www.it-connect.fr
Protect your Linux server from accidental shutdowns with molly-guard
Table of Contents
I. Introduction
When administering a Linux server, a common error is the unintentional execution of critical commands such as "shutdown" or "reboot", on the wrong server. This is all the more likely when you're remotely connected, via SSH, to several servers.
If you restart the production server instead of the development server, your users, your customer or your manager may not like it. To avoid these untimely stops or restarts, we can rely on a handy tool: molly-guard.
It is designed to prevent these situations by adding a layer of protection. As the molly-guard page explains: "This package installs an interpreter script that overrides the existing shutdown/reboot/halt/poweroff/coldreboot/pm-hibernate/pm-suspend* commands and executes a set of scripts first, all of which must complete successfully before molly-guard invokes the actual command." - So it protects you from accidentally executing multiple commands.
In this tutorial, we'll explore how this tool works together and see how to install it on a Linux machine, in this case Debian.
II. Installing molly-guard
To use molly-guard, you first need to install it on your Linux system. The tool is available in the repositories of many distributions, including Debian and Ubuntu. You can install it with the following command after updating your package cache:
sudo apt update
sudo apt install molly-guardThat's all there is to it! Once installed, molly-guard automatically acts as a "guardrail" in front of the commands mentioned in the introduction.
It's interesting to see lines like the one below in the output of the installation command:
Ajout de « détournement de /sbin/halt en /lib/molly-guard/halt par molly-guard »
Ajout de « détournement de /sbin/poweroff en /lib/molly-guard/poweroff par molly-guard »
Ajout de « détournement de /sbin/reboot en /lib/molly-guard/reboot par molly-guard »
Ajout de « détournement de /sbin/shutdown en /lib/molly-guard/shutdown par molly-guard »III. How molly-guard works with SSH
Molly-guard is particularly useful for administrators working via SSH. By default, it detects open SSH sessions and asks for additional confirmation before executing a critical command (shutdown, reboot, etc.).
Connect via SSH to the server where you've set up this tool. For example:
ssh flo@srv-dnsThen try a command like "sudo reboot" to attempt to restart the server. Molly-guard will detect that you are connected via SSH and will ask you for the machine name before proceeding: if you enter the correct machine name and validate, then the action will be executed.
sudo rebootHere's an example:
Note that this protection applies to all users, including when using "sudo" and the live "root" account.
IV. Activate molly-guard on all sessions
By default, molly-guard is active only on SSH sessions. You can enable it on all session types, including physical access (or via a virtual machine console), by modifying the configuration file. Here's the file to modify:
sudo nano /etc/molly-guard/rcYou must activate the "ALWAYS_QUERY_HOSTNAME" directive, as follows:
ALWAYS_QUERY_HOSTNAME=true
Save the file and that's it. From now on, all sensitive actions such as "restart" and "stop" will be subject to validation.
sudo reboot
I: molly-guard: reboot is always molly-guarded on this system.
Please type in hostname of the machine to reboot:V. Conclusion
Simple and effective, that's how we'd describe the Molly-guard tool: install it on your Linux servers to prevent accidental use of power management commands. Human error is not a myth, it does exist... But now you can say: thank you, Molly.
Did you know about molly-guard? What do you think?
