X-Git-Url: https://git.madduck.net/code/molly-guard.git/blobdiff_plain/f7542967fa23bca04d39e27318f905ab551b1d9c..7667c0bdc5a25496d9226ad1da08e4cfda980464:/shutdown?ds=inline diff --git a/shutdown b/shutdown index 0135f1a..c8005ad 100755 --- a/shutdown +++ b/shutdown @@ -30,52 +30,87 @@ case "$CMD" in exit 1 ;; esac -ARGS="$@" -do_real_cmd() +usage() { - case "$ARGS" in - (*--molly-guard-do-nothing*) - ARGS0="${ARGS%%--molly-guard-do-nothing*}" - ARGS1="${ARGS##*--molly-guard-do-nothing}" - echo "$ME: would run: $EXEC ${ARGS0# } ${ARGS1# }" - exit 0;; - *) eval exec $EXEC "$ARGS";; - esac -} + cat <<-_eousage + Usage: $ME [options] + (shielding $EXEC) -# require an interactive terminal connected to stdin -test -t 0 || do_real_cmd + Instead of invoking $EXEC directly, $ME will run a number of checks + to guard against accidental shutdowns/reboots. -# only run if we are being called over SSH, that is if the current terminal -# was created by sshd. -PTS=$(readlink /proc/$$/fd/0) -pgrep -f "^sshd.+${PTS#/dev/}[[:space:]]*$" >/dev/null || do_real_cmd + Some of the checks available are: + - Prompt the user for the machine's if the current shell is a child + of an SSH connection (or --pretend-ssh) has been given on the + command line, if the shell is connected to an interactive + terminal, and the actual command to execute is does not involve + --help or is \`shutdown -c'. -# pass through help commands -case "$CMD $ARGS" in - (shutdown\ *-c*) do_real_cmd;; - (shutdown\ *-h*) do_real_cmd;; - (*--help*) do_real_cmd;; - *) :;; -esac + $ME will always interpose the prompt if the environment variable + ALWAYS_MOLLY is set to '1'. This variable may be set in the file + /etc/default/${ME} . -HOSTNAME="$(hostname)" + - Print out a warning message with information about this host + before the action takes place. You can use: + /etc/molly-guard..message + To print out a message specific to the command you're trying to + use. Or: + /etc/molly-guard.message + For a general warning message. -sigh() -{ - echo "Good thing I asked; I won't $CMD $HOSTNAME ..." - exit 2 + Only if the user satisfies all the checks will $ME take action. + Specifying --molly-guard-do-nothing as argument to the command will + make $ME echo the command it would execute rather than actually executing + it. + + The actual command's help output follows: + + _eousage } -trap 'echo;sigh' 1 2 3 9 10 12 15 +ARGS= +DO_NOTHING=0 +CHECK_ARGS= +for arg in "$@"; do + case "$arg" in + (*-molly-guard-do-nothing) DO_NOTHING=1;; + (*-help) + usage 2>&1 + eval $EXEC --help 2>&1 + exit 0 + ;; + (*-pretend-ssh) CHECK_ARGS="${CHECK_ARGS:+$CHECK_ARGS }--arg --pretend-ssh";; + *) ARGS="${ARGS:+$ARGS }$arg";; + esac +done + +do_real_cmd() +{ + if [ $DO_NOTHING -eq 1 ]; then + echo "$ME: would run: $EXEC $ARGS" + exit 0 + else + eval exec $EXEC "$ARGS" + fi +} -echo "$ME: SSH session detected!" -echo -n "Please type in hostname of the machine to $CMD: " -read HOSTNAME_USER || : +if [ $DO_NOTHING -eq 1 ]; then + echo "I: demo mode; $ME will not do anything due to --molly-guard-do-nothing." +fi -[ "$HOSTNAME_USER" = "$HOSTNAME" ] || sigh +# pass through certain commands +case "$CMD $ARGS" in + (*shutdown\ *-c*) + echo "I: executing $CMD $ARGS regardless of check results." + do_real_cmd + ;; +esac -trap - 1 2 3 9 10 12 15 +run-parts --exit-on-error $CHECK_ARGS /usr/share/molly-guard/checks.d -do_real_cmd +# run-parts won't return to us if there are failures, but I'm paranoid. +if [ $? == 0 ]; then + do_real_cmd + exit +fi