aboutsummaryrefslogtreecommitdiff
path: root/doc/guix.texi
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2015-04-20 22:21:51 +0200
committerLudovic Courtès <ludo@gnu.org>2015-04-20 22:21:51 +0200
commit3392ce5d606be84c07624e0626b99e410449639f (patch)
tree7e7d739c3019463a479e4c85e5ebc99fc9b3b204 /doc/guix.texi
parentb86fee7848f964da4d5e695dc8027d95d40a1c77 (diff)
downloadpatches-3392ce5d606be84c07624e0626b99e410449639f.tar
patches-3392ce5d606be84c07624e0626b99e410449639f.tar.gz
system: Make /gnu/store a read-only bind mount by default.
* gnu/system/file-systems.scm (%immutable-store): New variable. (%base-file-systems): Add it. * doc/guix.texi (File Systems): Document it.
Diffstat (limited to 'doc/guix.texi')
-rw-r--r--doc/guix.texi15
1 files changed, 13 insertions, 2 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 09dcff59f4..4269d4fa5f 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -4221,8 +4221,9 @@ variables.
@defvr {Scheme Variable} %base-file-systems
These are essential file systems that are required on normal systems,
-such as @var{%devtmpfs-file-system} (see below.) Operating system
-declarations should always contain at least these.
+such as @var{%devtmpfs-file-system} and @var{%immutable-store} (see
+below.) Operating system declarations should always contain at least
+these.
@end defvr
@defvr {Scheme Variable} %devtmpfs-file-system
@@ -4244,6 +4245,16 @@ memory sharing across processes (@pxref{Memory-mapped I/O,
@code{shm_open},, libc, The GNU C Library Reference Manual}).
@end defvr
+@defvr {Scheme Variable} %immutable-store
+This file system performs a read-only ``bind mount'' of
+@file{/gnu/store}, making it read-only for all the users including
+@code{root}. This prevents against accidental modification by software
+running as @code{root} or by system administrators.
+
+The daemon itself is still able to write to the store: it remounts it
+read-write in its own ``name space.''
+@end defvr
+
@defvr {Scheme Variable} %binary-format-file-system
The @code{binfmt_misc} file system, which allows handling of arbitrary
executable file types to be delegated to user space. This requires the