#
set -eu
+ME=molly-guard
+
CMD="${0##*/}"
EXEC="/sbin/$CMD"
+
case "$CMD" in
- halt|reboot|shutdown)
+ halt|reboot|shutdown|poweroff)
+ if [ ! -f $EXEC ]; then
+ echo "E: $ME: not a regular file: $EXEC" >&2
+ exit 4
+ fi
if [ ! -x $EXEC ]; then
- echo "E: not an executable: $EXEC" >&2
+ echo "E: $ME: not an executable: $EXEC" >&2
exit 3
fi
;;
*)
- echo "E: unsupported command: $CMD" >&2
+ echo "E: $ME: unsupported command: $CMD" >&2
exit 1
;;
esac
-if [ -n "${SSH_CONNECTION:-}" ] && test -t 0 && [ "${1:-}" != '--help' ]; then
- echo -n "SSH session detected, type in hostname of the machine to $CMD: "
- read HOSTNAME_USER
+usage()
+{
+ cat <<-_eousage
+ Usage: $ME [options]
+ (shielding $EXEC)
+
+ Instead of invoking $EXEC directly, $ME will prompt the user for the
+ machine's hostname to guard against accidental shutdowns/reboots, if the
+ current shell is a child of an SSH connection (or --pretend-ssh) has been
+ given on the command line, if the shell is connected to an interactive
+ terminal, and the actual command to execute is does not involve --help or is
+ \`shutdown -c'.
+
+ Only if the user enters the machine's hostname correctly will $ME take
+ action. Specifying --molly-guard-do-nothing as argument to the command will
+ make $ME echo the command it would execute rather than actually executing
+ it.
+
+ The actual command's help output follows:
- HOSTNAME="$(hostname)"
+ _eousage
+}
- if [ "$HOSTNAME_USER" != "$HOSTNAME" ]; then
- echo "Good thing I asked; I won't $CMD $HOSTNAME ..."
- exit 2
+ARGS=
+DO_NOTHING=0
+PRETEND_SSH=0
+for arg in "$@"; do
+ case "$arg" in
+ (*-molly-guard-do-nothing) DO_NOTHING=1;;
+ (*-help)
+ usage 2>&1
+ eval $EXEC --help 2>&1
+ exit 0
+ ;;
+ (*-pretend-ssh) PRETEND_SSH=1;;
+ *) ARGS="${ARGS:+$ARGS }$arg";;
+ esac
+done
+
+do_real_cmd()
+{
+ if [ $DO_NOTHING -eq 1 ]; then
+ echo "$ME: would run: $EXEC $ARGS"
+ exit 0
+ else
+ eval exec $EXEC "$ARGS"
fi
+}
+
+if [ $DO_NOTHING -eq 1 ]; then
+ echo "I: demo mode; $ME will not do anything due to --molly-guard-do-nothing."
fi
-exec $EXEC "$@"
+# require an interactive terminal connected to stdin
+test -t 0 || do_real_cmd
+
+# only run if we are being called over SSH, that is if the current terminal
+# was created by sshd.
+PTS=$(readlink /proc/$$/fd/0)
+if ! pgrep -f "^sshd.+${PTS#/dev/}[[:space:]]*$" >/dev/null \
+ && [ -z "${SSH_CONNECTION:-}" ]; then
+ if [ $PRETEND_SSH -eq 1 ]; then
+ echo "I: this is not an SSH session, but --pretend-ssh was given..."
+ else
+ do_real_cmd
+ fi
+else
+ echo "W: $ME: SSH session detected!"
+fi
+
+# pass through certain commands
+case "$CMD $ARGS" in
+ (*shutdown\ *-c*)
+ echo "I: executing $CMD $ARGS regardless of SSH session."
+ do_real_cmd
+ ;;
+esac
+
+HOSTNAME="$(hostname --short)"
+
+sigh()
+{
+ echo "Good thing I asked; I won't $CMD $HOSTNAME ..."
+ exit 2
+}
+
+trap 'echo;sigh' 1 2 3 9 10 12 15
+
+echo -n "Please type in hostname of the machine to $CMD: "
+read HOSTNAME_USER || :
+
+[ "$HOSTNAME_USER" = "$HOSTNAME" ] || sigh
+
+trap - 1 2 3 9 10 12 15
+
+do_real_cmd