#!/bin/bash

## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
## See the file COPYING for copying conditions.

## Similar to persistent-mode-to-read-write.

set -x

error_handler() {
   exit_code="1"
}

trap error_handler ERR

exit_code="0"

source /usr/libexec/helper-scripts/live-mode.sh

if [ "$live_status_detected" = "false" ]; then
   ## Persistent mode.
   true "$0: INFO: Persistent mode detected. Doing nothing. Exiting."
   exit 0
fi
## Live mode.

vm_names_list="$(virsh list --all | awk '{print $2}'| grep -v Name)"

for vm_name_item in $vm_names_list ; do
   virt-xml "$vm_name_item" --edit --disk readonly=on
done

## https://forums.whonix.org/t/whonix-host-live-enable-kvm-readonly-mode-virt-xml-vm-name-edit-disk-readonly-on/18525
if test -f "/var/lib/libvirt/images/Whonix-Gateway.qcow2" ; then
   chmod --verbose --recursive ugo-w "/var/lib/libvirt/images/Whonix-Gateway.qcow2"
fi
if test -f "/var/lib/libvirt/images/Whonix-Workstation.qcow2" ; then
   chmod --verbose --recursive ugo-w "/var/lib/libvirt/images/Whonix-Workstation.qcow2"
fi

## "chmod ugo-r" is set during build in chroot:
## https://github.com/Whonix/Whonix/blob/master/build-steps.d/*_copy_vms_into_raw

exit "$exit_code"
