[SCM] live-boot branch, debian-next, updated. debian/3.0_a29-1-7-g1c1b9d1
Daniel Baumann
daniel at debian.org
Tue Jun 5 16:16:14 UTC 2012
The following commit has been merged in the debian-next branch:
commit 1c1b9d15d16b9adfe8fe8fb6f45f8544e3ede376
Author: Daniel Baumann <daniel at debian.org>
Date: Tue Jun 5 18:16:05 2012 +0200
Updating read-only handling to new parameter handling.
diff --git a/scripts/boot.sh b/scripts/boot.sh
index 2fe563e..d2a5c62 100755
--- a/scripts/boot.sh
+++ b/scripts/boot.sh
@@ -446,9 +446,7 @@ mountroot ()
Arguments
- # make sure all harddisk devices are read-only
- # this is important for forensic investigations
- case "${READ_ONLY}" in
+ case "${LIVE_READ_ONLY}" in
true)
Read_only
;;
diff --git a/scripts/boot/arguments.sh b/scripts/boot/arguments.sh
index d352c6d..08fb051 100755
--- a/scripts/boot/arguments.sh
+++ b/scripts/boot/arguments.sh
@@ -7,16 +7,17 @@ Arguments ()
for ARGUMENT in $(cat /proc/cmdline)
do
case "${ARGUMENT}" in
+ live-boot.read-only|read-only)
+ LIVE_READ_ONLY="true"
+ export LIVE_READ_ONLY
+ ;;
+
live-boot.verify-checksums|verify-checksums)
LIVE_VERIFY_CHECKSUMS="true"
export LIVE_VERIFY_CHECKSUMS
;;
# parameters below need review
- read-only)
- READ_ONLY="true"
- ;;
-
skipconfig)
NOFASTBOOT="true"
NOFSTAB="true"
diff --git a/scripts/boot/read-only.sh b/scripts/boot/read-only.sh
index c8990df..48aa06c 100755
--- a/scripts/boot/read-only.sh
+++ b/scripts/boot/read-only.sh
@@ -4,14 +4,30 @@
Read_only ()
{
- # Marking the usual block devices for harddisks read-only
- for _DEVICE in /dev/sd* /dev/vd*
+ # Marking some block devices as read-only to ensure that nothing
+ # gets written as linux still writes to 'only' read-only mounted filesystems.
+ _DEVICES="/dev/sd* /dev/vd*"
+
+ for _DEVICE in ${_DEVICES}
do
- if [ -b "${_DEVICE}" ]
+ if [ ! -b "${_DEVICE}" ]
then
- printf "Setting device %-9s to read-only mode:" ${_DEVICE} > /dev/console
-
- blockdev --setro ${_DEVICE} && printf " done [ execute \"blockdev --setrw %-9s\" to unlock]\n" ${_DEVICE} > /dev/console || printf "failed\n" > /dev/console
+ continue
fi
+
+ echo -n "Setting ${_DEVICE} read-only..." > /dev/console
+
+ blockdev --setro ${_DEVICE}
+ _RETURN="${?}"
+
+ case "${_RETURN}" in
+ 0)
+ echo " done, use 'blockdev --setrw ${_DEVICE}' to set read-write." > /dev/console
+ ;;
+
+ *)
+ echo " failed." > /dev/console
+ ;;
+ esac
done
}
--
live-boot
More information about the debian-live-changes
mailing list