompt. After trying a few different boot options, I had to admit defeat. While Resilient is not working for me yet, I think the idea of a read-only operating system partition makes sense. It sounds similar to openSUSE's Transactional Server or Fedora's Silverblue operating system, but with a Debian base. I am hoping the next release runs for me so I can give this concept a try."

It looks to me like a good idea although it's clearly got problems in its current implementation. What do other people think?

Offline

#2 2019-08-05 11:19:21

clusterF
Member
Registered: 2019-05-07
Posts: 314

Re: Is a read-only partition for operating system files a good idea?

Debian has an article in regards to read only root. Probably only a good idea if one knows what they are doing, as Jessie Smith said he couldn't get Resilient Linux to work "yet".

https://wiki.debian.org/ReadonlyRoot

Might have to download this Resilient linux, looks interesting.

Last edited by clusterF (2019-08-05 11:22:55)


"Common sense is like deodorant, those who need it the most never use it."

git: clusterF

Online

#3 2019-08-05 12:38:31

ohnonot
...again
Registered: 2015-09-29
Posts: 4,165
Website

Re: Is a read-only partition for operating system files a good idea?

Their website does not seem very "resilient" to me:
http://dt.iki.fi/stuff/forums/resilient-linux.png
https://dt.iki.fi/stuff/forums/resilient-linux.png

Also, only 2 contributors and 36 commits after less than a year of development:
https://github.com/marco-buratto/resili … ntributors
- "version 1.0" seems not only unjustified here but outright misleading.

My preliminary opinion:
just another vanity project that hops onto the current hype.
Let's see after a year or so. It's not like there wasn't enough choice already in this category.

Offline

#4 2019-08-05 12:57:33

glittersloth
...always giving it to you straight
Registered: 2015-09-30
Posts: 901

Re: Is a read-only partition for operating system files a good idea?

They're not alone though. If you offered to give me a buck for every supposed security/privacy related site I visited that couldn't even get past the HTTPS Everywhere hurdle this past week, you'd probably be $50 poorer today. lol

Offline

#5 2019-08-05 14:40:28

clusterF
Member
Registered: 2019-05-07
Posts: 314

Re: Is a read-only partition for operating system files a good idea?

ohnonot wrote:

Their website does not seem very "resilient" to me:
http://dt.iki.fi/stuff/forums/resilient-linux.png
https://dt.iki.fi/stuff/forums/resilient-linux.png

Also, only 2 contributors and 36 commits after less than a year of development:
https://github.com/marco-buratto/resili … ntributors
- "version 1.0" seems not only unjustified here but outright misleading.

My preliminary opinion:
just another vanity project that hops onto the current hype.
Let's see after a year or so. It's not like there wasn't enough choice already in this category.

If you dig a little deeper they (the second contributor) seem to be connected to secure k os.

https://github.com/lumitlabs

https://distrowatch.com/table.php?distribution=securek

Last edited by clusterF (2019-08-05 14:46:17)


"Common sense is like deodorant, those who need it the most never use it."

git: clusterF

Online

#6 2019-08-05 16:48:27

ratcheer
Member
From: USA
Registered: 2015-10-05
Posts: 233

Re: Is a read-only partition for operating system files a good idea?

The whole idea sounds like Fedora Silverblue, to me.

Offline

#7 2019-08-09 20:55:27

Colonel Panic
Member
Registered: 2018-11-13
Posts: 128

Re: Is a read-only partition for operating system files a good idea?

Thanks to everyone who's replied. I've not tried this distro myself and don't really consider myself competent to comment on what it's trying to do, but I will say that if providing a snapshot of a partition is a goal (for backup purposes etc.), I think the best way of doing it is to use a program like Clonezilla.

Last edited by Colonel Panic (2019-08-09 20:58:15)

Offline

Board footer

Powered by FluxBB