I want to minimize writes to the boot/root filesystem for a bunch of bullshit reasons:

  • It's a flash drive, so repeated writing will eventually wear it out,
  • "security",
  • keeping myself honest from a reproduceability perspective, in terms of modifying the in-place system vs. the virtual machine image.

Some idealized version of the system would employ a really-read-only boot drive with some sort of overlay/union filesystem to capture changes to reasonable non-volatile storage (such as the RAID array).

In any case, the following has been useful to log writes, in order to determinate what needs to be moved to spinning rust:

$# inotifywait --daemon -e modify,attrib,move,create,delete -r / --exclude='^/(dev|run|proc|sys|data|tmp|home)' --outfile=/data/system/var/log/file-modifications

Since this creates watches on the individual inodes, you will probably need to do something like this, first:

$# echo $(( 8 * (2 ** 20) )) > /proc/sys/fs/inotify/max_user_watches

While I'd already proactively moved /var/log/ and /var/lib subdirectories for most services, the following were missed as being very write heavy:

/var/lib/samba/private/msg.sock
/var/cache/samba
/var/cache/man
/var/lib/mlocate

After moving/symlinking these to /data/system/ on the RAID, there's just a handful of regular writes that I will need to do further investigation to understand how appropriately to mitigate:

/var/lib/private/systemd/timesync/clock
/var/lib/systemd/timers/stamp-cron-hourly.timer
/var/log/{lastlog,wtmp}
/root/.bash_history

Published

Category

Posts

Tags

Contact