From d74a8a677ede7a1b867ea97d0596e5f954d67e19 Mon Sep 17 00:00:00 2001 From: Ulrich Dangel Date: Thu, 11 Mar 2010 20:57:43 +0100 Subject: [PATCH] Only set device to read-only if parent is also read-only --- scripts/forensic-mark-readonly | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/scripts/forensic-mark-readonly b/scripts/forensic-mark-readonly index 299c661..909a512 100755 --- a/scripts/forensic-mark-readonly +++ b/scripts/forensic-mark-readonly @@ -6,12 +6,45 @@ # License: This file is licensed under the GPL v2 or any later version. ################################################################################ +function get_blockdev_dir() { + for dir in /sys/subsystem/block/ /sys/class/block/ /sys/block/ ; do + [ -d $dir ] && echo $dir && return + done +} + +function base() { + echo ${1##*/} +} +function dir() { + echo ${1%/*} +} + +function is_ro() { + [ "$(blockdev --getro $1)" = "1" ] && return 0 || return 1 + + +} # check for forensic/readonly bootoption -if grep -qe forensic -qe readonly /proc/cmdline ; then +if : ; then # we get $DEVNAME via udev's environment if [ -n "$DEVNAME" ] ; then - if [ "$(blockdev --getro $DEVNAME)" = "1" ] ; then + NAME=$(base $DEVNAME) + SYS_DIR=$(get_blockdev_dir) + + if [ -n $SYS_DIR ] && [ -n $NAME ] ; then + DEVICE=$SYS_DIR/*/$NAME + if [ -d $DEVICE ] ; then + PARENT=$(dir $DEVICE) + PARENT=$(base $PARENT) + PARENT=/dev/$PARENT + fi + fi + + if is_ro "$DEVNAME" ; then logger "forensic mode: device $DEVNAME already set to readonly mode, nothing to do" + elif [ -n "$PARENT" ] && ! is_ro "$PARENT" ; then + logger "forensic mode: parent device $PARENT is set readwrite, not modifying" + logger "forensic mode: use blockdev --setro $DEVNAME to set it manually" else logger "forensic mode: setting $DEVNAME [$ID_SERIAL] to readonly" if blockdev --setro "$DEVNAME" ; then -- 2.1.4