A few years ago at my middle school, they gave each student a laptop loaded with Windows XP and locked it up with Deep Freeze by Faronics, a program that prevented permanent file changes and re-set the filesystem to it’s previous state upon a reboot. It does this, I believe, by saving all file changes to RAM or something similar using a tmpfs-like mechanism. Well, after I graduated from the school, I offered to provide voluntary computer service once each week. I showed them the awesomeness of open source software and they actually started using GNU/Linux distributions, OpenOffice.org, Clonezilla and the like in their computer systems which I taught them how to use. I noticed, however, that there was a rather large hurdle to cross for them to switch to Free Software on the workstations and laptops at the school, and this was the lack of a Deep Freeze-like program to prevent permanent file changes, so I took on that challenge with LinFreeze.
I noticed a couple flaws with the Deep Freeze model that I actually tried to improve on with LinFreeze, however. For example, Deep Freeze only “froze” the entire system, not specific folders or user directories, thereby requiring a reboot into “un-frozen mode” to install software or make changes. I changed how that worked for LinFreeze by only allowing individual folders to be “frozen” in time, including user home directories. That way administrators can install software without needing to reboot, and all that would be needed to secure that would be to restrict installing software to administration accounts (or the root user), a relatively simple thing to do.
When I first wrote LinFreeze it was very basic and simple, but late last year I decided to work on the project again and put it up for public testing and contribution. So far it hasn’t exactly gotten the audience it deserves, so I decided to write this article about it. LinFreeze is written entirely in Bash and modifies the /etc/fstab file to work, so it’s inherently a very risky program to use, though I believe I’ve ironed out many of the potential bugs over the past six months.
You can download it at its GitHub page and read the README file for information on how to install and use the program. After installing, you can read it’s man page by typing “man linfreeze”. Enjoy, and any contributions (especially translations) would be greatly appreciated!