Molly-Guard: a Lifesaver on a Ubuntu Server
Have you ever managed to type reload in the wrong terminal window and brought down a core switch (I probably did)? I managed to do the Ubuntu equivalent of that stupidity: I told my main Ubuntu server to sudo poweroff instead of doing that to a Vagrant VM.
Fortunately, the open-source world doesn’t have to rely on the roadmaps created by networking vendors’ product managers; if there’s a big enough pain, someone will solve it.
It took me seconds to find the molly-guard1 Ubuntu package. It intercepts all reboot-related commands, checks whether you’re on an SSH session, and asks for the hostname you want to reboot/power off:
$ sudo poweroff
W: molly-guard: SSH session detected!
Please type in hostname of the machine to poweroff: ^C
Good thing I asked; I won't poweroff brick2 ...
We’ve been rebooting the wrong Cisco IOS boxes for decades, and they still lack an equivalent mechanism. Even worse, I don’t remember ever seeing a reboot molly-guard on a networking device2. Have I missed something? Please leave a comment.
-
Thanks to Wiktionary, we know who Molly was and what she did. ↩︎
-
Yeah, I know I could use EEM or TACACS+ and check the reason, but hey, come on! ↩︎