]> git.madduck.net Git - code/molly-guard.git/blob - README

madduck's git repository

Every one of the projects in this repository is available at the canonical URL git://git.madduck.net/madduck/pub/<projectpath> — see each project's metadata for the exact URL.

All patches and comments are welcome. Please squash your changes to logical commits before using git-format-patch and git-send-email to patches@git.madduck.net. If you'd read over the Git project's submission guidelines and adhered to them, I'd be especially grateful.

SSH access, as well as push access can be individually arranged.

If you use my repositories frequently, consider adding the following snippet to ~/.gitconfig and using the third clone URL listed for each project:

[url "git://git.madduck.net/madduck/"]
  insteadOf = madduck:

add a readme
[code/molly-guard.git] / README
1 molly-guard
2 ===========
3
4 molly-guard attempts to prevent you from accidentally shutting down or
5 rebooting remote machines. It does this by injecting a couple of checks before
6 the existing commands: halt, reboot, shutdown, and poweroff.
7
8 It does this by putting scripts with the same names into /usr/sbin, so it only
9 works if you have /usr/sbin before /sbin in your $PATH!
10
11 The checks are:
12
13   - test whether the current pty has been created by sshd
14   - test whether a variable $SSH_CONNECTION exists
15
16 If any of these tests are successful, molly-guard asks you to type the
17 machine's hostname, which should be sufficient to prevent you from doing
18 something by accident.
19
20 The following situations are still UNGUARDED. If you can think of ways to
21 protect against those, please let me know!
22
23   - running sudo within screen or screen within sudo; sudo eats the
24     $SSH_CONNECTION variable, and screen creates a new pty.
25
26   - executing those command in a remote terminal window, that is a XTerm
27     started on a remote machine but displaying on the local X server.
28
29 You have been warned. You can use the --molly-guard-do-nothing switch to
30 prevent anything from happening, e.g.
31
32   halt --molly-guard-do-nothing
33
34  -- martin f. krafft <madduck@debian.org>  Wed, 12 Mar 2008 20:02:14 +0100