From 5fcb5afeb15d0617407abfd5b0827153b632d7c4 Mon Sep 17 00:00:00 2001
From: Tom Gundersen <teg@jklm.no>
Date: Sat, 23 Apr 2011 20:22:23 +0200
Subject: remount root very early

This remounts root read-only as early as possible.

In FS#23845 we saw an example of what might happen if we boot with
root mounted rw and something manages to opens a file read-write
on root before we remount read-only.

Signed-off-by: Tom Gundersen <teg@jklm.no>
---
 rc.sysinit | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/rc.sysinit b/rc.sysinit
index 497caae..e102beb 100755
--- a/rc.sysinit
+++ b/rc.sysinit
@@ -34,6 +34,11 @@ fi
 /bin/mountpoint -q /dev/shm || /bin/mount /devshm &> /dev/null \
 	|| /bin/mount -n -t tmpfs shm /dev/shm -o mode=1777,nosuid,nodev
 
+# remount root ro to allow for fsck later on, we remount now to
+# make sure nothing can open files rw on root which would block a remount
+/bin/findmnt / --options ro &>/dev/null || \
+status "Mounting Root Read-Only" /bin/mount -n -o remount,ro /
+
 # start up our mini logger until syslog takes over
 /sbin/minilogd
 /sbin/bootlogd -p /run/bootlogd.pid
@@ -216,8 +221,6 @@ if [[ -f /etc/crypttab && -n $CS ]] && /bin/grep -q ^[^#] /etc/crypttab; then
 	fi
 fi
 
-status "Mounting Root Read-only" /bin/mount -n -o remount,ro /
-
 NETFS="nonfs,nonfs4,nosmbfs,nocifs,nocodafs,noncpfs,nosysfs,noshfs,nofuse,nofuseblk,noglusterfs,nodavfs"
 
 if [[ -x /sbin/fsck ]]; then
-- 
cgit v1.2.3