Merge upstream version 1.173.2-1.
[live-initramfs-grml.git] / debian / patches / 08_readonly_devices.dpatch
1 #! /bin/sh /usr/share/dpatch/dpatch-run
2 ## 08_readonly_devices.dpatch by  <mika@grml.org>
3 ##
4 ## All lines beginning with `## DP:' are a description of the patch.
5 ## DP: set all harddisk devices to read-only mode for forensics investigations
6
7 @DPATCH@
8 diff -urNad live-initramfs-grml~/debian/rules live-initramfs-grml/debian/rules
9 --- live-initramfs-grml~/debian/rules   2009-02-23 13:55:01.000000000 +0100
10 +++ live-initramfs-grml/debian/rules    2009-02-24 10:05:58.447777665 +0100
11 @@ -59,6 +59,8 @@
12         install -m 755 grml/23networking \
13           ./debian/live-initramfs/usr/share/initramfs-tools/scripts/live-bottom/23networking
14  
15 +       chmod 755 ./debian/live-initramfs/usr/share/initramfs-tools/scripts/live-premount/readonly
16 +
17         # Removing double files
18         rm -f debian/live-initramfs/usr/share/doc/live-initramfs/COPYING
19         rm -f debian/live-initramfs/usr/share/doc/live-initramfs/ChangeLog
20 diff -urNad live-initramfs-grml~/hooks/live live-initramfs-grml/hooks/live
21 --- live-initramfs-grml~/hooks/live     2009-02-24 10:05:58.127763179 +0100
22 +++ live-initramfs-grml/hooks/live      2009-02-24 10:05:58.447777665 +0100
23 @@ -163,6 +163,12 @@
24         copy_exec /usr/bin/wget /bin
25  fi
26  
27 +# Program: blockdev
28 +if [ -x /sbin/blockdev ]
29 +then
30 +       copy_exec /sbin/blockdev /sbin
31 +fi
32 +
33  # FUSE kernel module
34  manual_add_modules fuse
35  
36 diff -urNad live-initramfs-grml~/scripts/live-premount/readonly live-initramfs-grml/scripts/live-premount/readonly
37 --- live-initramfs-grml~/scripts/live-premount/readonly 1970-01-01 01:00:00.000000000 +0100
38 +++ live-initramfs-grml/scripts/live-premount/readonly  2009-02-24 10:06:38.771091722 +0100
39 @@ -0,0 +1,32 @@
40 +#!/bin/sh
41 +
42 +#set -e
43 +
44 +# initramfs-tools header
45 +
46 +PREREQ="udev"
47 +
48 +prereqs()
49 +{
50 +       echo "${PREREQ}"
51 +}
52 +
53 +case "${1}" in
54 +       prereqs)
55 +               prereqs
56 +               exit 0
57 +               ;;
58 +esac
59 +
60 +# live-initramfs script
61 +
62 +# make sure all harddisk devices are read-only
63 +# this is important for forensic investigations
64 +if grep -qe forensic -qe readonly /proc/cmdline ; then
65 +   for device in /dev/hd* /dev/sd* /dev/vd* ; do
66 +      if [ -b "$device" ] ; then
67 +        printf " * Setting device %-9s to read-only mode: " $device >/dev/console
68 +         blockdev --setro $device && printf "done [ execute \"blockdev --setrw %-9s\" to unlock]\n" $device >/dev/console || printf "failed\n" >/dev/console
69 +       fi
70 +   done
71 +fi