On 2013-08-08 at 12:20:52, martin f krafft wrote:
> also sprach Francois Marier <franc...@debian.org> [2013.04.14.1234 +0200]:
> > On the other hand, if I use mosh to access the same server, typing
> > "sudo reboot" immediately reboots the server without any prompts.
>
> Does this patch against /etc/molly-guard/30-query-hostname guard
> against this?
Yes, but there's another is_child_of_sshd to change as well.
See attached patch.
Francois
--
Francois Marier identi.ca/fmarier
http://fmarier.org twitter.com/fmarier
diff --git a/molly-guard/run.d/30-query-hostname b/molly-guard/run.d/30-query-hostname
index ea0aad5..689df69 100755
--- a/molly-guard/run.d/30-query-hostname
+++ b/molly-guard/run.d/30-query-hostname
@@ -11,7 +11,7 @@ ME=molly-guard
# Walk up the process tree until PID 1 is reached or a process with 'sshd' in
# its /proc/<pid>/cmdline is met. Return success if such a process is found.
-is_child_of_sshd() {
+is_child_of_sshd_or_mosh_server() {
pid=$$
ppid=$PPID
# Be a bit paranoid with the guard, should some horribly broken system
@@ -19,7 +19,7 @@ is_child_of_sshd() {
# sane systems.
[ -z "$pid" ] || [ -z "$ppid" ] && return 2
while [ $pid -gt 1 ] && [ $pid -ne $ppid ]; do
- if grep -q sshd /proc/$ppid/cmdline; then
+ if egrep -q 'sshd|mosh-server' /proc/$ppid/cmdline; then
return 0
fi
pid=$ppid
@@ -48,7 +48,7 @@ case "${ALWAYS_QUERY_HOSTNAME:-0}" in
PTS=$(tty)
if ! pgrep -f "^sshd.+${PTS#/dev/}\>" >/dev/null \
&& [ -z "${SSH_CONNECTION:-}" ] \
- && ! is_child_of_sshd; then
+ && ! is_child_of_sshd_or_mosh_server; then
if [ $PRETEND_SSH -eq 1 ]; then
echo "I: $ME: this is not an SSH session, but --pretend-ssh was given..." >&2
else
