This file is indexed.

/lib/live/boot/0020-read-only is in live-boot 1:20170623.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/bin/sh

#set -e

Read_only ()
{
	for _PARAMETER in ${LIVE_BOOT_CMDLINE}
	do
		case "${_PARAMETER}" in
			live-boot.read-only=*|read-only=*)
				LIVE_READ_ONLY="true"
				LIVE_READ_ONLY_DEVICES="${_PARAMETER#*read-only=}"
				;;

			live-boot.read-only|read-only)
				LIVE_READ_ONLY="true"
				;;
		esac
	done

	case "${LIVE_READ_ONLY}" in
		true)
			;;

		*)
			return 0
			;;
	esac

	# Marking some block devices as read-only to ensure that nothing
	# gets written as linux still writes to 'only' read-only mounted filesystems.
	LIVE_READ_ONLY_DEVICES="${LIVE_READ_ONLY_DEVICES:-/dev/sd* /dev/vd*}"

	for _DEVICE in $(echo ${LIVE_READ_ONLY_DEVICES} | sed -e 's|,| |g')
	do
		if [ ! -b "${_DEVICE}" ]
		then
			continue
		fi

		echo -n "live-boot: Setting ${_DEVICE} read-only..." > /dev/console

		blockdev --setro ${_DEVICE}
		_RETURN="${?}"

		case "${_RETURN}" in
			0)
				echo " done, use 'blockdev --setrw ${_DEVICE}' to set read-write." > /dev/console
				;;

			*)
				echo " failed." > /dev/console
				;;
		esac
	done

	if grep -qw persistence /proc/cmdline
		then
		printf " * Persistence mode enabled, searching for persistency related devices to unlock\n" >/dev/console

		for label in custom-ov home-rw home-sn live-rw live-sn persistence
		do
			if blkid -t LABEL="$label" | grep -q '.'
			then
				device=$(blkid -t LABEL="$label" | awk -F: '{print $1}')
				printf "   - Setting device %-9s with label '%s' to write mode for persistence mode: " "$device" "$label" >/dev/console
				blockdev --setrw $device && printf "done\n" >/dev/console || printf "failed\n" >/dev/console
			fi
		done
	fi

}