From 1b5a3eb3afcdbc3422cfdef95fc8bd9a9decc0e8 Mon Sep 17 00:00:00 2001
From: Henning Heinold <henning@itconsulting-heinold.de>
Date: Tue, 26 Aug 2014 16:28:02 +0200
Subject: [PATCH 1/3] initramfs: mount external partitions readonly

Fixes: SYS#521
---
 recipes-core/images/core-image-minimal-initramfs.bbappend | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 recipes-core/images/core-image-minimal-initramfs.bbappend

diff --git a/recipes-core/images/core-image-minimal-initramfs.bbappend b/recipes-core/images/core-image-minimal-initramfs.bbappend
new file mode 100644
index 0000000..26fd5b0
--- /dev/null
+++ b/recipes-core/images/core-image-minimal-initramfs.bbappend
@@ -0,0 +1,7 @@
+# we sed the udev automounter so it mounts all partions on the stick/sdcard readonly
+
+change_udev_automounter_ro() {
+        sed -i -e 's/\-t auto/\-t auto \-o ro/' ${IMAGE_ROOTFS}/etc/udev/scripts/mount.sh
+}
+
+ROOTFS_POSTPROCESS_COMMAND += "change_udev_automounter_ro ; "

From 0cef8c4fc38bf7537d6a79f0921abbba1e9a1a61 Mon Sep 17 00:00:00 2001
From: Henning Heinold <henning@itconsulting-heinold.de>
Date: Tue, 26 Aug 2014 16:34:55 +0200
Subject: [PATCH 2/3] initramfs: install and run e2fsck -f before resize2fs

Fixes: SYS#522
---
 recipes-core/initrdscripts/files/init-install.sh               | 2 +-
 recipes-core/initrdscripts/initramfs-live-install_sysmocom.inc | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/recipes-core/initrdscripts/files/init-install.sh b/recipes-core/initrdscripts/files/init-install.sh
index 1827548..d33bf37 100644
--- a/recipes-core/initrdscripts/files/init-install.sh
+++ b/recipes-core/initrdscripts/files/init-install.sh
@@ -172,11 +172,11 @@ umount /boot
 umount /tgt_root
 
 echo "Resizing partition"
+e2fsck -f $rootfs || true
 resize2fs $rootfs
 
 sync
 
-
 echo "Remove your installation media, and press ENTER"
 
 read enter
diff --git a/recipes-core/initrdscripts/initramfs-live-install_sysmocom.inc b/recipes-core/initrdscripts/initramfs-live-install_sysmocom.inc
index 0fca764..9ce47b1 100644
--- a/recipes-core/initrdscripts/initramfs-live-install_sysmocom.inc
+++ b/recipes-core/initrdscripts/initramfs-live-install_sysmocom.inc
@@ -1,2 +1,4 @@
 SYSMOCOM := "${@os.path.dirname(bb.data.getVar('FILE', d, True))}"
 FILESEXTRAPATHS_prepend := "${SYSMOCOM}/files:"
+
+RDEPENDS_${PN} += "e2fsprogs-e2fsck"

From 7b51764cfaa0ceeea2438cc13d9de2c8fdaf5baa Mon Sep 17 00:00:00 2001
From: Henning Heinold <henning@itconsulting-heinold.de>
Date: Tue, 26 Aug 2014 17:27:04 +0200
Subject: [PATCH 3/3] initramfs: grub.cfg with rootfs set to readonly

Fixes: SYS#528
---
 recipes-core/initrdscripts/files/init-install.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/recipes-core/initrdscripts/files/init-install.sh b/recipes-core/initrdscripts/files/init-install.sh
index d33bf37..0a02368 100644
--- a/recipes-core/initrdscripts/files/init-install.sh
+++ b/recipes-core/initrdscripts/files/init-install.sh
@@ -159,6 +159,7 @@ if [ -f /etc/grub.d/40_custom ] ; then
     sed -i "s/__VGA_MODE__/$4/g" $GRUBCFG
     sed -i "s/__CONSOLE__/$5/g" $GRUBCFG
     sed -i "s/quiet/net.ifnames=0 quiet/g" $GRUBCFG
+    sed -i "s/rw/ro/g" $GRUBCFG
     sed -i "/#/d" $GRUBCFG
     sed -i "/exec tail/d" $GRUBCFG
     chmod 0444 $GRUBCFG