Booting and mounting all filesystems read-only removes the need to fsck(8) if your system crashes or to allow use in an embedded environment where systems are powered down without shutdown(8).
The following changes were made to boot FreeBSD 4.5-RELEASE read-only but the general principles apply to any version. You want to disable any programs that have to write to the filesystem and provide a memory-backed filesystem for the one area that does need to be written (/var/run). You could also make all of /var an md(4) filesystem but this is not necessary unless you want to run syslogd(8), sendmail(8), etc.
# Disable various services that try to write to the filesystem sendmail_enable="NONE" update_motd="NO" root_rw_mount="NO" clear_tmp_enable="NO" syslogd_enable="NO" cron_enable="NO"
# Device Mountpoint FStype Options Dump Pass# /dev/ad0s4a / ufs ro 1 1 /dev/ad0s4e /usr ufs ro 2 2
Add this patch to your /etc/rc:
--- rc.orig Fri Mar 14 11:46:12 2003
+++ rc Fri Mar 14 11:47:46 2003
@@ -225,6 +225,12 @@
;;
esac
+echo 'Building /var/run memory filesystem'
+disklabel -r -w md0 auto && \
+ newfs /dev/md0c > /dev/null && \
+ mount /dev/md0c /var/run && \
+ chmod 755 /var/run
+
adjkerntz -i
purgedir() {
@@ -337,11 +343,11 @@
# Whack the pty perms back into shape.
#
-if ls /dev/tty[pqrsPQRS]* > /dev/null 2>&1; then
- chflags 0 /dev/tty[pqrsPQRS]*
- chmod 666 /dev/tty[pqrsPQRS]*
- chown root:wheel /dev/tty[pqrsPQRS]*
-fi
+#if ls /dev/tty[pqrsPQRS]* > /dev/null 2>&1; then
+# chflags 0 /dev/tty[pqrsPQRS]*
+# chmod 666 /dev/tty[pqrsPQRS]*
+# chown root:wheel /dev/tty[pqrsPQRS]*
+#fi
# Clean up left-over files
#