You should really add some commentary about the tmpfs lines in /etc/fstab before the code listing. When I got to that step, I read that we were ready to set the volume to read-only, and thought, "I know how to do that," and stopped reading at that point, resulting in an unbootable system. I'd imagine many other folks with sysadmin experience will do the same. Actually, you should probably add the tmpfs lines first before you start making changes that depend on them, then make the changes, then change fstab a second time to make it read-only. Also, for Jessie, the systemd changes are unnecessary, because /run is already a tmpfs volume. And it might be worth redirecting things from /var/run to /run just for simplicity (on Jessie).
Posts made by dgatwood
RE: Protect your Raspberry PI SD card, use Read-Only filesystem