Persistent read-only link?

jossking · July 18, 2025, 12:06pm

Ubuntu Version:
24.04 LTS

Problem Description:
I’m trying to create a large photo album on a website. Each theme is assigned a directory. In each directory are all the thumbnails for the theme. I also want to create a directory that links to another directory where the full-size photos are stored. For my own peace of mind, I want this to be a read only link.

I have tried creating a symbolic directory link. It works but I cannot make it read only.

I have tried a mount --bind using the following:

mount --bind /path/to/target /path/to/link
mount -o remount,ro,bind /path/to/link

Again, this works, it is read only but it doesn’t persist through a reboot.

I know I can add the details to /etc/fstab but that is going to be very tedious (and probably open to many errors).

There must be an easier way.

halogen2 · July 19, 2025, 12:48am

Don’t know any easier way, but here’s an idea for a different way where errors might be less problematic: Can you use systemd mount units?

Since you seem to be indicating that you’ll need a lot of these read-only bind mounts, here is some bash code that might help you create a shell script based on the idea of implementing these read-only bind mounts with systemd mount units:

src='/path/to/target'
dest='/path/to/link'
mount_unit="$(systemd-escape --path --suffix='mount' "$dest")"

echo "[Mount]
What=${src}
Where=${dest}
Options=bind,ro

[Install]
WantedBy=multi-user.target" | sudo tee "/etc/systemd/system/$mount_unit"

sudo systemctl enable --now "$mount_unit"

Of course replacing /path/to/target with the actual path to the “real” storage directory and /path/to/link with the actual path at which you want the read-only bind mount.

For more info about what this code snippet is doing, refer to the following man pages:

man systemd.mount
man systemd.unit
man systemd-escape

Does this help?

vanadium · July 19, 2025, 4:40pm

What do you exactly mean? You are creating these directories and links on a webserver?

jossking · July 22, 2025, 3:55pm

Yes, vanadium, I mean on a webserver.

Thanks, halogen2, for going to all that effort. The problem is clearly surmountable but I think I’ll pursue a PHP route instead.

It seems that Unix was never designed with read-only links in mind so I’ll need to properly embrace file permissions instead.

aljames · July 22, 2025, 5:12pm

Have you looked into Nextcloud or Owncloud which can be set up on Ubuntu server and may have features already developed that accomplish what you want. Lots of security and network considerations to get in order if looking to put a server on the internet.

Actionparsnip · July 23, 2025, 7:22am

https://serverfault.com/questions/613179/how-do-i-do-mount-bind-in-etc-fstab

Add it to fstab. Run:
mount -a

When you have added it, to test. Ensure the mount point exists too

vanadium · July 23, 2025, 2:12pm

Can you not play with the permissions? Make sure the web server software can only read, then give user needing to manage the pictures read/write access?

Your ultimate goal is not clear to me. You are concerned about the webserver software possibly modifying the pictures?

system · August 27, 2025, 1:10am

This topic was automatically closed after 39 days. New replies are no longer allowed.