# Copyright © martin f. krafft <madduck@madduck.net>
# Released under the terms of the Artistic Licence 2.0
#
-# $Id: shutdown 299 2006-10-16 14:40:47Z madduck $
-#
set -eu
ME=molly-guard
EXEC="/sbin/$CMD"
case "$CMD" in
- halt|reboot|shutdown)
+ halt|reboot|shutdown|poweroff)
if [ ! -f $EXEC ]; then
echo "E: $ME: not a regular file: $EXEC" >&2
exit 4
+ fi
if [ ! -x $EXEC ]; then
echo "E: $ME: not an executable: $EXEC" >&2
exit 3
exit 1
;;
esac
-ARGS="$@"
+
+usage()
+{
+ cat <<-_eousage
+ Usage: $ME [options]
+ (shielding $EXEC)
+
+ Instead of invoking $EXEC directly, $ME will run a number of checks
+ to guard against accidental shutdowns/reboots.
+
+ Some of the checks available are:
+ - Prompt the user for the machine's if the current shell is a child
+ of an SSH connection (or --pretend-ssh) has been given on the
+ command line, if the shell is connected to an interactive
+ terminal, and the actual command to execute is does not involve
+ --help or is \`shutdown -c'.
+
+ $ME will always interpose the prompt if the environment variable
+ ALWAYS_MOLLY is set to '1'. This variable may be set in the file
+ /etc/default/${ME} .
+
+ - Print out a warning message with information about this host
+ before the action takes place. You can use:
+ /etc/molly-guard.<Action>.message
+ To print out a message specific to the command you're trying to
+ use. Or:
+ /etc/molly-guard.message
+ For a general warning message.
+
+ Only if the user satisfies all the checks will $ME take action.
+ Specifying --molly-guard-do-nothing as argument to the command will
+ make $ME echo the command it would execute rather than actually executing
+ it.
+
+ The actual command's help output follows:
+
+ _eousage
+}
+
+ARGS=
+DO_NOTHING=0
+CHECK_ARGS=
+for arg in "$@"; do
+ case "$arg" in
+ (*-molly-guard-do-nothing) DO_NOTHING=1;;
+ (*-help)
+ usage 2>&1
+ eval $EXEC --help 2>&1
+ exit 0
+ ;;
+ (*-pretend-ssh) CHECK_ARGS="${CHECK_ARGS:+$CHECK_ARGS }--arg --pretend-ssh";;
+ *) ARGS="${ARGS:+$ARGS }$arg";;
+ esac
+done
do_real_cmd()
{
- exec $EXEC "$ARGS"
+ if [ $DO_NOTHING -eq 1 ]; then
+ echo "$ME: would run: $EXEC $ARGS"
+ exit 0
+ else
+ eval exec $EXEC "$ARGS"
+ fi
}
-# require $SSH_CONNECTION to be set, indicates an SSH session
-[ -n "${SSH_CONNECTION:-}" ] || do_real_cmd
-# require an interactive terminal connected to stdin
-test -t 0 || do_real_cmd
-# pass through help commands
+if [ $DO_NOTHING -eq 1 ]; then
+ echo "I: demo mode; $ME will not do anything due to --molly-guard-do-nothing."
+fi
+
+# pass through certain commands
case "$CMD $ARGS" in
- 'shutdown*-c'|'*-h') do_real_cmd;;
- *) :;;
+ (*shutdown\ *-c*)
+ echo "I: executing $CMD $ARGS regardless of check results."
+ do_real_cmd
+ ;;
esac
-echo -n "$ME: SSH session detected, type in hostname of the machine to $CMD: "
-read HOSTNAME_USER
-
-HOSTNAME="$(hostname)"
+run-parts --exit-on-error --arg $CMD $CHECK_ARGS /usr/share/molly-guard/checks.d
-if [ "$HOSTNAME_USER" != "$HOSTNAME" ]; then
- echo "Good thing I asked; I won't $CMD $HOSTNAME ..."
- exit 2
+# run-parts won't return to us if there are failures, but I'm paranoid.
+if [ $? == 0 ]; then
+ do_real_cmd
+ exit
fi