#
set -eu
+ME=molly-guard
+
CMD="${0##*/}"
EXEC="/sbin/$CMD"
+
case "$CMD" in
- halt|reboot|shutdown)
+ halt|reboot|shutdown|poweroff)
+ if [ ! -f $EXEC ]; then
+ echo "E: $ME: not a regular file: $EXEC" >&2
+ exit 4
+ fi
if [ ! -x $EXEC ]; then
- echo "E: not an executable: $EXEC" >&2
+ echo "E: $ME: not an executable: $EXEC" >&2
exit 3
fi
;;
*)
- echo "E: unsupported command: $CMD" >&2
+ echo "E: $ME: unsupported command: $CMD" >&2
exit 1
;;
esac
+ARGS="$@"
+
+do_real_cmd()
+{
+ case "$ARGS" in
+ (*--molly-guard-do-nothing*)
+ ARGS0="${ARGS%%--molly-guard-do-nothing*}"
+ ARGS1="${ARGS##*--molly-guard-do-nothing}"
+ echo "$ME: would run: $EXEC ${ARGS0# } ${ARGS1# }"
+ exit 0;;
+ *) eval exec $EXEC "$ARGS";;
+ esac
+}
+
+# require an interactive terminal connected to stdin
+test -t 0 || do_real_cmd
+
+# only run if we are being called over SSH, that is if the current terminal
+# was created by sshd.
+PTS=$(readlink /proc/$$/fd/0)
+pgrep -f "^sshd.+${PTS#/dev/}[[:space:]]*$" >/dev/null || do_real_cmd
+
+# pass through help commands
+case "$CMD $ARGS" in
+ (shutdown\ *-c*) do_real_cmd;;
+ (shutdown\ *-h*) do_real_cmd;;
+ (*--help*) do_real_cmd;;
+ *) :;;
+esac
+
+HOSTNAME="$(hostname)"
+
+sigh()
+{
+ echo "Good thing I asked; I won't $CMD $HOSTNAME ..."
+ exit 2
+}
+
+trap 'echo;sigh' 1 2 3 9 10 12 15
-if [ -n "${SSH_CONNECTION:-}" ] && test -t 0 && [ "${1:-}" != '--help' ]; then
- echo -n "SSH session detected, type in hostname of the machine to $CMD: "
- read HOSTNAME_USER
+echo "$ME: SSH session detected!"
+echo -n "Please type in hostname of the machine to $CMD: "
+read HOSTNAME_USER || :
- HOSTNAME="$(hostname)"
+[ "$HOSTNAME_USER" = "$HOSTNAME" ] || sigh
- if [ "$HOSTNAME_USER" != "$HOSTNAME" ]; then
- echo "Good thing I asked; I won't $CMD $HOSTNAME ..."
- exit 2
- fi
-fi
+trap - 1 2 3 9 10 12 15
-exec $EXEC "$@"
+do_real_cmd
projects / code / molly-guard.git / blobdiff