From: Lennart Poettering Date: Fri, 29 Sep 2017 12:19:22 +0000 (+0200) Subject: dissect: automatically mark partitions read-only that have a read-only file system X-Git-Tag: v235~37^2~2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=896f937f58f42284dbebcd0a7f5ddc87fd5517b7;p=thirdparty%2Fsystemd.git dissect: automatically mark partitions read-only that have a read-only file system Specifically, squashfs and iso9660 are always read-only, hence make sure we never even think about mounting them writable. --- diff --git a/src/basic/mount-util.c b/src/basic/mount-util.c index cff44116c88..843d266a2f5 100644 --- a/src/basic/mount-util.c +++ b/src/basic/mount-util.c @@ -578,6 +578,19 @@ bool fstype_is_api_vfs(const char *fstype) { return nulstr_contains(table, fstype); } +bool fstype_is_ro(const char *fstype) { + + /* All Linux file systems that are necessarily read-only */ + + static const char table[] = + "DM_verity_hash\0" + "iso9660\0" + "squashfs\0" + ; + + return nulstr_contains(table, fstype); +} + int repeat_unmount(const char *path, int flags) { bool done = false; diff --git a/src/basic/mount-util.h b/src/basic/mount-util.h index 70af11c2ff0..3ec0e7d1f83 100644 --- a/src/basic/mount-util.h +++ b/src/basic/mount-util.h @@ -45,6 +45,7 @@ DEFINE_TRIVIAL_CLEANUP_FUNC(FILE*, endmntent); bool fstype_is_network(const char *fstype); bool fstype_is_api_vfs(const char *fstype); +bool fstype_is_ro(const char *fsype); union file_handle_union { struct file_handle handle; diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index f11b5225582..b02b2897d3e 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -591,6 +591,9 @@ int dissect_image(int fd, const void *root_hash, size_t root_hash_size, DissectI if (streq_ptr(p->fstype, "crypto_LUKS")) m->encrypted = true; + + if (p->fstype && fstype_is_ro(p->fstype)) + p->rw = false; } *ret = m;