Read only mounts?

[ghost]

Is there a way to have bind option make read-only mounts?

[vincenthage]

Hi there,
The read-only feature isn't natively included in PRoot,
though there are solutions that might approach what you want:

• Creating the read-only symlink beforehand, that will act as a read-only filter, and then bind it with PRoot. Though this might require special rights / advanced version of the kernel to do so.
• You could try @alejandroliu PR that does copy-on-write, but it applies to all files, not only some selected mounts.
• Way more hard work: add an extension to PRoot, that will create a bind, but also translate each lstat and prevent any file opening on write mode.

[ghost]

Thanks for answering.
What do you mean by "read-only symlink"? A read-only mount/bind?

[vincenthage]

Yep, so with something like this:

sudo mount --bind -r src/ readonly_src/

which links src and readonly_src but only allows read-only operations, from what I've seen.
And then you can create a Proot binding from readonly_src:

proot -r /home/user -b readonly_src/:guest_src/

and guest_src should be a read-only binding.

The issue is that it requires sudo. I don't know if there are user-space solutions for this.

[jopasserat]

A bit convoluted but you might be able to achieve something similar in user land via fuse?

Using something like bindfs for instance

[ghost]

I guess bindfs is an option. I just have to get comfortable with this thought first, because proot made the user-space bind so easy... :)

[oxr463]

• Example using bindfs with PRoot for read-only mounts.

[terefang]

hello, i am new to proot and before i have been creating readonly bind mounts with

mount --bind -o ro ....

is this a way that can be explored?