]> git.madduck.net Git - code/molly-guard.git/blobdiff - shutdown

madduck's git repository

Every one of the projects in this repository is available at the canonical URL git://git.madduck.net/madduck/pub/<projectpath> — see each project's metadata for the exact URL.

All patches and comments are welcome. Please squash your changes to logical commits before using git-format-patch and git-send-email to patches@git.madduck.net. If you'd read over the Git project's submission guidelines and adhered to them, I'd be especially grateful.

SSH access, as well as push access can be individually arranged.

If you use my repositories frequently, consider adding the following snippet to ~/.gitconfig and using the third clone URL listed for each project:

[url "git://git.madduck.net/madduck/"]
  insteadOf = madduck:

projects / code / molly-guard.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
reformat help output
[code/molly-guard.git] / shutdown
diff --git a/shutdown b/shutdown
index db836efc73affcee2abc464fedf5636fa9bb6b04..f12fde0fdb8ae5ca059af3d9318901a98bdede3f 100755 (executable)
--- a/shutdown
+++ b/shutdown
@@ -5,11 +5,10 @@
 # Copyright © martin f. krafft <madduck@madduck.net>
 # Released under the terms of the Artistic Licence 2.0
 #
 # Copyright © martin f. krafft <madduck@madduck.net>
 # Released under the terms of the Artistic Licence 2.0
 #
-# $Id: shutdown 299 2006-10-16 14:40:47Z madduck $
-#
 set -eu
 
 ME=molly-guard
 set -eu
 
 ME=molly-guard
+CHECKSDIR=/etc/molly-guard/checks.d
 
 CMD="${0##*/}"
 EXEC="/sbin/$CMD"
 
 CMD="${0##*/}"
 EXEC="/sbin/$CMD"
@@ -30,52 +29,87 @@ case "$CMD" in
     exit 1
     ;;
 esac
     exit 1
     ;;
 esac
-ARGS="$@"
 
 
-do_real_cmd()
+usage()
 {
 {
-  case "$ARGS" in
-    (*--molly-guard-do-nothing*)
-      ARGS0="${ARGS%%--molly-guard-do-nothing*}"
-      ARGS1="${ARGS##*--molly-guard-do-nothing}"
-      echo "$ME: would run: $EXEC ${ARGS0# } ${ARGS1# }"
-      exit 0;;
-    *) eval exec $EXEC "$ARGS";;
-  esac
-}
+  cat <<-_eousage
+       Usage: $ME [options]
+              (shielding $EXEC)
 
 
-# require an interactive terminal connected to stdin
-test -t 0                    || do_real_cmd
+       Instead of invoking $EXEC directly, $ME will run a number of checks
+        to guard against accidental shutdowns/reboots.
 
 
-# only run if we are being called over SSH, that is if the current terminal
-# was created by sshd.
-PTS=$(readlink /proc/$$/fd/0)
-pgrep -f "^sshd.+${PTS#/dev/}$" >/dev/null || do_real_cmd
+        Some of the checks available are:
+        - Prompt the user for the machine's if the current shell is a child
+          of an SSH connection (or --pretend-ssh) has been given on the
+          command line, if the shell is connected to an interactive
+         terminal, and the actual command to execute is does not involve
+          --help or is \`shutdown -c'.
 
 
-# pass through help commands
-case "$CMD $ARGS" in
-  (shutdown\ *-c*) do_real_cmd;;
-  (shutdown\ *-h*) do_real_cmd;;
-  (*--help*) do_real_cmd;;
-  *) :;;
-esac
+         $ME will always interpose the prompt if the environment variable
+          ALWAYS_MOLLY is set to '1'.  This variable may be set in the file
+         /etc/default/${ME} .
 
 
-HOSTNAME="$(hostname)"
+        - Print out a warning message with information about this host
+         before the action takes place.  You can use:
+               /etc/molly-guard.<Action>.message
+         To print out a message specific to the command you're trying to
+         use.  Or:
+               /etc/molly-guard.message
+         For a general warning message.
 
 
-sigh()
-{
-  echo "Good thing I asked; I won't $CMD $HOSTNAME ..."
-  exit 2
+       Only if the user satisfies all the checks will $ME take action.
+       Specifying --molly-guard-do-nothing as argument to the command will
+       make $ME echo the command it would execute rather than actually executing
+       it.
+
+       The actual command's help output follows:
+
+       _eousage
 }
 
 }
 
-trap 'echo;sigh' 1 2 3 9 10 12 15
+ARGS=
+DO_NOTHING=0
+CHECK_ARGS=
+for arg in "$@"; do
+  case "$arg" in
+    (*-molly-guard-do-nothing) DO_NOTHING=1;;
+    (*-help)
+      usage 2>&1
+      eval $EXEC --help 2>&1
+      exit 0
+      ;;
+    (*-pretend-ssh) CHECK_ARGS="${CHECK_ARGS:+$CHECK_ARGS }--arg --pretend-ssh";;
+    *) ARGS="${ARGS:+$ARGS }$arg";;
+  esac
+done
+
+do_real_cmd()
+{
+  if [ $DO_NOTHING -eq 1 ]; then
+    echo "$ME: would run: $EXEC $ARGS"
+    exit 0
+  else
+    eval exec $EXEC "$ARGS"
+  fi
+}
 
 
-echo "$ME: SSH session detected!"
-echo -n "Please type in hostname of the machine to $CMD: "
-read HOSTNAME_USER || :
+if [ $DO_NOTHING -eq 1 ]; then
+  echo "I: demo mode; $ME will not do anything due to --molly-guard-do-nothing."
+fi
 
 
-[ "$HOSTNAME_USER" = "$HOSTNAME" ] || sigh
+# pass through certain commands
+case "$CMD $ARGS" in
+  (*shutdown\ *-c*) 
+    echo "I: executing $CMD $ARGS regardless of check results."
+    do_real_cmd
+    ;;
+esac
 
 
-trap - 1 2 3 9 10 12 15
+run-parts --exit-on-error --arg $CMD $CHECK_ARGS /etc/molly-guard/checks.d
 
 
-do_real_cmd
+# run-parts won't return to us if there are failures, but I'm paranoid.
+if [ $? == 0 ]; then
+  do_real_cmd
+  exit
+fi
prevent accidental system shutdowns/reboots

Legalese

All content available in this repository is copyright © martin f. krafft, unless otherwise noted.

All files and their content are released under the terms of the Artistic Licence 2.0, unless otherwise noted.

The operator of this repository shall not be held liable for offending content in pages linking to or linked from these page, nor does he endorse their content unless stated otherwise.