projects / grml-udev-config.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Release new version 0.3.2
[grml-udev-config.git] / scripts / forensic-mark-readonly
diff --git a/scripts/forensic-mark-readonly b/scripts/forensic-mark-readonly
index 299c661..cd7afc8 100755 (executable)
--- a/scripts/forensic-mark-readonly
+++ b/scripts/forensic-mark-readonly
@@ -1,25 +1,61 @@
 #!/bin/sh
 # Filename:      forensic-mark-readonly
-# Purpose:       force device to readonly mode when booting with bootoption forensic/readonly
+# Purpose:       force block devices to read-only mode when booting with boot option read-only
 # Authors:       grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
 # Bug-Reports:   see http://grml.org/bugs/
 # License:       This file is licensed under the GPL v2 or any later version.
 ################################################################################
 
-# check for forensic/readonly bootoption
-if grep -qe forensic -qe readonly /proc/cmdline ; then
+get_blockdev_dir() {
+    for dir in /sys/subsystem/block/ /sys/class/block/ /sys/block/ ; do
+        [ -d "$dir" ] && echo "$dir" && return
+    done
+}
+
+base() {
+    echo ${1##*/}
+}
+
+dir() {
+    echo ${1%/*}
+}
+
+is_ro() {
+    [ "$(blockdev --getro $1)" = "1" ] && return 0 || return 1
+}
+
+# check for read-only bootoption
+if grep -q read-only /proc/cmdline ; then
  # we get $DEVNAME via udev's environment
  if [ -n "$DEVNAME" ] ; then
-   if [ "$(blockdev --getro $DEVNAME)" = "1" ] ; then
-     logger "forensic mode: device $DEVNAME already set to readonly mode, nothing to do"
+    NAME=$(base $DEVNAME)
+    SYS_DIR=$(get_blockdev_dir)
+
+    if [ -n "$SYS_DIR" ] && [ -n "$NAME" ] ; then
+        DEVICE=$SYS_DIR/*/$NAME
+        if [ -d $DEVICE ] ; then
+            PARENT=$(dir $DEVICE)
+            PARENT=$(base $PARENT)
+            PARENT="/dev/$PARENT"
+        fi
+    fi
+
+   if is_ro "$DEVNAME" ; then
+     logger "forensic mode: device $DEVNAME already set to read-only mode, nothing to do"
+   elif [ -n "$PARENT" ] && ! is_ro "$PARENT" ; then
+     logger "forensic mode: parent device $PARENT is set read-write, not modifying"
+     logger "forensic mode: use blockdev --setro $DEVNAME to set it manually"
    else
-     logger "forensic mode: setting $DEVNAME [$ID_SERIAL] to readonly"
+     logger "forensic mode: setting $DEVNAME [$ID_SERIAL] to read-only"
+
      if blockdev --setro "$DEVNAME" ; then
        logger "|-> done; execute 'blockdev --setrw $DEVNAME' to unlock"
      else
        logger "|-> error while executing blockdev: $(blockdev --setro $DEVNAME 2>&1)"
      fi
+
    fi
+
  fi
 fi
 
custom udev configurations for Grml live system