diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2010-12-21 12:01:48 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2010-12-21 12:01:48 +0000 |
commit | ac01c4ab99a130bcbcec089506ffe19374cea59d (patch) | |
tree | 9300895ff22e975df02ebdaec2e30ce518eafaa9 | |
parent | a4cc593132e169168d5b701da879998f91f3744c (diff) | |
download | aports-ac01c4ab99a130bcbcec089506ffe19374cea59d.tar.bz2 aports-ac01c4ab99a130bcbcec089506ffe19374cea59d.tar.xz |
main/mkinitfs: mount devices as readonly
-rw-r--r-- | main/mkinitfs/0001-init-mount-devices-as-read-only.patch | 53 | ||||
-rw-r--r-- | main/mkinitfs/APKBUILD | 9 |
2 files changed, 60 insertions, 2 deletions
diff --git a/main/mkinitfs/0001-init-mount-devices-as-read-only.patch b/main/mkinitfs/0001-init-mount-devices-as-read-only.patch new file mode 100644 index 0000000000..e0077dd7f5 --- /dev/null +++ b/main/mkinitfs/0001-init-mount-devices-as-read-only.patch @@ -0,0 +1,53 @@ +From 13cfce8f525fcb656044da419e03747892abd174 Mon Sep 17 00:00:00 2001 +From: Natanael Copa <ncopa@alpinelinux.org> +Date: Tue, 21 Dec 2010 10:08:39 +0000 +Subject: [PATCH] init: mount devices as read-only + +--- + initramfs-init.in | 9 +++++---- + 1 files changed, 5 insertions(+), 4 deletions(-) + +diff --git a/initramfs-init.in b/initramfs-init.in +index 2fb2626..9acf1c7 100755 +--- a/initramfs-init.in ++++ b/initramfs-init.in +@@ -138,7 +138,7 @@ find_ovl_dev() { + # wait for usb to settle if needed + wait_usb + for i in usb floppy cdrom; do +- mount /media/$i 2>/dev/null || continue ++ mount -o ro /media/$i 2>/dev/null || continue + ovl=$(find_ovl /media/$i) + [ -f "$ovl" ] && return + umount /media/$i 2>/dev/null +@@ -276,7 +276,7 @@ if [ -n "$KOPT_root" ]; then + ;; + esac + ebegin "Mounting root" +- retry_mount $KOPT_root $sysroot 2>/dev/null ++ retry_mount -o ro $KOPT_root $sysroot 2>/dev/null + eend $? + cat /proc/mounts | while read DEV DIR TYPE OPTS ; do + if [ "$DIR" != "/" -a "$DIR" != "$sysroot" -a -d "$DIR" ]; then +@@ -302,7 +302,7 @@ if [ -n "$ALPINE_DEV_FS" ]; then + mount_opts="-t $ALPINE_DEV_FS" + fi + +-retry_mount $mount_opts $ALPINE_DEV $ALPINE_MNT >/dev/null 2>&1 ++retry_mount -o ro $mount_opts $ALPINE_DEV $ALPINE_MNT >/dev/null 2>&1 + eend $? + + # generate apk repositories file +@@ -329,7 +329,8 @@ if [ -n "$OVL_DEV" ]; then + mount_opts="-t $OVL_DEV_FS" + fi + +- retry_mount $mount_opts /dev/$OVL_DEV /media/$OVL_DEV >/dev/null 2>&1 ++ retry_mount -o ro $mount_opts /dev/$OVL_DEV /media/$OVL_DEV \ ++ >/dev/null 2>&1 + ovl=$(find_ovl /media/$OVL_DEV) + else + find_ovl_dev +-- +1.7.3.4 + diff --git a/main/mkinitfs/APKBUILD b/main/mkinitfs/APKBUILD index 2c5d0e42c1..a18c4e8496 100644 --- a/main/mkinitfs/APKBUILD +++ b/main/mkinitfs/APKBUILD @@ -1,13 +1,14 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=mkinitfs pkgver=2.1.3 -pkgrel=0 +pkgrel=1 pkgdesc="Tool to generate initramfs images for Alpine" url=http://git.alpinelinux.org/cgit/mkinitfs depends="busybox apk-tools>=2.0" triggers="$pkgname.trigger:/usr/share/kernel/*" source="http://git.alpinelinux.org/cgit/$pkgname/snapshot/$pkgname-$pkgver.tar.bz2 eglibc.patch + 0001-init-mount-devices-as-read-only.patch " arch="x86 x86_64" license="GPL-2" @@ -15,6 +16,9 @@ license="GPL-2" prepare() { cd "$srcdir"/$pkgname-$pkgver + patch -p1 -i "$srcdir"/0001-init-mount-devices-as-read-only.patch \ + || return 1 + # If we are using eglibc/glibc we need to include eglibc libs # instead of uclibc libs. case "$CHOST" in @@ -34,4 +38,5 @@ package() { make install DESTDIR="$pkgdir" || return 1 } md5sums="36bea9db1d83d2fd9860130b1cdec0d0 mkinitfs-2.1.3.tar.bz2 -e59c2f7de496fe430b07e32fd812ebe0 eglibc.patch" +e59c2f7de496fe430b07e32fd812ebe0 eglibc.patch +96cfe927afb70e1af94a9c6fe8f5acca 0001-init-mount-devices-as-read-only.patch" |