Make a drive read only

hey
i have many flash storage pendrives and i want to make them read-only so no one no system can write on it how can i do it.
this is important in certain use case. i want to make my drives only read the data from but no one can actually write anything.

The manual pages contain such information: man mount | grep read-only

The answer is the mount option -r: e.g., if you do not need any other option, it would be sudo mount -r /dev/sdd1 mountfolder

Extract from the mount manual:

   -r, --read-only
       Mount the filesystem read-only. A synonym is -o ro.

       Note that, depending on the filesystem type, state and kernel behavior, the system may still write to the device. For example, ext3 and ext4 will replay the journal if the
       filesystem is dirty. To prevent this kind of write access, you may want to mount an ext3 or ext4 filesystem with the ro,noload mount options or set the block device itself to
       read-only mode, see the blockdev(8) command.

As far as I remember, you use GNOME. Unfortunately, I do not know if there is a GUI method in GNOME to mount read-only. In either case, if you want to ensure that there is really no write possible, you should ensure that read-only is applied on the mount level

You may want to consider buying write-once drives. Other than that, I am not sure how you could make a drive read-only unless the hardware itself supported it. Anything you could do via software, someone else could undo.

It might help to understand the specific use-case.

I am not sure how I understand how that would help the problem? That would just mount the device as read-only. As soon as you removed it and handed it to someone else they could mount it as read-write.

2 Likes

This is the way I understood the question: no one / nothing can write on the pendrive once it is mounted on a system, but it shall remain readable. However, now that you say it, the question can be also interpreted the other way.

@frankjunior do you want to achieve read-only when mounted on a system (so, read-only to everything and everyone on the system: users, daemons, tools, …), or generally that once you have written something to the drive, it can no longer be written anything more to it?

1 Like

One way to do this is to open a terminal in the top directory of the drive and run this command:

sudo chatter -R +i *

This will set the immutable bit on every file and directory on the drive, making it impossible for anybody, even root, to modify or delete anything on the drive.

Actually i was looking for some way if i could set my drive in such a way that what ever i have written no one can edit or copy other files into the drive and i only have access or just a quick format will make it again read and writeable so somehow if it can be done and i think i need to be stick with fat exfat or ntfs as i need to hand it to may have windows systems.

I have seen older SD cards with a manual switch to make it read only. Have never seen such a thing with USB flash drives, and don’t know of any way to make a usb drive with FAT or NTFS file system as read only.

On second thought, a failing device automatically goes read only, but that is not what you are asking for.