X-Git-Url: https://git.madduck.net/code/molly-guard.git/blobdiff_plain/6476af8af1d6da54d872025de4ae2525cec11fbd..9c7c8ab4858f69298ff9da3a080a61996564150b:/run.d/30-query-hostname?ds=inline diff --git a/run.d/30-query-hostname b/run.d/30-query-hostname index fc8f107..d040603 100755 --- a/run.d/30-query-hostname +++ b/run.d/30-query-hostname @@ -22,23 +22,26 @@ done test -t 0 || exit 0 # we've been asked to always protect this host -if [ ${ALWAYS_QUERY_HOSTNAME:-0} -eq 1 ]; then - echo "I: $ME: $MOLLYGUARD_CMD is always molly-guarded on this system." >&2 -else - # only run if we are being called over SSH, that is if the current terminal - # was created by sshd. - PTS=$(readlink /proc/$$/fd/0) - if ! pgrep -f "^sshd.+${PTS#/dev/}[[:space:]]*$" >/dev/null \ - && [ -z "${SSH_CONNECTION:-}" ]; then - if [ $PRETEND_SSH -eq 1 ]; then - echo "I: $ME: this is not an SSH session, but --pretend-ssh was given..." >&2 - else - exit 0 - fi - else - echo "W: $ME: SSH session detected!" >&2 - fi -fi +case "${ALWAYS_QUERY_HOSTNAME:-0}" in + 0|false|False|no|No|off|Off) + # only run if we are being called over SSH, that is if the current terminal + # was created by sshd. + PTS=$(readlink /proc/$$/fd/0) + if ! pgrep -f "^sshd.+${PTS#/dev/}\>" >/dev/null \ + && [ -z "${SSH_CONNECTION:-}" ]; then + if [ $PRETEND_SSH -eq 1 ]; then + echo "I: $ME: this is not an SSH session, but --pretend-ssh was given..." >&2 + else + exit 0 + fi + else + echo "W: $ME: SSH session detected!" >&2 + fi + ;; + *) + echo "I: $ME: $MOLLYGUARD_CMD is always molly-guarded on this system." >&2 + ;; +esac HOSTNAME="$(hostname --short)"