From: Michael Prokop Date: Fri, 10 Jul 2020 06:57:19 +0000 (+0200) Subject: 0020-read-only: iterate over all devices + improve console message layout X-Git-Tag: debian/1%20200527+grml.3~2 X-Git-Url: http://git.grml.org/?p=live-boot-grml.git;a=commitdiff_plain;h=b368066d452acfaf624757e84bfdbe0db10b89ae 0020-read-only: iterate over all devices + improve console message layout There might be block devices other than /dev/sd* + /dev/vd* (like /dev/nvme0n*). Instead of hardcoding a static list, let's iterate over all of them, and then ignore all symlinks (pointing to the actual devices) and consider only actual block devices. Also ensure that the device exists (checked via `blockdev --getsz ...`) before executing `blockdev --setro ...` on it. Reworked the according console message: using printf with field width allows us to make this look a bit nicer and better integrate into the boot sequence look-alike. JFTR: it would be nice to send output also to `/boot.log` (which ends up as `/var/log/live/boot.log` on the booted system), but if we do this then the output is visible twice during startup, as `/boot.live` is sent to console via `tail -f`. If changing this to only list it via `/boot.live` it might not be always guaranteed to be visible on screen, so we didn't change this yet. This work was funded by Grml-Forensic. --- diff --git a/components/0020-read-only b/components/0020-read-only index f56b8cf..84d73ef 100755 --- a/components/0020-read-only +++ b/components/0020-read-only @@ -29,27 +29,40 @@ Read_only () # Marking some block devices as read-only to ensure that nothing # gets written as linux still writes to 'only' read-only mounted filesystems. - LIVE_READ_ONLY_DEVICES="${LIVE_READ_ONLY_DEVICES:-/dev/sd* /dev/vd*}" + LIVE_READ_ONLY_DEVICES="${LIVE_READ_ONLY_DEVICES:-/dev/* /dev/*/*}" for _DEVICE in $(echo ${LIVE_READ_ONLY_DEVICES} | sed -e 's|,| |g') do + # ignore symlinks like /dev/cdrom, /dev/block/* which point to actual devices + if [ -L "${_DEVICE}" ] + then + continue + fi + + # only consider actual block devices if [ ! -b "${_DEVICE}" ] then continue fi - echo -n "live-boot: Setting ${_DEVICE} read-only..." > /dev/console + if ! blockdev --getsz "${_DEVICE}" >/dev/null 2>&1 + then + printf " * live-boot: Ignoring '%-10s' (not present?)\n" "${_DEVICE}" > /dev/console + continue + fi + + printf " * live-boot: Setting %-10s read-only..." "${_DEVICE}" > /dev/console - blockdev --setro ${_DEVICE} + blockdev --setro "${_DEVICE}" _RETURN="${?}" case "${_RETURN}" in 0) - echo " done, use 'blockdev --setrw ${_DEVICE}' to set read-write." > /dev/console + printf " done, use 'blockdev --setrw %-10s' to set read-write.\n" "${_DEVICE}" > /dev/console ;; *) - echo " failed." > /dev/console + printf " failed.\n" > /dev/console ;; esac done