0020-read-only: iterate over all devices + improve console message layout

0020-read-only: iterate over all devices + improve console message layout

There might be block devices other than /dev/sd* + /dev/vd* (like
/dev/nvme0n*). Instead of hardcoding a static list, let's iterate over
all of them, and then ignore all symlinks (pointing to the actual
devices) and consider only actual block devices.
Also ensure that the device exists (checked via `blockdev --getsz ...`)
before executing `blockdev --setro ...` on it.

Reworked the according console message: using printf with field width
allows us to make this look a bit nicer and better integrate into the
boot sequence look-alike.

JFTR: it would be nice to send output also to `/boot.log` (which ends up
as `/var/log/live/boot.log` on the booted system), but if we do this
then the output is visible twice during startup, as `/boot.live` is sent
to console via `tail -f`. If changing this to only list it via
`/boot.live` it might not be always guaranteed to be visible on screen,
so we didn't change this yet.

This work was funded by Grml-Forensic.