From: martin f. krafft Date: Sat, 19 Apr 2008 13:31:32 +0000 (+0200) Subject: use settings file X-Git-Tag: 0.4~1 X-Git-Url: https://git.madduck.net/code/molly-guard.git/commitdiff_plain/6476af8af1d6da54d872025de4ae2525cec11fbd?ds=inline;hp=bd31543e20a53d41dd86c5f78f05b3fb3d5b8664 use settings file --- diff --git a/molly-guard.xml b/molly-guard.xml index 01988ad..4daf3da 100644 --- a/molly-guard.xml +++ b/molly-guard.xml @@ -164,7 +164,7 @@ and docbook-xsl in your Build-Depends control field. &dhcommand; was primarily designed to shield SSH connections. This functionality (which should arguably be provided by the openssh-server package) is implemented in - /etc/molly-guard/run.d/10-print-message. + /etc/molly-guard/run.d/30-query-hostname. This script first tests whether the command is being executed from a tty which has been created by @@ -177,7 +177,7 @@ and docbook-xsl in your Build-Depends control field. You can pass the script option to &dhcommand; to pretend that those tests succeeds. Alternatively, setting ALWAYS_QUERY_HOSTNAME in - /etc/default/molly-guard causes the script to + /etc/molly-guard/rc causes the script to always query. The following situations are still UNGUARDED. If you can think of diff --git a/rc b/rc new file mode 100644 index 0000000..d5b87cc --- /dev/null +++ b/rc @@ -0,0 +1,6 @@ +# molly-guard settings +# +# ALWAYS_QUERY_HOSTNAME +# when set, causes the 30-query-hostname script to always ask for the +# hostname, even if no SSH session was detected. +#ALWAYS_QUERY_HOSTNAME=true diff --git a/run.d/30-ask-hostname b/run.d/30-query-hostname similarity index 100% rename from run.d/30-ask-hostname rename to run.d/30-query-hostname diff --git a/shutdown b/shutdown index 2e24f7f..7a36d94 100755 --- a/shutdown +++ b/shutdown @@ -104,7 +104,7 @@ esac MOLLYGUARD_CMD=$CMD; export MOLLYGUARD_CMD MOLLYGUARD_DO_NOTHING=$DO_NOTHING; export MOLLYGUARD_DO_NOTHING -MOLLYGUARD_SETTINGS="/etc/default/$ME"; export MOLLYGUARD_SETTINGS +MOLLYGUARD_SETTINGS="/etc/molly-guard/rc"; export MOLLYGUARD_SETTINGS for script in $(run-parts --test $SCRIPTSDIR); do ret=0