From 4f6f588fb53d2756d867ac7e29fb42f4f8fdb335 Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@whonix.org>
Date: Thu, 10 Feb 2022 13:44:55 -0500
Subject: [PATCH] fix, skip deletion of system.map files on read-only
 filesystems

This is required for Qubes /lib/modules read-only implementation at time of writing.

Thanks to @marmarek for the bug report!

https://forums.whonix.org/t/remove-system-map-cannot-work-lib-modules-is-mounted-read-only/13324
---
 usr/libexec/security-misc/remove-system.map | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/usr/libexec/security-misc/remove-system.map b/usr/libexec/security-misc/remove-system.map
index ea33c8b..30fd790 100755
--- a/usr/libexec/security-misc/remove-system.map
+++ b/usr/libexec/security-misc/remove-system.map
@@ -26,9 +26,14 @@ fi
 ## Removes the System.map files as they are only used for debugging or malware.
 for filename in ${system_map_location} ; do
    if [ -f "${filename}" ]; then
-      ## 'shred' with '--verbose' is too chatty. (7 lines)
-      shred --force --zero -u "${filename}"
-      echo "removed '${filename}'"
+      if [ -w "${filename}" ]; then
+         ## 'shred' with '--verbose' is too chatty. (7 lines)
+         shred --force --zero -u "${filename}"
+         echo "removed '${filename}'"
+      else
+         echo "Cannot delete '${filename}' - read-only. For details, see: https://www.kicksecure.com/wiki/security-misc#system_map"
+         exit 0
+      fi
    fi
 done