X-Git-Url: https://git.madduck.net/code/molly-guard.git/blobdiff_plain/0831febd10d68bf34d0d9d246497076a73fea2ae..e21cb71b6c71acb8b7e449c9ea783f3e094a0fe7:/shutdown?ds=inline diff --git a/shutdown b/shutdown index 0a6efd6..db836ef 100755 --- a/shutdown +++ b/shutdown @@ -9,31 +9,73 @@ # set -eu +ME=molly-guard + CMD="${0##*/}" EXEC="/sbin/$CMD" + case "$CMD" in - halt|reboot|shutdown) + halt|reboot|shutdown|poweroff) + if [ ! -f $EXEC ]; then + echo "E: $ME: not a regular file: $EXEC" >&2 + exit 4 + fi if [ ! -x $EXEC ]; then - echo "E: not an executable: $EXEC" >&2 + echo "E: $ME: not an executable: $EXEC" >&2 exit 3 fi ;; *) - echo "E: unsupported command: $CMD" >&2 + echo "E: $ME: unsupported command: $CMD" >&2 exit 1 ;; esac +ARGS="$@" + +do_real_cmd() +{ + case "$ARGS" in + (*--molly-guard-do-nothing*) + ARGS0="${ARGS%%--molly-guard-do-nothing*}" + ARGS1="${ARGS##*--molly-guard-do-nothing}" + echo "$ME: would run: $EXEC ${ARGS0# } ${ARGS1# }" + exit 0;; + *) eval exec $EXEC "$ARGS";; + esac +} + +# require an interactive terminal connected to stdin +test -t 0 || do_real_cmd + +# only run if we are being called over SSH, that is if the current terminal +# was created by sshd. +PTS=$(readlink /proc/$$/fd/0) +pgrep -f "^sshd.+${PTS#/dev/}$" >/dev/null || do_real_cmd + +# pass through help commands +case "$CMD $ARGS" in + (shutdown\ *-c*) do_real_cmd;; + (shutdown\ *-h*) do_real_cmd;; + (*--help*) do_real_cmd;; + *) :;; +esac + +HOSTNAME="$(hostname)" + +sigh() +{ + echo "Good thing I asked; I won't $CMD $HOSTNAME ..." + exit 2 +} + +trap 'echo;sigh' 1 2 3 9 10 12 15 -if [ -n "${SSH_CONNECTION:-}" ] && test -t 0 && [ "${1:-}" != '--help' ]; then - echo -n "SSH session detected, type in hostname of the machine to $CMD: " - read HOSTNAME_USER +echo "$ME: SSH session detected!" +echo -n "Please type in hostname of the machine to $CMD: " +read HOSTNAME_USER || : - HOSTNAME="$(hostname)" +[ "$HOSTNAME_USER" = "$HOSTNAME" ] || sigh - if [ "$HOSTNAME_USER" != "$HOSTNAME" ]; then - echo "Good thing I asked; I won't $CMD $HOSTNAME ..." - exit 2 - fi -fi +trap - 1 2 3 9 10 12 15 -exec $EXEC "$@" +do_real_cmd