diff options
| author | Daniel Baumann <daniel@debian.org> | 2009-10-26 12:51:22 +0100 |
|---|---|---|
| committer | Daniel Baumann <daniel@debian.org> | 2011-03-09 17:48:06 +0100 |
| commit | f47a93a78a4a7d45d3db17184d592895dd913a4d (patch) | |
| tree | 7565420766c3247b1f30d232c5b3e50744f5ce52 /scripts | |
| parent | d2a27717cc6ba6688942fcbfbf49164f01253291 (diff) | |
| download | live-boot-f47a93a78a4a7d45d3db17184d592895dd913a4d.tar.gz live-boot-f47a93a78a4a7d45d3db17184d592895dd913a4d.zip | |
Adapting a patch from Michael Prokop <mika@grml.org> to set all harddisk devices to read-only mode for forensics investigations.
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/live-premount/readonly | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/scripts/live-premount/readonly b/scripts/live-premount/readonly new file mode 100755 index 0000000..8bed733 --- /dev/null +++ b/scripts/live-premount/readonly @@ -0,0 +1,35 @@ +#!/bin/sh + +#set -e + +# initramfs-tools header + +PREREQ="udev" + +prereqs() +{ + echo "${PREREQ}" +} + +case "${1}" in + prereqs) + prereqs + exit 0 + ;; +esac + +# live-initramfs script + +# make sure all harddisk devices are read-only +# this is important for forensic investigations +if grep -qe forensic -qe readonly /proc/cmdline +then + for device in /dev/hd* /dev/sd* /dev/vd* + do + if [ -b "$device" ] + then + printf " * Setting device %-9s to read-only mode: " $device >/dev/console + blockdev --setro $device && printf "done [ execute \"blockdev --setrw %-9s\" to unlock]\n" $device >/dev/console || printf "failed\n" >/dev/console + fi + done +fi |