zephemeral boot added

Author: StuartIanNaylor

install.sh

@@ -18,6 +18,7 @@ install -m 644 ztab /etc/ztab
 mkdir -p /usr/local/share/zram-config
 mkdir -p /usr/local/share/zram-config/log
 install -m 644 uninstall.sh /usr/local/share/zram-config/uninstall.sh
+install -m 644 ro-root.sh /usr/local/share/zram-config/ro-root.sh
 install -m 644 zram-config.logrotate /etc/logrotate.d/zram-config
 mkdir -p /usr/local/lib/zram-config/
 install -m 755 overlayfs-tools/overlay /usr/local/lib/zram-config/overlay

ro-root.sh

@@ -0,0 +1,135 @@
+#!/bin/sh
+
+#  Read-only Root-FS for Raspian using overlayfs
+#  Version 1.1:
+#  Changed to use /proc/mounts rathern than /etc/fstab for deriving the root filesystem.
+#
+#  Version 1:
+#  Created 2017 by Pascal Suter @ DALCO AG, Switzerland to work on Raspian as custom init script
+#  (raspbian does not use an initramfs on boot)
+#
+#  This program is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 3 of the License, or
+#  (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see
+#    <http://www.gnu.org/licenses/>.
+#
+#
+#  Tested with Raspbian mini, 2017-01-11
+#
+#  This script will mount the root filesystem read-only and overlay it with a temporary tempfs 
+#  which is read-write mounted. This is done using the overlayFS which is part of the linux kernel 
+#  since version 3.18. 
+#  when this script is in use, all changes made to anywhere in the root filesystem mount will be lost 
+#  upon reboot of the system. The SD card will only be accessed as read-only drive, which significantly
+#  helps to prolong its life and prevent filesystem coruption in environments where the system is usually
+#  not shut down properly 
+#
+#  Install: 
+#  copy this script to /sbin/overlayRoot.sh and add "init=/sbin/overlayRoot.sh" to the cmdline.txt 
+#  file in the raspbian image's boot partition. 
+#  I strongly recommend to disable swapping before using this. it will work with swap but that just does 
+#  not make sens as the swap file will be stored in the tempfs which again resides in the ram.
+#  run these commands on the booted raspberry pi BEFORE you set the init=/sbin/overlayRoot.sh boot option:
+#  sudo dphys-swapfile swapoff
+#  sudo dphys-swapfile uninstall
+#  sudo update-rc.d dphys-swapfile remove
+#
+#  To install software, run upgrades and do other changes to the raspberry setup, simply remove the init= 
+#  entry from the cmdline.txt file and reboot, make the changes, add the init= entry and reboot once more. 
+ 
+fail(){
+	echo -e "$1"
+	/bin/bash
+}
+
+createZramDrive () {
+	# Check Zram Class created
+	modprobe zram
+
+	echo "lz4" > /sys/block/zram0/comp_algorithm
+	echo "1000M" > /sys/block/zram0/disksize
+	echo "333M" > /sys/block/zram0/mem_limit
+	mke2fs -v -t ext4 -s 1024 -L zram-config0 /dev/zram0
+	
+}
+
+# load module
+modprobe overlay
+if [ $? -ne 0 ]; then
+    fail "ERROR: missing overlay kernel module"
+fi
+# mount /proc
+mount -t proc proc /proc
+
+# create a writable fs to then create our mountpoints 
+mount -t tmpfs inittemp /mnt
+if [ $? -ne 0 ]; then
+    fail "ERROR: could not create a temporary filesystem to mount the base filesystems for overlayfs"
+fi
+mkdir /mnt/lower
+mkdir /mnt/rw
+
+createZramDrive
+mount -t ext4 /dev/zram0 /mnt/rw
+
+#mount -t tmpfs root-rw /mnt/rw
+if [ $? -ne 0 ]; then
+    fail "ERROR: could not create tempfs for upper filesystem"
+fi
+mkdir /mnt/rw/upper
+mkdir /mnt/rw/work
+mkdir /mnt/newroot
+
+# mount root filesystem readonly 
+rootDev=`awk '$2 == "/" {print $1}' /proc/mounts`
+rootMountOpt=`awk '$2 == "/" {print $4}' /proc/mounts`
+rootFsType=`awk '$2 == "/" {print $3}' /proc/mounts`
+mount -t ${rootFsType} -o ${rootMountOpt},ro ${rootDev} /mnt/lower
+if [ $? -ne 0 ]; then
+    fail "ERROR: could not ro-mount original root partition"
+fi
+mount -t overlay -o lowerdir=/mnt/lower,upperdir=/mnt/rw/upper,workdir=/mnt/rw/work overlayfs-root /mnt/newroot
+if [ $? -ne 0 ]; then
+    fail "ERROR: could not mount overlayFS"
+fi
+# create mountpoints inside the new root filesystem-overlay
+mkdir /mnt/newroot/ro
+mkdir /mnt/newroot/rw
+# remove root mount from fstab (this is already a non-permanent modification)
+grep -v "$rootDev" /mnt/lower/etc/fstab > /mnt/newroot/etc/fstab
+echo "#the original root mount has been removed by overlayRoot.sh" >> /mnt/newroot/etc/fstab
+echo "#this is only a temporary modification, the original fstab" >> /mnt/newroot/etc/fstab
+echo "#stored on the disk can be found in /ro/etc/fstab" >> /mnt/newroot/etc/fstab
+# change to the new overlay root
+cd /mnt/newroot
+pivot_root . mnt
+exec chroot . sh -c "$(cat <<END
+# move ro and rw mounts to the new root
+mount --move /mnt/mnt/lower/ /ro
+if [ $? -ne 0 ]; then
+    echo "ERROR: could not move ro-root into newroot"
+    /bin/bash
+fi
+mount --move /mnt/mnt/rw /rw
+if [ $? -ne 0 ]; then
+    echo "ERROR: could not move tempfs rw mount into newroot"
+    /bin/bash
+fi
+# unmount unneeded mounts so we can unmout the old readonly root
+umount /mnt/mnt
+umount /mnt/proc
+umount -l -f /mnt/dev
+umount -l -f /mnt
+# continue with regular init
+exec /sbin/init
+END
+)"

zram-config

@@ -194,9 +194,42 @@ removeZswap () {
 	echo "/dev$ZRAM_DEV removed" >>${ZLOG}
 }
 
+enableZephemeral () {
+	if [ "$ZEPHEMERAL" = false ] ; then
+		sudo sed -i '/root=PARTUUID/ s|$| init=/bin/ro-root.sh|' /boot/cmdline.txt
+		echo "initramfs initrd followkernel" >> /boot/config.txt
+		echo "ramfsfile=initrd" >> /boot/config.txt
+		echo "ramfsaddr=-1" >> /boot/config.txt
+		cp $ZSHARE/ro-root.sh /bin/ro-root.sh
+		chown root:root /bin/ro-root.sh
+		chmod a+x /bin/ro-root.sh
+		echo "Zephemeral enabled, after reboot all writes & changes will not be persistent"
+	else
+		echo "Zephemeral is already enabled"
+	fi
+}
+
+disableZephemeral () {
+	if [ "$ZEPHEMERAL" = true ] ; then
+		sed -i 's| init=/bin/ro-root.sh||g'  /boot/cmdline.txt
+		sed -i '/initramfs initrd followkernel/d' /boot/config.txt
+		sed -i '/ramfsfile=initrd/d' /boot/config.txt
+		sed -i '/ramfsaddr=-1/d' /boot/config.txt
+		rm /bin/ro-root.sh
+		echo "Zephemeral enabled, after reboot system will be write and change enabled"
+	else
+		echo "Zephemeral is already disabled"
+	fi
+}
+
 ZSHARE=/usr/local/share/zram-config
 ZLOG=${ZSHARE}/log/zram-config.log
 ZDIR=/opt/zram
+if grep -q init=/bin/ro-root.sh /boot/cmdline.txt;then
+ZEPHEMERAL=true
+else
+ZEPHEMERAL=false
+fi
 
 case "$1" in
 	start)
@@ -234,13 +267,17 @@ case "$1" in
 						dir)
 							TARGET_DIR=$5
 							BIND_DIR=$6
-							createZdir
+							if [ "$ZEPHEMERAL" = false ] ; then
+								createZdir
+							fi
 							;;
 						log)
 							TARGET_DIR=$5
 							BIND_DIR=$6
 							OLDLOG_DIR=$7
-							createZlog
+							if [ "$ZEPHEMERAL" = false ] ; then
+								createZlog
+							fi
 							;;
 					esac
 					;;
@@ -281,23 +318,36 @@ case "$1" in
 							ZRAM_DEV=$2
 							TARGET_DIR=$3
 							BIND_DIR=$4
-							removeZdir
+							if [ "$ZEPHEMERAL" = false ] ; then
+								removeZdir
+							fi
 							;;
 						log)
 							ZTYPE=$1
 							ZRAM_DEV=$2
 							TARGET_DIR=$3
 							BIND_DIR=$4
-							removeZlog
+							if [ "$ZEPHEMERAL" = false ] ; then
+								removeZlog
+							fi
 							;;
 					esac
 					;;
 			esac
 		done < "$file"
 		rm -v ${ZSHARE}/zram-device-list.rev >>${ZLOG}
 		;;
+		
+	enable-ephemeral)
+		enableZephemeral
+		;;
+		
+	disable-ephemeral)
+		disableZephemeral
+		;;
+		
 	*)
-		echo "Usage: zram-config {start|stop}" >&2
+		echo "Usage: zram-config {start|stop|enable-ephemeral|disable-ephemeral}" >&2
 		exit 1
 		;;
 esac