carsten/teslausb
1
0
Fork 0
mirror of https://github.com/cimryan/teslausb.git synced 2026-03-01 04:30:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make the root fs readonly during setup.

Browse Source
This commit is contained in:
cimryan
2018-10-15 22:32:36 -07:00
parent 657efc9f17
commit a70b752a16
2 changed files with 75 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
windows_archive/make-root-fs-readonly.sh Normal file
View File

@@ -0,0 +1,49 @@
#!/bin/bash
# Adapted from https://github.com/adafruit/Raspberry-Pi-Installer-Scripts/blob/master/read-only-fs.sh
function append_cmdline_txt_param() {
local toAppend="$1"
sed -i "s/\'/ ${toAppend}/g" /boot/cmdline.txt >/dev/null
}
echo "Updating package index files..."
apt-get update
echo "Removing unwanted packages..."
apt-get remove -y --force-yes --purge triggerhappy logrotate dphys-swapfile fake-hwclock
apt-get -y --force-yes autoremove --purge
# Replace log management with busybox (use logread if needed)
echo "Installing ntp and busybox-syslogd..."
apt-get -y --force-yes install ntp busybox-syslogd; dpkg --purge rsyslog
echo "Configuring system..."
# Add fastboot, noswap and/or ro to end of /boot/cmdline.txt
append_cmdline_txt_param fastboot
append_cmdline_txt_param noswap
append_cmdline_txt_param ro
# Move /var/spool to /tmp
rm -rf /var/spool
ln -s /tmp /var/spool
# Change spool permissions in var.conf (rondie/Margaret fix)
sed -i "s/spool\s*0755/spool 1777/g" /usr/lib/tmpfiles.d/var.conf >/dev/null
# Move dhcpd.resolv.conf to tmpfs
touch /tmp/dhcpcd.resolv.conf
rm /etc/resolv.conf
ln -s /tmp/dhcpcd.resolv.conf /etc/resolv.conf
# Update /etc/fstab
# make /boot read-only
# make / read-only
# tmpfs /var/log tmpfs nodev,nosuid 0 0
# tmpfs /var/tmp tmpfs nodev,nosuid 0 0
# tmpfs /tmp tmpfs nodev,nosuid 0 0
sed -i -r "s@(/boot\s+vfat\s+\S+)@\1,ro@" /etc/fstab
sed -i -r "s@(/\s+ext4\s+\S+)@\1,ro@" /etc/fstab
echo "" >> /etc/fstab
echo "tmpfs /var/log tmpfs nodev,nosuid 0 0" >> /etc/fstab
echo "tmpfs /var/tmp tmpfs nodev,nosuid 0 0" >> /etc/fstab
echo "tmpfs /tmp tmpfs nodev,nosuid 0 0" >> /etc/fstab

36
windows_archive/setup-teslausb
View File

@@ -45,6 +45,17 @@ function check_available_space () {
echo "There is sufficient space available." echo "There is sufficient space available."
} }
function get_ancillary_setup_scripts () {
pushd /tmp
wget https://raw.githubusercontent.com/cimryan/teslausb/"$BRANCH"/windows_archive/create-backingfiles-partition.sh
chmod +x ./create-backingfiles-partition.sh
wget https://raw.githubusercontent.com/cimryan/teslausb/"$BRANCH"/windows_archive/create-backingfiles.sh
chmod +x ./create-backingfiles.sh
wget https://raw.githubusercontent.com/cimryan/teslausb/"$BRANCH"/windows_archive/make-root-fs-readonly.sh
chmod +x ./make-root-fs-readonly.sh
popd
}
function fix_cmdline_txt_modules_load () function fix_cmdline_txt_modules_load ()
{ {
echo "Fixing the modules-load parameter in /boot/cmdline.txt..." echo "Fixing the modules-load parameter in /boot/cmdline.txt..."
@@ -58,17 +69,13 @@ BACKINGFILES_MOUNTPOINT=/backingfiles
function create_usb_drive_backing_files () { function create_usb_drive_backing_files () {
mkdir "$BACKINGFILES_MOUNTPOINT" mkdir "$BACKINGFILES_MOUNTPOINT"
wget https://raw.githubusercontent.com/cimryan/teslausb/"$BRANCH"/windows_archive/create-backingfiles-partition.sh /tmp/create-backingfiles-partition.sh "$BACKINGFILES_MOUNTPOINT"
chmod +x ./create-backingfiles-partition.sh
./create-backingfiles-partition.sh "$BACKINGFILES_MOUNTPOINT"
echo "Mounting the partition for the backing files..." echo "Mounting the partition for the backing files..."
mount /backingfiles mount /backingfiles
echo "Mounted the partition for the backing files." echo "Mounted the partition for the backing files."
wget https://raw.githubusercontent.com/cimryan/teslausb/"$BRANCH"/windows_archive/create-backingfiles.sh /tmp/create-backingfiles.sh "$campercent" "$BACKINGFILES_MOUNTPOINT"
chmod +x ./create-backingfiles.sh
./create-backingfiles.sh "$campercent" "$BACKINGFILES_MOUNTPOINT"
} }
function configure_archive () { function configure_archive () {
@@ -85,11 +92,13 @@ function configure_archive () {
function configure_archive_scripts () { function configure_archive_scripts () {
echo "Configuring the archive scripts..." echo "Configuring the archive scripts..."
mkdir /root/bin mkdir /root/bin
pushd ~
wget https://raw.githubusercontent.com/cimryan/teslausb/"$BRANCH"/windows_archive/archiveloop wget https://raw.githubusercontent.com/cimryan/teslausb/"$BRANCH"/windows_archive/archiveloop
sed s/ARCHIVE_HOST_NAME=archiveserver/ARCHIVE_HOST_NAME=$archiveserver/ ~/archiveloop > /root/bin/archiveloop sed s/ARCHIVE_HOST_NAME=archiveserver/ARCHIVE_HOST_NAME=$archiveserver/ ~/archiveloop > /root/bin/archiveloop
rm ~/archiveloop rm ~/archiveloop
chmod +x /root/bin/archiveloop chmod +x /root/bin/archiveloop
popd
pushd /root/bin pushd /root/bin
wget https://raw.githubusercontent.com/cimryan/teslausb/"$BRANCH"/windows_archive/archive-teslacam-clips wget https://raw.githubusercontent.com/cimryan/teslausb/"$BRANCH"/windows_archive/archive-teslacam-clips
@@ -133,6 +142,10 @@ function configure_hostname () {
echo "Configured the hostname." echo "Configured the hostname."
} }
function make_root_fs_readonly () {
/tmp/make-root-fs-readonly.sh
}
echo "Verifying environment variables..." echo "Verifying environment variables..."
check_variable "archiveserver" check_variable "archiveserver"
@@ -145,9 +158,12 @@ check_archive_server_reachable
check_available_space check_available_space
get_ancillary_setup_scripts
pushd ~ pushd ~
configure_archive_scripts
fix_cmdline_txt_modules_load fix_cmdline_txt_modules_load
echo "" >> /etc/fstab echo "" >> /etc/fstab
@@ -156,8 +172,8 @@ create_usb_drive_backing_files
configure_archive configure_archive
configure_archive_scripts
configure_rc_local configure_rc_local
configure_hostname configure_hostname
make_root_fs_readonly