components/0020-read-only

   1 #!/bin/sh
   2
   3 #set -e
   4
   5 Read_only ()
   6 {
   7         for _PARAMETER in ${LIVE_BOOT_CMDLINE}
   8         do
   9                 case "${_PARAMETER}" in
  10                         live-boot.read-only=*|read-only=*)
  11                                 LIVE_READ_ONLY="true"
  12                                 LIVE_READ_ONLY_DEVICES="${_PARAMETER#*read-only=}"
  13                                 ;;
  14
  15                         live-boot.read-only|read-only)
  16                                 LIVE_READ_ONLY="true"
  17                                 ;;
  18                 esac
  19         done
  20
  21         case "${LIVE_READ_ONLY}" in
  22                 true)
  23                         ;;
  24
  25                 *)
  26                         return 0
  27                         ;;
  28         esac
  29
  30         # Marking some block devices as read-only to ensure that nothing
  31         # gets written as linux still writes to 'only' read-only mounted filesystems.
  32         LIVE_READ_ONLY_DEVICES="${LIVE_READ_ONLY_DEVICES:-/dev/* /dev/*/*}"
  33
  34         for _DEVICE in $(echo ${LIVE_READ_ONLY_DEVICES} | sed -e 's|,| |g')
  35         do
  36                 # ignore symlinks like /dev/cdrom, /dev/block/* which point to actual devices
  37                 if [ -L "${_DEVICE}" ]
  38                 then
  39                         continue
  40                 fi
  41
  42                 # only consider actual block devices
  43                 if [ ! -b "${_DEVICE}" ]
  44                 then
  45                         continue
  46                 fi
  47
  48                 if ! blockdev --getsz "${_DEVICE}" >/dev/null 2>&1
  49                 then
  50                         printf " * live-boot: Ignoring '%-10s' (not present?)\n" "${_DEVICE}" > /dev/console
  51                         continue
  52                 fi
  53
  54                 printf " * live-boot: Setting %-10s read-only..." "${_DEVICE}" > /dev/console
  55
  56                 blockdev --setro "${_DEVICE}"
  57                 _RETURN="${?}"
  58
  59                 case "${_RETURN}" in
  60                         0)
  61                                 printf " done, use 'blockdev --setrw %-10s' to set read-write.\n" "${_DEVICE}" > /dev/console
  62                                 ;;
  63
  64                         *)
  65                                 printf " failed.\n" > /dev/console
  66                                 ;;
  67                 esac
  68         done
  69
  70         if grep -qw persistence /proc/cmdline
  71                 then
  72                 printf " * Persistence mode enabled, searching for persistency related devices to unlock\n" >/dev/console
  73
  74                 for label in custom-ov home-rw home-sn live-rw live-sn persistence
  75                 do
  76                         if blkid -t LABEL="$label" | grep -q '.'
  77                         then
  78                                 device=$(blkid -t LABEL="$label" | awk -F: '{print $1}')
  79                                 printf "   - Setting device %-9s with label '%s' to write mode for persistence mode: " "$device" "$label" >/dev/console
  80                                 blockdev --setrw $device && printf "done\n" >/dev/console || printf "failed\n" >/dev/console
  81                         fi
  82                 done
  83         fi
  84
  85 }