X-Git-Url: https://git.madduck.net/code/molly-guard.git/blobdiff_plain/048c6a97f910e0dc1401015065cf56ff9bc86e19..ac6d0fc0d68fb8e81bc815eb65808a820e2bac07:/shutdown?ds=sidebyside

diff --git a/shutdown b/shutdown
index 2489827..be733b7 100755
--- a/shutdown
+++ b/shutdown
@@ -1,15 +1,16 @@
 #!/bin/sh
 #
-# shutdown -- wrapper script to prevent erroneous shutdowns via SSH
+# shutdown -- wrapper script to guard against accidental shutdowns
 #
 # Copyright © martin f. krafft <madduck@madduck.net>
 # Released under the terms of the Artistic Licence 2.0
 #
-# $Id: shutdown 299 2006-10-16 14:40:47Z madduck $
-#
 set -eu
 
 ME=molly-guard
+VERSION=0.4
+SCRIPTSDIR=/etc/molly-guard/run.d
+SCRIPTSDIR="${0%/*}/run.d"
 
 CMD="${0##*/}"
 EXEC="/sbin/$CMD"
@@ -34,29 +35,31 @@ esac
 usage()
 {
   cat <<-_eousage
-	Usage: $ME [options]
+	Usage: $ME [options] [-- script options]
 	       (shielding $EXEC)
+	
+	molly-guard's primary goal is to guard against accidental
+	shutdowns/reboots. $ME will run all scripts in $SCRIPTSDIR and only
+	invokes $EXEC if all scripts exited successfully.
+
+	Specifying --molly-guard-do-nothing as argument to the command will
+	make $ME echo the command it would execute rather than actually
+	executing it.
 
-	Instead of invoking $EXEC directly, $ME will prompt the user for the
-	machine's hostname to guard against accidental shutdowns/reboots, if the
-	current shell is a child of an SSH connection (or --pretend-ssh) has been
-	given on the command line, if the shell is connected to an interactive
-	terminal, and the actual command to execute is does not involve --help or is
-	\`shutdown -c'.
+	Options following the double hyphen will be passed unchanged to the
+	scripts.
 
-	Only if the user enters the machine's hostname correctly will $ME take
-	action. Specifying --molly-guard-do-nothing as argument to the command will
-	make $ME echo the command it would execute rather than actually executing
-	it.
+	Please see molly-guard(8) for more information.
 
 	The actual command's help output follows:
 
 	_eousage
 }
 
-ARGS=
+CMDARGS=
+SCRIPTARGS=
+END_OF_ARGS=0
 DO_NOTHING=0
-PRETEND_SSH=0
 for arg in "$@"; do
   case "$arg" in
     (*-molly-guard-do-nothing) DO_NOTHING=1;;
@@ -65,18 +68,24 @@ for arg in "$@"; do
       eval $EXEC --help 2>&1
       exit 0
       ;;
-    (*-pretend-ssh) PRETEND_SSH=1;;
-    *) ARGS="${ARGS:+$ARGS }$arg";;
+    --) END_OF_ARGS=1;;
+    *) 
+      if [ $END_OF_ARGS -eq 0 ]; then
+        CMDARGS="${args:+$args }$arg"
+      else
+        SCRIPTARGS="${args:+$args }--arg $arg"
+      fi
+      ;;
   esac
 done
 
 do_real_cmd()
 {
   if [ $DO_NOTHING -eq 1 ]; then
-    echo "$ME: would run: $EXEC $ARGS"
+    echo "$ME: would run: $EXEC $CMDARGS"
     exit 0
   else
-    eval exec $EXEC "$ARGS"
+    eval exec $EXEC "$CMDARGS"
   fi
 }
 
@@ -84,45 +93,26 @@ if [ $DO_NOTHING -eq 1 ]; then
   echo "I: demo mode; $ME will not do anything due to --molly-guard-do-nothing."
 fi
 
-# require an interactive terminal connected to stdin
-test -t 0                    || do_real_cmd
-
-# only run if we are being called over SSH, that is if the current terminal
-# was created by sshd.
-PTS=$(readlink /proc/$$/fd/0)
-if ! pgrep -f "^sshd.+${PTS#/dev/}[[:space:]]*$" >/dev/null; then
-  if [ $PRETEND_SSH -eq 1 ]; then
-    echo "I: this is not an SSH session, but --pretend-ssh was given..."
-  else
-    do_real_cmd
-  fi
-else
-  echo "W: $ME: SSH session detected!"
-fi
-
 # pass through certain commands
-case "$CMD $ARGS" in
-  (*shutdown\ *-c*) 
-    echo "I: executing $CMD $ARGS regardless of SSH session."
+case "$CMD $CMDARGS" in
+  (*shutdown\ *-c*)
+    # allow canceling shutdowns
+    echo "I: executing $CMD $CMDARGS regardless of check results."
     do_real_cmd
     ;;
 esac
 
-HOSTNAME="$(hostname --short)"
+MOLLYGUARD_CMD=$CMD; export MOLLYGUARD_CMD
+MOLLYGUARD_DO_NOTHING=$DO_NOTHING; export MOLLYGUARD_DO_NOTHING
+MOLLYGUARD_SETTINGS="/etc/default/$ME"; export MOLLYGUARD_SETTINGS
 
-sigh()
-{
-  echo "Good thing I asked; I won't $CMD $HOSTNAME ..."
-  exit 2
-}
-
-trap 'echo;sigh' 1 2 3 9 10 12 15
-
-echo -n "Please type in hostname of the machine to $CMD: "
-read HOSTNAME_USER || :
-
-[ "$HOSTNAME_USER" = "$HOSTNAME" ] || sigh
-
-trap - 1 2 3 9 10 12 15
+for script in $(run-parts --test $SCRIPTSDIR); do
+  ret=0
+  eval $script $SCRIPTARGS || ret=$?
+  if [ $ret -ne 0 ]; then
+    echo "W: aborting $CMD due to ${script##*/} exiting with code $ret."
+    exit $ret
+  fi
+done
 
 do_real_cmd