#!/bin/bash

## Copyright (C) 2019 - 2023 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
## See the file COPYING for copying conditions.

## Similar to persistent-mode-to-read-write.

set -x

error_handler() {
   exit_code="1"
}

trap error_handler ERR

exit_code="0"

vm_names_list="$(virsh list --all | awk '{print $2}'| grep -v Name)"

for vm_name_item in $vm_names_list ; do
   virt-xml "$vm_name_item" --edit --disk readonly=on
done

## https://phabricator.whonix.org/T914
if test -f "/var/lib/libvirt/images/Whonix-Gateway.qcow2" ; then
   chmod --verbose --recursive ugo-w "/var/lib/libvirt/images/Whonix-Gateway.qcow2"
fi
if test -f "/var/lib/libvirt/images/Whonix-Workstation.qcow2" ; then
   chmod --verbose --recursive ugo-w "/var/lib/libvirt/images/Whonix-Workstation.qcow2"
fi

## "chmod ugo-r" is set during build in chroot:
## https://github.com/Whonix/Whonix/blob/master/build-steps.d/*_copy_vms_into_raw

exit "$exit_code"
