X-Git-Url: https://git.madduck.net/code/molly-guard.git/blobdiff_plain/b8333417c7987231f26948bfb1b8d0debffc3a00..ecdbd1cb447dca36108ca5fe0c4c6d366a09ae70:/shutdown diff --git a/shutdown b/shutdown index 65fd374..c68b572 100755 --- a/shutdown +++ b/shutdown @@ -15,10 +15,11 @@ CMD="${0##*/}" EXEC="/sbin/$CMD" case "$CMD" in - halt|reboot|shutdown) + halt|reboot|shutdown|poweroff) if [ ! -f $EXEC ]; then echo "E: $ME: not a regular file: $EXEC" >&2 exit 4 + fi if [ ! -x $EXEC ]; then echo "E: $ME: not an executable: $EXEC" >&2 exit 3 @@ -29,29 +30,75 @@ case "$CMD" in exit 1 ;; esac -ARGS="$@" + +usage() +{ + cat <<-_eousage + Usage: $ME [options] + (shielding $EXEC) + + Instead of invoking $EXEC directly, $ME will run a number of checks + to guard against accidental shutdowns/reboots. + + Some of the checks available are: + - Prompt the user for the machine's if the current shell is a child + of an SSH connection (or --pretend-ssh) has been given on the + command line, if the shell is connected to an interactive + terminal, and the actual command to execute is does not involve + --help or is \`shutdown -c'. + + Only if the user satisfies all the checks will $ME take action. + Specifying --molly-guard-do-nothing as argument to the command will + make $ME echo the command it would execute rather than actually executing + it. + + The actual command's help output follows: + + _eousage +} + +ARGS= +DO_NOTHING=0 +CHECK_ARGS= +for arg in "$@"; do + case "$arg" in + (*-molly-guard-do-nothing) DO_NOTHING=1;; + (*-help) + usage 2>&1 + eval $EXEC --help 2>&1 + exit 0 + ;; + (*-pretend-ssh) CHECK_ARGS="${CHECK_ARGS:+$CHECK_ARGS }--arg --pretend-ssh";; + *) ARGS="${ARGS:+$ARGS }$arg";; + esac +done do_real_cmd() { - exec $EXEC "$ARGS" + if [ $DO_NOTHING -eq 1 ]; then + echo "$ME: would run: $EXEC $ARGS" + exit 0 + else + eval exec $EXEC "$ARGS" + fi } -# require $SSH_CONNECTION to be set, indicates an SSH session -[ -n "${SSH_CONNECTION:-}" ] || do_real_cmd -# require an interactive terminal connected to stdin -test -t 0 || do_real_cmd -# pass through help commands +if [ $DO_NOTHING -eq 1 ]; then + echo "I: demo mode; $ME will not do anything due to --molly-guard-do-nothing." +fi + +# pass through certain commands case "$CMD $ARGS" in - 'shutdown*-c'|'*-h') do_real_cmd;; - *) :;; + (*shutdown\ *-c*) + echo "I: executing $CMD $ARGS regardless of check results." + do_real_cmd + ;; esac -echo -n "$ME: SSH session detected, type in hostname of the machine to $CMD: " -read HOSTNAME_USER - -HOSTNAME="$(hostname)" +run-parts --exit-on-error $CHECK_ARGS /usr/share/molly-guard/checks.d -if [ "$HOSTNAME_USER" != "$HOSTNAME" ]; then - echo "Good thing I asked; I won't $CMD $HOSTNAME ..." - exit 2 +# run-parts won't return to us if there are failures, but I'm paranoid. +if [ $? == 0 ]; then + do_real_cmd + exit fi