Hi,
after playing around with this, it looks like this will only work as
long as the screen session has not been detached.
Before detaching the screen session it looks like this in ps fax:
2580 ? Ss 0:00 /usr/sbin/sshd
3568 ? Ss 0:00 \_ sshd: bd [priv]
3570 ? S 0:03 \_ sshd: b...@pts/0
3571 pts/0 Ss 0:00 \_ -bash
4982 pts/0 S+ 0:00 \_ screen -U -S work ...
4983 ? Ss 0:00 \_ SCREEN -U -S work ...
4984 pts/1 Ss+ 0:00 \_ ssh ***
4985 pts/2 Ss+ 0:00 \_ ssh ***
4986 pts/3 Ss 0:00 \_ bash
5025 pts/3 R+ 0:00 \_ ps fax
5026 pts/3 S+ 0:00 \_ less
After a detach/attach it looks like this:
2580 ? Ss 0:00 /usr/sbin/sshd
3568 ? Ss 0:00 \_ sshd: bd [priv]
3570 ? S 0:03 \_ sshd: b...@pts/0
3571 pts/0 Ss 0:00 \_ -bash
5031 pts/0 S+ 0:00 \_ screen -Udr work
...
4983 ? Ss 0:00 SCREEN -U -S work ...
4984 pts/1 Ss+ 0:00 \_ ssh ***
4985 pts/2 Ss+ 0:00 \_ ssh ***
4986 pts/3 Ss 0:00 \_ bash
5033 pts/3 R+ 0:00 \_ ps fax
5034 pts/3 S+ 0:00 \_ less
Now if you run molly-guard from bash (PID 4986) it will walk up the
process hierarchy and _NOT_ encounter ssh, since SCREENs parent is now init.
I changed the patch to walk up the process hierarchy and molly-guard the
machine if screen or sshd is found.
regards
Stefan
diff --git a/rc b/rc
index d5b87cc..eb456ed 100644
--- a/rc
+++ b/rc
@@ -4,3 +4,9 @@
# when set, causes the 30-query-hostname script to always ask for the
# hostname, even if no SSH session was detected.
#ALWAYS_QUERY_HOSTNAME=true
+#
+# CHECK_IMAGES
+#
+# Space seperated list of image names to look for and if found to protect
+# against.
+CHECK_IMAGES="sshd screen"
diff --git a/run.d/30-query-hostname b/run.d/30-query-hostname
index d040603..fddf54c 100755
--- a/run.d/30-query-hostname
+++ b/run.d/30-query-hostname
@@ -3,6 +3,7 @@
# 30-ask-hostname - request the user to type in the hostname of the local host
#
# Copyright © martin f. krafft <madd...@madduck.net>
+# Copyright © 2009 Stefan Völkel <b...@bc-bd.org>
# Released under the terms of the Artistic Licence 2.0
#
set -eu
@@ -21,28 +22,57 @@ done
# require an interactive terminal connected to stdin
test -t 0 || exit 0
-# we've been asked to always protect this host
+# whether we should check for an ssh session or not
+CHECK=1
+
+# should we bypass ssh session checking and handle as if we found one?
+if [ $PRETEND_SSH -eq 1 ]; then
+ CHECK=0
+ echo "I: $ME: --pretend-ssh was given, handling as ssh session" >&2
+fi
+
+# should this hostname always be guarded?
case "${ALWAYS_QUERY_HOSTNAME:-0}" in
0|false|False|no|No|off|Off)
- # only run if we are being called over SSH, that is if the current terminal
- # was created by sshd.
- PTS=$(readlink /proc/$$/fd/0)
- if ! pgrep -f "^sshd.+${PTS#/dev/}\>" >/dev/null \
- && [ -z "${SSH_CONNECTION:-}" ]; then
- if [ $PRETEND_SSH -eq 1 ]; then
- echo "I: $ME: this is not an SSH session, but --pretend-ssh was
given..." >&2
- else
- exit 0
- fi
- else
- echo "W: $ME: SSH session detected!" >&2
- fi
- ;;
+ ;;
*)
+ CHECK=0
echo "I: $ME: $MOLLYGUARD_CMD is always molly-guarded on this system." >&2
;;
esac
+# bypass image check?
+if [ $CHECK -ne 0 ]; then
+ # no, set parent pid
+ PARENT=$$
+
+ FOUND=""
+ # keep looking at parent pid until ...
+ while [ -z $FOUND ]; do
+ # ... no more parents
+ # => molly-guard was NOT started as child of sshd
+ # => this is NOT an ssh/screen/whatever session
+ # => reboot/halt/... as requested
+ [ $PARENT -eq 0 ] && exit 0
+
+ # find out image name
+ EXE=$(basename $(readlink /proc/$PARENT/exe) )
+
+ # ... parent image is one of sshd, screen
+ for p in $CHECK_IMAGES; do
+ if [ "$p" == "$EXE" ]; then
+ FOUND=$p
+ break;
+ fi
+ done
+
+ # get next pid
+ PARENT=$(ps -o "ppid=" $PARENT | sed 's/^ \+//')
+ done
+
+ echo "I: $ME: $FOUND found." >&2
+fi
+
HOSTNAME="$(hostname --short)"
sigh()
