Mounting a Pi with Wheezy read-only

April 6, 2016

A while back, I had a need to make a Raspberry Pi have a read-only filesystem. I used the instructions at: to do so.

Just in case that goes away or changes, here’s what I did:

dphys-swapfile swapoff
dphys-swapfile uninstall
update-rc.d dphys-swapfile disable
aptitude install unionfs-fuse

Then create an executable script as follows in /usr/local/bin/mount_unionfs:

ROOT_MOUNT=$(awk '$2=="/" {print substr($4,1,2)}' < /etc/fstab)
if [ $ROOT_MOUNT = "rw" ]
  /bin/mount --bind ${DIR}_org ${DIR}
  /bin/mount -t tmpfs ramdisk ${DIR}_rw
  /usr/bin/unionfs-fuse -o cow,allow_other,suid,dev,nonempty ${DIR}_rw=RW:${DIR}_org=RO ${DIR}

Next, make / read-only and mount /etc and /var as ramdisk in /etc/fstab:

/dev/mmcblk0p1  /boot           vfat    ro                0       2
/dev/mmcblk0p2  /               ext4    ro,noatime        0       1
mount_unionfs   /etc            fuse    defaults          0       0
mount_unionfs   /var            fuse    defaults          0       0

Finally, make the magic directories:

cp -al /etc /etc_org
mv /var /var_org
mkdir /etc_rw
mkdir /var /var_rw

Recently, I had to add a user to a group. To do that, I used:

umount /etc
mount -o remount,rw /

to make /etc/ writable again.