Verified Commit d9b12efe authored by Patrick Schleizer's avatar Patrick Schleizer
Browse files

live mod indicator: fix false positive live mode detection

when installing snapd

Thanks to DooSkagg for the bug report!

https://forums.whonix.org/t/wickr-me-gets-whonix-stuck-in-live-mode/9834
parent 224adf95
......@@ -14,66 +14,103 @@ set -e
## 1 means read-only
## 0 means read-write
## as soon as we have at least one "0" -> not live mode
## when using snapd:
##
## dsudo /bin/lsblk --all
##
## NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
## loop0 7:0 0 55M 1 loop /snap/core18/1754
## loop1 7:1 0 0 loop
## loop2 7:2 0 0 loop
## loop3 7:3 0 0 loop
## loop4 7:4 0 0 loop
## loop5 7:5 0 0 loop
## loop6 7:6 0 0 loop
## loop7 7:7 0 0 loop
## sda 8:0 0 100G 0 disk
## sda1 8:1 0 100G 0 part /
## sr0 11:0 1 1024M 0 rom
## when using snapd:
##
## dsudo /bin/lsblk --all
##
## 1
## 1
## 0
## 0
## 0
## 0
## 0
## 0
## 0
## 0
## 0
## Using sudo because hide-hardware-info.service makes this only readable by
## root, not user.
## https://forums.whonix.org/t/restrict-hardware-information-to-root-testers-wanted/8618/13
if sudo --non-interactive /bin/lsblk --noheadings --all --raw --output RO | grep --invert-match "0" ; then
## Output of lsblk does not contain zero ("0"), meaning no read-write devices found.
## In other words, all disks are set set to read-only.
echo "<img>/usr/share/icons/gnome-colors-common/16x16/actions/dialog-apply.png</img>"
## Show "Live" next to info symbol in systray.
echo "<txt>Live</txt>"
## This did not work with snapd
## http://forums.whonix.org/t/wickr-me-gets-whonix-stuck-in-live-mode/9834/1
#if sudo --non-interactive /bin/lsblk --noheadings --all --raw --output RO | grep --invert-match "0" ; then
## Output of lsblk does not contain zero ("0"), meaning no read-write devices found.
## In other words, all disks are set set to read-only.
if test -f /usr/share/anon-gw-base-files/gateway || test -f /usr/share/anon-ws-base-files/workstation ; then
## case: Whonix VM
echo "<tool>Live mode is enabled. All changes to the disk will be gone after a reboot. See: https://whonix.org/wiki/Whonix_Live or click on the icon for more information.</tool>"
echo "<click>x-www-browser https://whonix.org/wiki/Whonix_Live</click>"
echo "<txtclick>x-www-browser https://whonix.org/wiki/Whonix_Live</txtclick>"
if sudo --non-interactive /bin/lsblk --noheadings --all --raw --output RO | grep "0" ; then
true "INFO: If at least one '0' was found. Conclusion: not all read-only. Some read-write."
if grep -qs "boot=live" /proc/cmdline; then
true "INFO: grub-live is enabled."
echo "<img>/usr/share/icons/Adwaita/16x16/status/dialog-warning.png</img>"
echo "<txt>Live</txt>"
if test -f /usr/share/anon-gw-base-files/gateway || test -f /usr/share/anon-ws-base-files/workstation ; then
## case: Whonix VM
echo "<tool>Live mode is enabled but it is still possible to write to the disk. Please power off the machine and set the disk to read-only. See: https://whonix.org/wiki/Whonix_Live or click on the icon for more information.</tool>"
echo "<click>x-www-browser https://whonix.org/wiki/Whonix_Live</click>"
echo "<txtclick>x-www-browser https://whonix.org/wiki/Whonix_Live</txtclick>"
else
## case: Debian hosts, Kicksecure hosts, non-Whonix hosts, Whonix-Host
echo "<tool>Live mode is enabled but it is still possible to write to the disk. Please power off the machine and set the disk to read-only, if possible. See: https://whonix.org/wiki/grub-live or click on the icon for more information.</tool>"
echo "<click>x-www-browser https://whonix.org/wiki/grub-live</click>"
echo "<txtclick>x-www-browser https://whonix.org/wiki/grub-live</txtclick>"
fi
else
## case: Debian hosts, Kicksecure hosts, non-Whonix hosts, Whonix-Host
echo "<tool>Live mode is enabled. All changes to the disk will be gone after a reboot. See: https://whonix.org/wiki/grub-live or click on the icon for more information.</tool>"
echo "<click>x-www-browser https://whonix.org/wiki/grub-live</click>"
echo "<txtclick>x-www-browser https://whonix.org/wiki/grub-live</txtclick>"
fi
true "INFO: Live mode is disabled."
echo "<img>/usr/share/icons/gnome-colors-common/22x22/status/gtk-info.png</img>"
## Do not show "Persistent" next to info symbol in systray.
#echo "<txt>Persistent</txt>"
exit 0
fi
if test -f /usr/share/anon-gw-base-files/gateway || test -f /usr/share/anon-ws-base-files/workstation ; then
## case: Whonix VM
echo "<tool>You are using persistent mode. All changes to the disk will be preserved after a reboot. For using live mode, see: https://whonix.org/wiki/Whonix_Live or click on the icon for more information.</tool>"
echo "<click>x-www-browser https://whonix.org/wiki/Whonix_Live</click>"
echo "<txtclick>x-www-browser https://whonix.org/wiki/Whonix_Live<txtclick>"
else
## case: Debian hosts, Kicksecure hosts, non-Whonix hosts, Whonix-Host
echo "<tool>You are using persistent mode. All changes to the disk will be preserved after a reboot. For using live mode, see: https://whonix.org/wiki/grub-live or click on the icon for more information.</tool>"
echo "<click>x-www-browser https://whonix.org/wiki/grub-live</click>"
echo "<txtclick>x-www-browser https://whonix.org/wiki/grub-live<txtclick>"
fi
fi
else
true "INFO: No '0' is found. Therefore only '1' found. Conclusion: read-only."
if grep -qs "boot=live" /proc/cmdline; then
## grub-live is enabled.
echo "<img>/usr/share/icons/Adwaita/16x16/status/dialog-warning.png</img>"
echo "<img>/usr/share/icons/gnome-colors-common/16x16/actions/dialog-apply.png</img>"
## Show "Live" next to info symbol in systray.
echo "<txt>Live</txt>"
if test -f /usr/share/anon-gw-base-files/gateway || test -f /usr/share/anon-ws-base-files/workstation ; then
## case: Whonix VM
echo "<tool>Live mode is enabled but it is still possible to write to the disk. Please power off the machine and set the disk to read-only. See: https://whonix.org/wiki/Whonix_Live or click on the icon for more information.</tool>"
echo "<tool>Live mode is enabled. All changes to the disk will be gone after a reboot. See: https://whonix.org/wiki/Whonix_Live or click on the icon for more information.</tool>"
echo "<click>x-www-browser https://whonix.org/wiki/Whonix_Live</click>"
echo "<txtclick>x-www-browser https://whonix.org/wiki/Whonix_Live</txtclick>"
else
## case: Debian hosts, Kicksecure hosts, non-Whonix hosts, Whonix-Host
echo "<tool>Live mode is enabled but it is still possible to write to the disk. Please power off the machine and set the disk to read-only, if possible. See: https://whonix.org/wiki/grub-live or click on the icon for more information.</tool>"
echo "<tool>Live mode is enabled. All changes to the disk will be gone after a reboot. See: https://whonix.org/wiki/grub-live or click on the icon for more information.</tool>"
echo "<click>x-www-browser https://whonix.org/wiki/grub-live</click>"
echo "<txtclick>x-www-browser https://whonix.org/wiki/grub-live</txtclick>"
fi
exit 0
fi
## Live mode is disabled.
echo "<img>/usr/share/icons/gnome-colors-common/22x22/status/gtk-info.png</img>"
## Do not show "Persistent" next to info symbol in systray.
#echo "<txt>Persistent</txt>"
if test -f /usr/share/anon-gw-base-files/gateway || test -f /usr/share/anon-ws-base-files/workstation ; then
## case: Whonix VM
echo "<tool>You are using persistent mode. All changes to the disk will be preserved after a reboot. For using live mode, see: https://whonix.org/wiki/Whonix_Live or click on the icon for more information.</tool>"
echo "<click>x-www-browser https://whonix.org/wiki/Whonix_Live</click>"
echo "<txtclick>x-www-browser https://whonix.org/wiki/Whonix_Live<txtclick>"
else
## case: Debian hosts, Kicksecure hosts, non-Whonix hosts, Whonix-Host
echo "<tool>You are using persistent mode. All changes to the disk will be preserved after a reboot. For using live mode, see: https://whonix.org/wiki/grub-live or click on the icon for more information.</tool>"
echo "<click>x-www-browser https://whonix.org/wiki/grub-live</click>"
echo "<txtclick>x-www-browser https://whonix.org/wiki/grub-live<txtclick>"
fi
exit 0
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment