Updating read-only handling to new parameter handling.

scripts/boot.sh

@@ -446,9 +446,7 @@ mountroot ()
 
 	Arguments
 
-	# make sure all harddisk devices are read-only
-	# this is important for forensic investigations
-	case "${READ_ONLY}" in
+	case "${LIVE_READ_ONLY}" in
 		true)
 			Read_only
 			;;

scripts/boot/arguments.sh

@@ -7,16 +7,17 @@ Arguments ()
 	for ARGUMENT in $(cat /proc/cmdline)
 	do
 		case "${ARGUMENT}" in
+			live-boot.read-only|read-only)
+				LIVE_READ_ONLY="true"
+				export LIVE_READ_ONLY
+				;;
+
 			live-boot.verify-checksums|verify-checksums)
 				LIVE_VERIFY_CHECKSUMS="true"
 				export LIVE_VERIFY_CHECKSUMS
 				;;
 
 			# parameters below need review
-			read-only)
-				READ_ONLY="true"
-				;;
-
 			skipconfig)
 				NOFASTBOOT="true"
 				NOFSTAB="true"

scripts/boot/read-only.sh

@@ -4,14 +4,30 @@
 
 Read_only ()
 {
-	# Marking the usual block devices for harddisks read-only
-	for _DEVICE in /dev/sd* /dev/vd*
+	# Marking some block devices as read-only to ensure that nothing
+	# gets written as linux still writes to 'only' read-only mounted filesystems.
+	_DEVICES="/dev/sd* /dev/vd*"
+
+	for _DEVICE in ${_DEVICES}
 	do
-		if [ -b "${_DEVICE}" ]
+		if [ ! -b "${_DEVICE}" ]
 		then
-			printf "Setting device %-9s to read-only mode:" ${_DEVICE} > /dev/console
-
-			blockdev --setro ${_DEVICE} && printf " done [ execute \"blockdev --setrw %-9s\" to unlock]\n" ${_DEVICE} > /dev/console || printf "failed\n" > /dev/console
+			continue
 		fi
+
+		echo -n "Setting ${_DEVICE} read-only..." > /dev/console
+
+		blockdev --setro ${_DEVICE}
+		_RETURN="${?}"
+
+		case "${_RETURN}" in
+			0)
+				echo " done, use 'blockdev --setrw ${_DEVICE}' to set read-write." > /dev/console
+				;;
+
+			*)
+				echo " failed." > /dev/console
+				;;
+		esac
 	done
 }