Re: safe halt/reboot/shutdown
also sprach martin f krafft [EMAIL PROTECTED] [2006.10.17.1618 +0200]:
Thus, unless I get other suggestions, I'll package it up in its
own package, which diverts /sbin/{reboot,halt,shutdown} and puts
my shell script in their place. I'll Enhance whatever init systems
there are and I'll ask them to add Suggests.
http://debian.madduck.net/repo/dists/unstable/main/binary-all/admin/molly-guard_0.1_all.deb
I'll treat this discussion as an ITP and upload directly to NEW
after a few rounds of live tests.
Comments welcome.
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft [EMAIL PROTECTED]
: :' : proud Debian developer, author, administrator, and user
`. `'` http://people.debian.org/~madduck - http://debiansystem.info
`- Debian - when you have better things to do than fixing systems
windoze is the one-night-stand of operating systems;
you feel so cheap after having used it.
signature.asc
Description: Digital signature (GPG/PGP)
Re: safe halt/reboot/shutdown
On Mon, 16 Oct 2006, martin f krafft wrote: Yes and no. From the bug report I think your approach was more complex (esp. since it involved sudo). Mine's really just a hack that will only do some silly check if it's called over an SSH connection and a terminal is connected. Otherwise it just passes through. Sudo was involved in my case but not the reason for the problem. The reason wath the fact that there was a command halt different from /sbin/halt found in the $PATH (because the sequence in the directories in $PATH was changed). So you might also call it initscripts fault to change the path or the fault of init not to call /sbin/halt explicitely but I was convinced that providing another halt executable is not really a good idea. Especially if this method were standardised (as in packaged in the Debian archive), I doubt it would be a trap to fall in. Well, this would really make a difference because in this case you could write a bug report against initscripts to care for calling the right halt which was not possible for my local solution. Kind regards Andreas. -- http://fam-tille.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: safe halt/reboot/shutdown
On Mon, 16 Oct 2006 16:50:08 +0200, martin f krafft [EMAIL PROTECTED] wrote: I am sure you've all once typed 'haltenter' only to notice that you were in an active SSH session and the machine on the other side of $BIG_DISTANCE obediently followed your request. I've done it way too much, so I ended up hacking up http://svn.madduck.net/pub/sbin/base/shutdown This script, along with symlinks from halt and reboot, lives in /usr/local/sbin on all my systems -- and thus I would like to see it in Debian proper. However, I feel that it's too small for a separate package, and I am not sure sysv-utils is the appropriate place, even if debconf would ask the user whether s/he wanted that safety net. A more compatible way of doing so would be having an optional configuration file where one could set an option that shutdown won't do anything unless the correct host name was given on the command line. The config file should be optional so that shutdown's behavior is not altered in the default case and shutdown still works even if the config file is not available for any reason such as a broken system. While we are at it, this configuration file should also have an option to completely forbid shutdown -h or halt - a colocated server that switches itself off after shutdown -h won't respond to a reset signal, so remote hands are needed. Greetings Marc -- -- !! No courtesy copies, please !! - Marc Haber |Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG Rightful Heir | Fon: *49 621 72739834
Re: safe halt/reboot/shutdown
also sprach Marc Haber [EMAIL PROTECTED] [2006.10.17.1453 +0200]: A more compatible way of doing so would be having an optional configuration file where one could set an option that shutdown won't do anything unless the correct host name was given on the command line. You want to alter /sbin/shutdown itself? While we are at it, this configuration file should also have an option to completely forbid shutdown -h or halt - a colocated server that switches itself off after shutdown -h won't respond to a reset signal, so remote hands are needed. This is a good idea. I'll see to implementing this in my script, along with the suggested configuration file handling. I do like the extra prompt though... -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft [EMAIL PROTECTED] : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems NP: No-Man / Flowermouth (2005 Reissue) signature.asc Description: Digital signature (GPG/PGP)
Re: safe halt/reboot/shutdown
On Tue, 17 Oct 2006 15:12:25 +0200, martin f krafft [EMAIL PROTECTED] wrote: also sprach Marc Haber [EMAIL PROTECTED] [2006.10.17.1453 +0200]: A more compatible way of doing so would be having an optional configuration file where one could set an option that shutdown won't do anything unless the correct host name was given on the command line. You want to alter /sbin/shutdown itself? Yes. Greetings Marc -- -- !! No courtesy copies, please !! - Marc Haber |Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG Rightful Heir | Fon: *49 621 72739834
Re: safe halt/reboot/shutdown
On Tue, 17 Oct 2006, Marc Haber wrote: You want to alter /sbin/shutdown itself? Yes. According to my own experience this would probably be the only clean way. Kind regards Andreas. -- http://fam-tille.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: safe halt/reboot/shutdown
also sprach Marc Haber [EMAIL PROTECTED] [2006.10.17.1556 +0200]: You want to alter /sbin/shutdown itself? Yes. Go for it. In the mean time I am going to deal with my shell script. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft [EMAIL PROTECTED] : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems NP: No-Man / Speak signature.asc Description: Digital signature (GPG/PGP)
Re: safe halt/reboot/shutdown
also sprach Andreas Tille [EMAIL PROTECTED] [2006.10.17.1600 +0200]:
According to my own experience this would probably be the only
clean way.
I fail to see the problem with my shell script: unless it's called
via SSH while connected to a terminal, it does nothing else but call
/sbin/halt.real (or whatever the actual halt command is). No sudo,
no grep, no anything, just plain POSIX shell.
I agree that it would be *nice* to have a policy framework for
shutdown, but it just won't happen before etch. But I want my shell
script in etch.
Thus, unless I get other suggestions, I'll package it up in its own
package, which diverts /sbin/{reboot,halt,shutdown} and puts my
shell script in their place. I'll Enhance whatever init systems
there are and I'll ask them to add Suggests.
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft [EMAIL PROTECTED]
: :' : proud Debian developer, author, administrator, and user
`. `'` http://people.debian.org/~madduck - http://debiansystem.info
`- Debian - when you have better things to do than fixing systems
always remember you're unique, just like everyone else.
signature.asc
Description: Digital signature (GPG/PGP)
safe halt/reboot/shutdown
Hi all, I am sure you've all once typed 'haltenter' only to notice that you were in an active SSH session and the machine on the other side of $BIG_DISTANCE obediently followed your request. I've done it way too much, so I ended up hacking up http://svn.madduck.net/pub/sbin/base/shutdown This script, along with symlinks from halt and reboot, lives in /usr/local/sbin on all my systems -- and thus I would like to see it in Debian proper. However, I feel that it's too small for a separate package, and I am not sure sysv-utils is the appropriate place, even if debconf would ask the user whether s/he wanted that safety net. We have debianutils, moreutils, coreutils, etc. Is there a package for random small admin utils? Any suggestions on how I might manage to include that shell script with etch still, and in a sensible way? Lars suggested openssh-server, which would make sense, but I doubt it would happen. Cheers, -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft [EMAIL PROTECTED] : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems NP: Porcupine Tree / Tarquin's Seaweed Farm (Side A) signature.asc Description: Digital signature (GPG/PGP)
Re: safe halt/reboot/shutdown
[martin f kraft] This script, along with symlinks from halt and reboot, lives in /usr/local/sbin on all my systems Replacing halt might be a bit risky, as the story in URL:http://bugs.debian.org/354163 document. :) Friendly, -- Petter Reinholdtsen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: safe halt/reboot/shutdown
also sprach Petter Reinholdtsen [EMAIL PROTECTED] [2006.10.16.1740 +0200]: This script, along with symlinks from halt and reboot, lives in /usr/local/sbin on all my systems Replacing halt might be a bit risky, as the story in URL:http://bugs.debian.org/354163 document. :) I would not be replacing it, really. Unless $SSH_CONNECTION is defined in the environment, all the shell script does is pass right through. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft [EMAIL PROTECTED] : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems the liar at any rate recognises that recreation, not instruction, is the aim of conversation, and is a far more civilised being than the blockhead who loudly expresses his disbelief in a story which is told simply for the amusement of the company. -- oscar wilde signature.asc Description: Digital signature (GPG/PGP)
Re: safe halt/reboot/shutdown
On Mon, 16 Oct 2006, martin f krafft wrote: also sprach Petter Reinholdtsen [EMAIL PROTECTED] [2006.10.16.1740 +0200]: This script, along with symlinks from halt and reboot, lives in /usr/local/sbin on all my systems Replacing halt might be a bit risky, as the story in URL:http://bugs.debian.org/354163 document. :) I would not be replacing it, really. Unless $SSH_CONNECTION is defined in the environment, all the shell script does is pass right through. It is exactly what I did and what caused the trouble and hours of debugging. My solution I found in a local package is to define commands hult and rebuut and use these exclusively so I will not type halt and reboot on any machine I have sufficient permissions any more. Kind regards Andreas. -- http://fam-tille.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: safe halt/reboot/shutdown
also sprach Andreas Tille [EMAIL PROTECTED] [2006.10.16.2151 +0200]: It is exactly what I did and what caused the trouble and hours of debugging. Yes and no. From the bug report I think your approach was more complex (esp. since it involved sudo). Mine's really just a hack that will only do some silly check if it's called over an SSH connection and a terminal is connected. Otherwise it just passes through. Especially if this method were standardised (as in packaged in the Debian archive), I doubt it would be a trap to fall in. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft [EMAIL PROTECTED] : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems remember, half the people you know are below average. signature.asc Description: Digital signature (GPG/PGP)
