You need to make your target device able to survive unexpected events including file corruption, and still be able to boot and achieve at least a minimum level of function. Making the root filesystem read-only is a key part of achieving this ambition because it eliminates accidental over-writes. Making it read-only is easy: replace rw with ro on the kernel command line or use an inherently read-only filesystem such as squashfs. However, you will find that there are a few files and directories that are traditionally writable:
/etc/resolv.conf: This file is written by network configuration scripts to record the addresses of DNS name servers. The information is volatile, so you simply have to make it a symlink to a temporary directory, for example, /etc/resolv.conf -> /var/run/resolv.conf./etc/passwd: This file, along with /etc/group, /etc/shadow, and /etc/gshadow, stores user and group names and passwords. They need to be symbolically linked to an area of persistent storage in the same way as resolv.conf./var/lib: Many applications expect to be able to write to this directory and to keep permanent data here as well. One solution is to copy a base set of files to a tmpfs filesystem at boot time and then bind mount /var/lib to the new location by putting a sequence of commands such as these into one of the boot scripts:mkdir -p /var/volatile/lib cp -a /var/lib/* /var/volatile/lib mount --bind /var/volatile/lib /var/lib
/var/log: This is the place where syslog and other daemons keep their logs. Generally, logging to flash memory is not desirable because of the many small write cycles it generates. A simple solution is to mount /var/log using tmpfs, making all log messages volatile. In the case of syslogd, BusyBox has a version that can log to a circular ring buffer.If you are using the Yocto Project, you can create a read-only root filesystem by adding IMAGE_FEATURES = "read-only-rootfs" to conf/local.conf or to your image recipe.