Specify machine name on reboot/halt/shutdown
Dr. David Alan Gilbert
ubuntu at treblig.org
Mon May 28 20:05:33 BST 2007
* martin f krafft (madduck at debian.org) wrote:
> also sprach Dr. David Alan Gilbert <ubuntu at treblig.org> [2007.05.28.0028 +0200]:
> > While ssh is probably the commonest way of making this mistake,
> > these days there are lots more ways of doing the same thing:
> > * KVMs (although c-a-d normally are the source of pain there)
> > * VNC
> > * IP connected KVMs
> > * remote X sessions
> > * Management consoles for large systems
> > * serial consoles.
> > * virtual machine consoles
>
> I thus suggest to extend molly-guard with a simple configuration
> file in /etc/default and a debconf question to allow the user to
> choose whether to *always* protect the commands, or only when
> they're run over SSH.
>
> Patches welcome! :)
Hmm that's a reasonable suggestion; with that option enabled we
would still need a way to make the normal /etc/init.d/halt
scripts and friends work, hence why I added an override option -
the tricky bit with doing that as a config switch on molly-guard
rather than in the standard system shutdown/reboot/halt binaries
is that the init scripts would have to be different when
the guard was installed unless there was a path that would
work in both cases - but this is getting messy.
Dave
--
-----Open up your eyes, open up your mind, open up your code -------
/ Dr. David Alan Gilbert | Running GNU/Linux on Alpha,68K| Happy \
\ gro.gilbert @ treblig.org | MIPS,x86,ARM,SPARC,PPC & HPPA | In Hex /
\ _________________________|_____ http://www.treblig.org |_______/
More information about the upstart-devel
mailing list