scripts/live-premount/readonly


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

#!/bin/sh

#set -e

# initramfs-tools header

PREREQ="udev"

prereqs()
{
	echo "${PREREQ}"
}

case "${1}" in
	prereqs)
		prereqs
		exit 0
		;;
esac

# live-boot script

# make sure all harddisk devices are read-only
# this is important for forensic investigations
if grep -qe forensic -qe readonly /proc/cmdline
then
	for device in /dev/hd* /dev/sd* /dev/vd*
	do
		if [ -b "$device" ]
		then
			printf " * Setting device %-9s to read-only mode: " $device >/dev/console
			blockdev --setro $device && printf "done [ execute \"blockdev --setrw %-9s\" to unlock]\n" $device >/dev/console || printf "failed\n" >/dev/console
		fi
	done
fi