forked from nicokaiser/rpi-audio-receiver
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathenable-read-only.sh
executable file
·43 lines (34 loc) · 1.31 KB
/
enable-read-only.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
#!/bin/bash -e
if [[ $(id -u) -ne 0 ]] ; then echo "Please run as root" ; exit 1 ; fi
echo
echo -n "Do you want to enable read-only mode? [y/N] "
read REPLY
if [[ ! "$REPLY" =~ ^(yes|y|Y)$ ]]; then exit 0; fi
# Disable swapfile
dphys-swapfile swapoff
dphys-swapfile uninstall
systemctl disable dphys-swapfile.service
# Remove unwanted packages
apt-get remove -y --purge triggerhappy logrotate dphys-swapfile fake-hwclock
apt-get autoremove -y --purge
apt-get install -y busybox-syslogd
dpkg --purge rsyslog
# Disable apt activities
systemctl disable apt-daily-upgrade.timer
systemctl disable apt-daily.timer
systemctl disable man-db.timer
# Move resolv.conf to /run
mv /etc/resolv.conf /run/resolvconf/resolv.conf
ln -s /run/resolvconf/resolv.conf /etc/resolv.conf
# Adjust kernel command line
sed -i.backup -e 's/rootwait$/rootwait fsck.mode=skip noswap ro/' /boot/cmdline.txt
# Edit the file system table
sed -i.backup -e 's/vfat\s*defaults\s/vfat defaults,ro/; s/ext4\s*defaults,noatime\s/ext4 defaults,noatime,ro/' /etc/fstab
# Make edits to fstab
cat <<'EOF' >> /etc/fstab
tmpfs /tmp tmpfs mode=1777,nosuid,nodev 0 0
tmpfs /var/tmp tmpfs mode=1777,nosuid,nodev 0 0
tmpfs /var/spool tmpfs mode=0755,nosuid,nodev 0 0
tmpfs /var/log tmpfs mode=0755,nosuid,nodev 0 0
tmpfs /var/lib/dhcpcd5 tmpfs mode=0755,nosuid,nodev 0 0
EOF