/lib/live/boot/0020-read-only is in live-boot 1:20170623.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 | #!/bin/sh
#set -e
Read_only ()
{
for _PARAMETER in ${LIVE_BOOT_CMDLINE}
do
case "${_PARAMETER}" in
live-boot.read-only=*|read-only=*)
LIVE_READ_ONLY="true"
LIVE_READ_ONLY_DEVICES="${_PARAMETER#*read-only=}"
;;
live-boot.read-only|read-only)
LIVE_READ_ONLY="true"
;;
esac
done
case "${LIVE_READ_ONLY}" in
true)
;;
*)
return 0
;;
esac
# Marking some block devices as read-only to ensure that nothing
# gets written as linux still writes to 'only' read-only mounted filesystems.
LIVE_READ_ONLY_DEVICES="${LIVE_READ_ONLY_DEVICES:-/dev/sd* /dev/vd*}"
for _DEVICE in $(echo ${LIVE_READ_ONLY_DEVICES} | sed -e 's|,| |g')
do
if [ ! -b "${_DEVICE}" ]
then
continue
fi
echo -n "live-boot: Setting ${_DEVICE} read-only..." > /dev/console
blockdev --setro ${_DEVICE}
_RETURN="${?}"
case "${_RETURN}" in
0)
echo " done, use 'blockdev --setrw ${_DEVICE}' to set read-write." > /dev/console
;;
*)
echo " failed." > /dev/console
;;
esac
done
if grep -qw persistence /proc/cmdline
then
printf " * Persistence mode enabled, searching for persistency related devices to unlock\n" >/dev/console
for label in custom-ov home-rw home-sn live-rw live-sn persistence
do
if blkid -t LABEL="$label" | grep -q '.'
then
device=$(blkid -t LABEL="$label" | awk -F: '{print $1}')
printf " - Setting device %-9s with label '%s' to write mode for persistence mode: " "$device" "$label" >/dev/console
blockdev --setrw $device && printf "done\n" >/dev/console || printf "failed\n" >/dev/console
fi
done
fi
}
|