X-Git-Url: http://git.grml.org/?a=blobdiff_plain;f=scripts%2Fforensic-mark-readonly;h=f277df5127428fea6d08a2774517fd4fa03cd861;hb=f6197c0734dfca60a9e690e3f2a027580f67c57f;hp=299c6611809f82178a1e115283040e9cd34baa6e;hpb=cccdf8cb13ebfb453a713164f4c58a9b0e2f9e9b;p=grml-udev-config.git

diff --git a/scripts/forensic-mark-readonly b/scripts/forensic-mark-readonly
index 299c661..f277df5 100755
--- a/scripts/forensic-mark-readonly
+++ b/scripts/forensic-mark-readonly
@@ -6,20 +6,56 @@
 # License:       This file is licensed under the GPL v2 or any later version.
 ################################################################################
 
+get_blockdev_dir() {
+    for dir in /sys/subsystem/block/ /sys/class/block/ /sys/block/ ; do
+        [ -d "$dir" ] && echo "$dir" && return
+    done
+}
+
+base() {
+    echo ${1##*/}
+}
+
+dir() {
+    echo ${1%/*}
+}
+
+is_ro() {
+    [ "$(blockdev --getro $1)" = "1" ] && return 0 || return 1
+}
+
 # check for forensic/readonly bootoption
 if grep -qe forensic -qe readonly /proc/cmdline ; then
  # we get $DEVNAME via udev's environment
  if [ -n "$DEVNAME" ] ; then
-   if [ "$(blockdev --getro $DEVNAME)" = "1" ] ; then
-     logger "forensic mode: device $DEVNAME already set to readonly mode, nothing to do"
+    NAME=$(base $DEVNAME)
+    SYS_DIR=$(get_blockdev_dir)
+
+    if [ -n "$SYS_DIR" ] && [ -n "$NAME" ] ; then
+        DEVICE=$SYS_DIR/*/$NAME
+        if [ -d $DEVICE ] ; then
+            PARENT=$(dir $DEVICE)
+            PARENT=$(base $PARENT)
+            PARENT="/dev/$PARENT"
+        fi
+    fi
+
+   if is_ro "$DEVNAME" ; then
+     logger "forensic mode: device $DEVNAME already set to read-only mode, nothing to do"
+   elif [ -n "$PARENT" ] && ! is_ro "$PARENT" ; then
+     logger "forensic mode: parent device $PARENT is set read-write, not modifying"
+     logger "forensic mode: use blockdev --setro $DEVNAME to set it manually"
    else
-     logger "forensic mode: setting $DEVNAME [$ID_SERIAL] to readonly"
+     logger "forensic mode: setting $DEVNAME [$ID_SERIAL] to read-only"
+
      if blockdev --setro "$DEVNAME" ; then
        logger "|-> done; execute 'blockdev --setrw $DEVNAME' to unlock"
      else
        logger "|-> error while executing blockdev: $(blockdev --setro $DEVNAME 2>&1)"
      fi
+
    fi
+
  fi
 fi