fix(vm_image_util): Keep most partitions mounted read-only.

This ensures that the only partition being modified is OEM.
2026-05-05 04:06:33 +02:00 · 2014-03-27 21:52:40 -07:00 · 2014-03-27 21:52:40 -07:00 · a78c5fb665
commit a78c5fb665
parent 7b6e547751
1 changed files with 13 additions and 0 deletions
--- a/build_library/vm_image_util.sh
+++ b/build_library/vm_image_util.sh
@ -227,6 +227,19 @@ setup_disk_image() {
    if [[ $(_get_vm_opt BOOT_KERNEL) -eq 0 ]]; then
        sudo mv "${SYSLINUX_DIR}/default.cfg.A" "${SYSLINUX_DIR}/default.cfg"
    fi
+
+    # The only filesystem after this point that may be modified is OEM
+    # Note: it would be more logical for disk_util to mount things read-only
+    # to begin with but I'm having trouble making that work reliably.
+    # When mounting w/ ro the automatically allocated loop device will
+    # also be configured as read-only. blockdev --setrw will change that
+    # but io will start throwing errors so that clearly isn't sufficient.
+    local mnt
+    for mnt in $(findmnt -nrR -o target -T "${VM_TMP_ROOT}"); do
+        if [[ "${mnt}" != */usr/share/oem ]]; then
+            sudo mount -o remount,ro "${mnt}"
+        fi
+    done
 }

 # If the current type defines a oem package install it to the given fs image.