From 7f4005c4e8d560d400eeead9941c45a38d100eaa Mon Sep 17 00:00:00 2001 From: Dennis ten Hoove Date: Sun, 26 May 2024 01:35:44 +0200 Subject: [PATCH] Add arkane-readonly --- .../post_install/usr/bin/arkane-readonly | 57 +++++++++++++++++++ .../overlay/post_bootstrap/usr/local/bin/vi | 1 + .../overlay/post_bootstrap/usr/local/bin/vim | 1 + .../post_install/usr/bin/arkane-readonly | 57 +++++++++++++++++++ .../post_install/usr/bin/arkane-readonly | 57 +++++++++++++++++++ 5 files changed, 173 insertions(+) create mode 100755 arkdep-build.d/arkanelinux/overlay/post_install/usr/bin/arkane-readonly create mode 120000 arkdep-build.d/test-arkanelinux-kde/overlay/post_bootstrap/usr/local/bin/vi create mode 120000 arkdep-build.d/test-arkanelinux-kde/overlay/post_bootstrap/usr/local/bin/vim create mode 100755 arkdep-build.d/test-arkanelinux-kde/overlay/post_install/usr/bin/arkane-readonly create mode 100755 arkdep-build.d/test-arkanelinux-pantheon/overlay/post_install/usr/bin/arkane-readonly diff --git a/arkdep-build.d/arkanelinux/overlay/post_install/usr/bin/arkane-readonly b/arkdep-build.d/arkanelinux/overlay/post_install/usr/bin/arkane-readonly new file mode 100755 index 0000000..387b180 --- /dev/null +++ b/arkdep-build.d/arkanelinux/overlay/post_install/usr/bin/arkane-readonly @@ -0,0 +1,57 @@ +#!/usr/bin/env bash + +if [[ ! $1 ]]; then + cat <<-END + Usage: ${0##*/} enable|disable|status + + Enable or disable read-only on currently booted Btrfs subvolume. + END + exit 0 +fi + +if [[ $EUID -ne 0 ]]; then + printf 'You have to be root to perform this action.\n' + exit 1 +fi + +if [[ $2 ]]; then + printf 'This script only takes a single argument.\n' + exit 1 +fi + +if [[ $1 == 'enable' ]]; then + + if btrfs property get / 2> /dev/null | grep -q 'ro=true'; then + printf 'The root filesystem is already locked.\n' + exit 0 + fi + + printf 'Locking the root filesystem...\n' + btrfs property set / ro true + +elif [[ $1 == 'disable' ]]; then + + if btrfs property get / 2> /dev/null | grep -q 'ro=false'; then + printf 'The root filesystem is already unlocked.\n' + exit 0 + fi + + printf 'Unlocking the root filesystem...\n' + btrfs property set / ro false && + printf 'The root filesystem has now been unlocked, note that any changes made to it will not be carried over to future OS image updates.\n' + +elif [[ $1 == 'status' ]]; then + + if btrfs property get / 2> /dev/null | grep -q 'ro=true'; then + printf 'enabled\n' + elif btrfs property get / 2> /dev/null | grep -q 'ro=false'; then + printf 'disabled\n' + else + printf 'unknown\n' + exit 1 + fi + +else + printf 'No valid argument provided.\n' + exit 1 +fi diff --git a/arkdep-build.d/test-arkanelinux-kde/overlay/post_bootstrap/usr/local/bin/vi b/arkdep-build.d/test-arkanelinux-kde/overlay/post_bootstrap/usr/local/bin/vi new file mode 120000 index 0000000..161f676 --- /dev/null +++ b/arkdep-build.d/test-arkanelinux-kde/overlay/post_bootstrap/usr/local/bin/vi @@ -0,0 +1 @@ +/usr/bin/nvim \ No newline at end of file diff --git a/arkdep-build.d/test-arkanelinux-kde/overlay/post_bootstrap/usr/local/bin/vim b/arkdep-build.d/test-arkanelinux-kde/overlay/post_bootstrap/usr/local/bin/vim new file mode 120000 index 0000000..161f676 --- /dev/null +++ b/arkdep-build.d/test-arkanelinux-kde/overlay/post_bootstrap/usr/local/bin/vim @@ -0,0 +1 @@ +/usr/bin/nvim \ No newline at end of file diff --git a/arkdep-build.d/test-arkanelinux-kde/overlay/post_install/usr/bin/arkane-readonly b/arkdep-build.d/test-arkanelinux-kde/overlay/post_install/usr/bin/arkane-readonly new file mode 100755 index 0000000..387b180 --- /dev/null +++ b/arkdep-build.d/test-arkanelinux-kde/overlay/post_install/usr/bin/arkane-readonly @@ -0,0 +1,57 @@ +#!/usr/bin/env bash + +if [[ ! $1 ]]; then + cat <<-END + Usage: ${0##*/} enable|disable|status + + Enable or disable read-only on currently booted Btrfs subvolume. + END + exit 0 +fi + +if [[ $EUID -ne 0 ]]; then + printf 'You have to be root to perform this action.\n' + exit 1 +fi + +if [[ $2 ]]; then + printf 'This script only takes a single argument.\n' + exit 1 +fi + +if [[ $1 == 'enable' ]]; then + + if btrfs property get / 2> /dev/null | grep -q 'ro=true'; then + printf 'The root filesystem is already locked.\n' + exit 0 + fi + + printf 'Locking the root filesystem...\n' + btrfs property set / ro true + +elif [[ $1 == 'disable' ]]; then + + if btrfs property get / 2> /dev/null | grep -q 'ro=false'; then + printf 'The root filesystem is already unlocked.\n' + exit 0 + fi + + printf 'Unlocking the root filesystem...\n' + btrfs property set / ro false && + printf 'The root filesystem has now been unlocked, note that any changes made to it will not be carried over to future OS image updates.\n' + +elif [[ $1 == 'status' ]]; then + + if btrfs property get / 2> /dev/null | grep -q 'ro=true'; then + printf 'enabled\n' + elif btrfs property get / 2> /dev/null | grep -q 'ro=false'; then + printf 'disabled\n' + else + printf 'unknown\n' + exit 1 + fi + +else + printf 'No valid argument provided.\n' + exit 1 +fi diff --git a/arkdep-build.d/test-arkanelinux-pantheon/overlay/post_install/usr/bin/arkane-readonly b/arkdep-build.d/test-arkanelinux-pantheon/overlay/post_install/usr/bin/arkane-readonly new file mode 100755 index 0000000..387b180 --- /dev/null +++ b/arkdep-build.d/test-arkanelinux-pantheon/overlay/post_install/usr/bin/arkane-readonly @@ -0,0 +1,57 @@ +#!/usr/bin/env bash + +if [[ ! $1 ]]; then + cat <<-END + Usage: ${0##*/} enable|disable|status + + Enable or disable read-only on currently booted Btrfs subvolume. + END + exit 0 +fi + +if [[ $EUID -ne 0 ]]; then + printf 'You have to be root to perform this action.\n' + exit 1 +fi + +if [[ $2 ]]; then + printf 'This script only takes a single argument.\n' + exit 1 +fi + +if [[ $1 == 'enable' ]]; then + + if btrfs property get / 2> /dev/null | grep -q 'ro=true'; then + printf 'The root filesystem is already locked.\n' + exit 0 + fi + + printf 'Locking the root filesystem...\n' + btrfs property set / ro true + +elif [[ $1 == 'disable' ]]; then + + if btrfs property get / 2> /dev/null | grep -q 'ro=false'; then + printf 'The root filesystem is already unlocked.\n' + exit 0 + fi + + printf 'Unlocking the root filesystem...\n' + btrfs property set / ro false && + printf 'The root filesystem has now been unlocked, note that any changes made to it will not be carried over to future OS image updates.\n' + +elif [[ $1 == 'status' ]]; then + + if btrfs property get / 2> /dev/null | grep -q 'ro=true'; then + printf 'enabled\n' + elif btrfs property get / 2> /dev/null | grep -q 'ro=false'; then + printf 'disabled\n' + else + printf 'unknown\n' + exit 1 + fi + +else + printf 'No valid argument provided.\n' + exit 1 +fi