-
-
Save ohsevin/a531a4f6b9f8ccb6b8f39c173b77f8f4 to your computer and use it in GitHub Desktop.
A script that asks to make the root filesystem read-writable for subsequent changes and additions by the user.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh -e | |
| ##!! PLEASE USE THIS SCRIPT WITH CAUTION - AND AT YOUR OWN RISK !!## | |
| ##!! IT HAS BEEN KNOWN TO CAUSE RESETS AND WIPE DATA ON SOME CHROMEBOXES !!## | |
| APPLICATION="${0##*/}" | |
| ANSWER='' | |
| CURRENTROOT='' | |
| CURRENTKERNEL='' | |
| ROOTDEV='' | |
| ROOTDEVPFX='' | |
| ## Exits the script with exit code $1, spitting out message $@ to stderr | |
| error() { | |
| local ecode="$1" | |
| shift | |
| echo "$*" 1>&2 | |
| exit "$ecode" | |
| } | |
| ## Report dev_boot_legacy and dev_boot_usb flags | |
| ## Check and set dev_boot_signed_only flag if needed. | |
| checkflags() { | |
| echo -n "## " | |
| sudo crossystem dev_boot_usb dev_boot_legacy dev_boot_signed_only | |
| echo " ##" | |
| boot="$(sudo crossystem dev_boot_usb dev_boot_legacy dev_boot_signed_only)" | |
| # db_usb and db_legacy can be off, db_signed_only should be off. | |
| echo "$boot" | { | |
| read -r usb legacy signed | |
| suggest='' | |
| if [ "$usb" = 1 ]; then | |
| echo "NOTE: USB booting <Ctrl+U> is enabled." 1>&2 | |
| else | |
| echo "WARNING: USB booting is disabled." 1>&2 | |
| suggest="$suggest dev_boot_usb=1" | |
| fi | |
| if [ "$legacy" = 1 ]; then | |
| echo "NOTE: Legacy booting <Ctrl+L> is enabled." 1>&2 | |
| else | |
| echo "WARNING: Legacy booting is disabled." 1>&2 | |
| suggest="$suggest dev_boot_legacy=1" | |
| fi | |
| if [ -n "$suggest" ]; then | |
| echo "To enable, you can use the following command: sudo crossystem$suggest" 1>&2 | |
| sleep 3 | |
| fi | |
| if [ "$signed" = 1 ]; then | |
| # Only disable signed booting if the user hasn't to ensure booting unverified kernels | |
| echo "WARNING: Signed boot verification is enabled; disabling it to ensure booting unverified kernel." 1>&2 | |
| echo "You can enable it again using: sudo crossystem dev_boot_signed_only=1" 1>&2 | |
| sudo crossystem dev_boot_signed_only=0 || true | |
| sleep 3 | |
| else | |
| echo "NOTE: Signed boot verification is disabled, you're good to go..." 1>&2 | |
| fi | |
| sleep 2 | |
| } | |
| } | |
| #Following routine borrowed from @drinkcat ;) | |
| ROOTDEV="$(rootdev -d -s)" | |
| if [ -z "$ROOTDEV" ]; then | |
| error 1 "Cannot find root device." | |
| fi | |
| if [ ! -b "$ROOTDEV" ]; then | |
| error 1 "$ROOTDEV is not a block device." | |
| fi | |
| # If $ROOTDEV ends with a number (e.g. mmcblk0), partitions are named | |
| # ${ROOTDEV}pX (e.g. mmcblk0p1). If not (e.g. sda), they are named | |
| # ${ROOTDEV}X (e.g. sda1). | |
| ROOTDEVPFX="$ROOTDEV" | |
| if [ "${ROOTDEV%[0-9]}" != "$ROOTDEV" ]; then | |
| ROOTDEVPFX="${ROOTDEV}p" | |
| fi | |
| CURRENTROOT="$(rootdev -s)" | |
| if [ $CURRENTROOT = ${ROOTDEVPFX}3 ]; then CURRENTKERNEL=2; else CURRENTKERNEL=4; fi | |
| USAGE=" | |
| $APPLICATION [no options] | |
| ### A script that asks the user to make the root filesystem (${CURRENTROOT}) | |
| ##+ read-writable for subsequent changes and additions by the user. | |
| " | |
| if [ $# -gt 0 ]; then error 0 "$USAGE"; fi | |
| if sudo mount -i -o remount,rw / 2>/dev/null; then | |
| echo "Your rootfs (${CURRENTROOT}) is already mounted read-write ..." | |
| echo "*** $(mount | grep ' / ') ***"; exit 0 | |
| fi | |
| echo -n "Perform REMOVAL of rootfs verification on partition '${CURRENTKERNEL}' (Y/n/q) ? " 1>&2 | |
| read ANSWER; if [ -z "$ANSWER" ]; then ANSWER='y'; fi | |
| case $ANSWER in | |
| [yY]*) checkflags | |
| echo | |
| echo "sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification --partitions $CURRENTKERNEL" 1>&2 | |
| sudo /usr/share/vboot/bin/make_dev_ssd.sh --remove_rootfs_verification --partitions $CURRENTKERNEL || ret=$? | |
| if [ $ret -gt 0 ]; then | |
| echo "Removal of rootfs verification failed, now we'll try using the '--force' option..." | |
| echo "sudo /usr/share/vboot/bin/make_dev_ssd.sh --force --remove_rootfs_verification --partitions $CURRENTKERNEL" | |
| sudo /usr/share/vboot/bin/make_dev_ssd.sh --force --remove_rootfs_verification --partitions $CURRENTKERNEL || ret=$? | |
| if [ "$ret" -gt 0 ]; then | |
| error 2 "Sorry but REMOVAL of rootfs verification failed on partition ${CURRENTROOT}/${CURRENTKERNEL}." | |
| fi | |
| fi | |
| echo "*** Rebooting in 10 seconds to make changes effective ***" 1>&2 | |
| echo -n "... Press Ctrl-C to ABORT ... " 1>&2 | |
| sleep 10 && sudo reboot && exit $ret | |
| ;; | |
| [nN]*) error 0 "Skipping REMOVAL of rootfs verification on partition '$CURRENTKERNEL' for now..." | |
| ;; | |
| [qQ]*) error 0 "Quitting - no changes made..." | |
| ;; | |
| *) error 1 "Not a valid choice, exiting..." | |
| ;; | |
| esac |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment