From aab37752340b1cc8f271a08c3a5d9127d4161580 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <admiralnemo@gmail.com>
Date: Mon, 14 Oct 2013 21:08:22 -0500
Subject: [PATCH] create-vmachine: Make / and /usr read-only

---
 create-vmachine.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/create-vmachine.sh b/create-vmachine.sh
index be1c915..487591f 100755
--- a/create-vmachine.sh
+++ b/create-vmachine.sh
@@ -113,8 +113,8 @@ ln -s /etc/init.d/sshd "${MOUNTPOINT}"/etc/runlevels/default/
 
 echo "Configuring fstab..."
 cat << EOF > "${MOUNTPOINT}"/etc/fstab
-LABEL=root		/		xfs		noatime		0 1
-LABEL=usr		/usr		xfs		noatime		0 2
+LABEL=root		/		xfs		ro,noatime	0 1
+LABEL=usr		/usr		xfs		ro,noatime	0 2
 LABEL=var		/var		xfs		noatime		0 2
 LABEL=home		/home		xfs		noatime		0 2
 tmpfs			/tmp		tmpfs		defaults	0 0