A while back, I had a need to make a Raspberry Pi have a read-only filesystem. I used the instructions at: github.com/tvdzwan/hyperion/wiki/Make-Raspbian-Read-Only to do so.
Just in case that goes away or changes, hereβs what I did:
dphys-swapfile swapoff
dphys-swapfile uninstall
update-rc.d dphys-swapfile disable
aptitude install unionfs-fuse
Then create an executable script as follows in /usr/local/bin/mount_unionfs:
#!/bin/sh
DIR=$1
ROOT_MOUNT=$(awk '$2=="/" {print substr($4,1,2)}' < /etc/fstab)
if [ $ROOT_MOUNT = "rw" ]
then
/bin/mount --bind ${DIR}_org ${DIR}
else
/bin/mount -t tmpfs ramdisk ${DIR}_rw
/usr/bin/unionfs-fuse -o cow,allow_other,suid,dev,nonempty ${DIR}_rw=RW:${DIR}_org=RO ${DIR}
fi
Next, make / read-only and mount /etc and /var as ramdisk in /etc/fstab:
/dev/mmcblk0p1 /boot vfat ro 0 2
/dev/mmcblk0p2 / ext4 ro,noatime 0 1
mount_unionfs /etc fuse defaults 0 0
mount_unionfs /var fuse defaults 0 0
Finally, make the magic directories:
cp -al /etc /etc_org
mv /var /var_org
mkdir /etc_rw
mkdir /var /var_rw
reboot
Recently, I had to add a user to a group. To do that, I used:
umount /etc
mount -o remount,rw /
to make /etc/ writable again.