diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2019-02-02 10:00:00 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2019-02-02 10:00:00 +0000 |
| commit | 32322960234c8ec91e0d42835a3ec5ee63305070 (patch) | |
| tree | 71d79574de0193778ad6cc6c96dfd4f74fa6bbbb /system-boot/components/0020-read-only | |
| parent | Initial commit. (diff) | |
| download | open-infrastructure-system-tools-32322960234c8ec91e0d42835a3ec5ee63305070.tar.xz open-infrastructure-system-tools-32322960234c8ec91e0d42835a3ec5ee63305070.zip | |
Adding upstream version 20190202.upstream/20190202
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
| -rwxr-xr-x | system-boot/components/0020-read-only | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/system-boot/components/0020-read-only b/system-boot/components/0020-read-only new file mode 100755 index 0000000..f56b8cf --- /dev/null +++ b/system-boot/components/0020-read-only @@ -0,0 +1,72 @@ +#!/bin/sh + +#set -e + +Read_only () +{ + for _PARAMETER in ${LIVE_BOOT_CMDLINE} + do + case "${_PARAMETER}" in + live-boot.read-only=*|read-only=*) + LIVE_READ_ONLY="true" + LIVE_READ_ONLY_DEVICES="${_PARAMETER#*read-only=}" + ;; + + live-boot.read-only|read-only) + LIVE_READ_ONLY="true" + ;; + esac + done + + case "${LIVE_READ_ONLY}" in + true) + ;; + + *) + return 0 + ;; + esac + + # Marking some block devices as read-only to ensure that nothing + # gets written as linux still writes to 'only' read-only mounted filesystems. + LIVE_READ_ONLY_DEVICES="${LIVE_READ_ONLY_DEVICES:-/dev/sd* /dev/vd*}" + + for _DEVICE in $(echo ${LIVE_READ_ONLY_DEVICES} | sed -e 's|,| |g') + do + if [ ! -b "${_DEVICE}" ] + then + continue + fi + + echo -n "live-boot: Setting ${_DEVICE} read-only..." > /dev/console + + blockdev --setro ${_DEVICE} + _RETURN="${?}" + + case "${_RETURN}" in + 0) + echo " done, use 'blockdev --setrw ${_DEVICE}' to set read-write." > /dev/console + ;; + + *) + echo " failed." > /dev/console + ;; + esac + done + + if grep -qw persistence /proc/cmdline + then + printf " * Persistence mode enabled, searching for persistency related devices to unlock\n" >/dev/console + + for label in custom-ov home-rw home-sn live-rw live-sn persistence + do + if blkid -t LABEL="$label" | grep -q '.' + then + device=$(blkid -t LABEL="$label" | awk -F: '{print $1}') + printf " - Setting device %-9s with label '%s' to write mode for persistence mode: " "$device" "$label" >/dev/console + blockdev --setrw $device && printf "done\n" >/dev/console || printf "failed\n" >/dev/console + fi + done + fi + +} |