[SCM] live-initramfs branch, master, updated. 1.157.4-1-11-gfc2a897
Daniel Baumann
daniel at debian.org
Mon Oct 26 11:57:54 UTC 2009
The following commit has been merged in the master branch:
commit a097dd26d2a8362c1ec0efe2e420d18ce0d5e7fb
Author: Daniel Baumann <daniel at debian.org>
Date: Mon Oct 26 12:51:22 2009 +0100
Adapting a patch from Michael Prokop <mika at grml.org> to set all harddisk devices to read-only mode for forensics investigations.
diff --git a/hooks/live b/hooks/live
index a940846..aa7b020 100755
--- a/hooks/live
+++ b/hooks/live
@@ -174,6 +174,12 @@ then
copy_exec /usr/bin/wget /bin
fi
+# Program: blockdev
+if [ -x /sbin/blockdev ]
+then
+ copy_exec /sbin/blockdev /sbin
+fi
+
# FUSE kernel module
manual_add_modules fuse
diff --git a/scripts/live-premount/readonly b/scripts/live-premount/readonly
new file mode 100755
index 0000000..8bed733
--- /dev/null
+++ b/scripts/live-premount/readonly
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+#set -e
+
+# initramfs-tools header
+
+PREREQ="udev"
+
+prereqs()
+{
+ echo "${PREREQ}"
+}
+
+case "${1}" in
+ prereqs)
+ prereqs
+ exit 0
+ ;;
+esac
+
+# live-initramfs script
+
+# make sure all harddisk devices are read-only
+# this is important for forensic investigations
+if grep -qe forensic -qe readonly /proc/cmdline
+then
+ for device in /dev/hd* /dev/sd* /dev/vd*
+ do
+ if [ -b "$device" ]
+ then
+ printf " * Setting device %-9s to read-only mode: " $device >/dev/console
+ blockdev --setro $device && printf "done [ execute \"blockdev --setrw %-9s\" to unlock]\n" $device >/dev/console || printf "failed\n" >/dev/console
+ fi
+ done
+fi
--
live-initramfs
More information about the debian-live-changes
mailing list