All patches and comments are welcome. Please squash your changes to logical
commits before using git-format-patch and git-send-email to
patches@git.madduck.net.
If you'd read over the Git project's submission guidelines and adhered to them,
I'd be especially grateful.
summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
ecdbd1c)
Based on patch by Andrew McMillan.
+ALWAYS_MOLLY=${ALWAYS_MOLLY:-"0"}
+[ -f /etc/default/${ME} ] && . /etc/default/${ME}
+
+CMD=$1; shift
for arg in "$@"; do
case "$arg" in
(*-help)
for arg in "$@"; do
case "$arg" in
(*-help)
# require an interactive terminal connected to stdin
test -t 0 || exit 0
# require an interactive terminal connected to stdin
test -t 0 || exit 0
-# only run if we are being called over SSH, that is if the current terminal
-# was created by sshd.
-PTS=$(readlink /proc/$$/fd/0)
-if ! pgrep -f "^sshd.+${PTS#/dev/}[[:space:]]*$" >/dev/null \
- && [ -z "${SSH_CONNECTION:-}" ]; then
- if [ $PRETEND_SSH -eq 1 ]; then
- echo "I: this is not an SSH session, but --pretend-ssh was given..."
- else
- exit 0
- fi
+# we've been asked to always protect this host
+if [ ${ALWAYS_MOLLY} -eq 1 ]; then
+ echo "W: $ME: ${CMD} is always molly-guarded on this server."
- echo "W: $ME: SSH session detected!"
+ # only run if we are being called over SSH, that is if the current terminal
+ # was created by sshd.
+ PTS=$(readlink /proc/$$/fd/0)
+ if ! pgrep -f "^sshd.+${PTS#/dev/}[[:space:]]*$" >/dev/null \
+ && [ -z "${SSH_CONNECTION:-}" ]; then
+ if [ $PRETEND_SSH -eq 1 ]; then
+ echo "I: this is not an SSH session, but --pretend-ssh was given..."
+ else
+ exit 0
+ fi
+ else
+ echo "W: $ME: SSH session detected!"
+ fi
terminal, and the actual command to execute is does not involve
--help or is \`shutdown -c'.
terminal, and the actual command to execute is does not involve
--help or is \`shutdown -c'.
+ $ME will always interpose the prompt if the environment variable
+ ALWAYS_MOLLY is set to '1'. This variable may be set in the file
+ /etc/default/${ME} .
+
Only if the user satisfies all the checks will $ME take action.
Specifying --molly-guard-do-nothing as argument to the command will
make $ME echo the command it would execute rather than actually executing
Only if the user satisfies all the checks will $ME take action.
Specifying --molly-guard-do-nothing as argument to the command will
make $ME echo the command it would execute rather than actually executing