From f47a93a78a4a7d45d3db17184d592895dd913a4d Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel@debian.org>
Date: Mon, 26 Oct 2009 12:51:22 +0100
Subject: Adapting a patch from Michael Prokop <mika@grml.org> to set all
 harddisk devices to read-only mode for forensics investigations.

---
 scripts/live-premount/readonly | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100755 scripts/live-premount/readonly

(limited to 'scripts')

diff --git a/scripts/live-premount/readonly b/scripts/live-premount/readonly
new file mode 100755
index 0000000..8bed733
--- /dev/null
+++ b/scripts/live-premount/readonly
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+#set -e
+
+# initramfs-tools header
+
+PREREQ="udev"
+
+prereqs()
+{
+	echo "${PREREQ}"
+}
+
+case "${1}" in
+	prereqs)
+		prereqs
+		exit 0
+		;;
+esac
+
+# live-initramfs script
+
+# make sure all harddisk devices are read-only
+# this is important for forensic investigations
+if grep -qe forensic -qe readonly /proc/cmdline
+then
+	for device in /dev/hd* /dev/sd* /dev/vd*
+	do
+		if [ -b "$device" ]
+		then
+			printf " * Setting device %-9s to read-only mode: " $device >/dev/console
+			blockdev --setro $device && printf "done [ execute \"blockdev --setrw %-9s\" to unlock]\n" $device >/dev/console || printf "failed\n" >/dev/console
+		fi
+	done
+fi
-- 
cgit v1.2.3