# mark new block devices as readonly when booting with bootoption forensic/readonly
ACTION=="add",    SUBSYSTEM=="block", RUN+="/etc/udev/scripts/forensic-mark-readonly"