@@ -6,11 +6,16 @@ function exit_if_error() {
66 test $? -eq 0 || exit $?
77}
88
9+ function is_true() {
10+ local val=" ${1,,} " # lowercase
11+ [[ " ${val} " == " yes" || " ${val} " == " true" || " ${val} " == " 1" || " ${val} " == " on" ]]
12+ }
13+
914function run() {
1015 echo " Running: "
1116 echo " $1 "
1217 echo " "
13- if [[ ${MLC_FAKE_RUN} != ' yes ' ]] ; then
18+ if ! is_true " ${MLC_FAKE_RUN} " ; then
1419 eval " $1 "
1520 exit_if_error
1621 fi
@@ -21,12 +26,12 @@ CURRENT_USER=$(whoami)
2126ACTION=${MLC_ISOLATE_ACTION}
2227
2328# --- No new logins ---
24- if [[ " ${MLC_ISOLATE_NO_NEW_LOGINS} " == " yes " ]] ; then
29+ if is_true " ${MLC_ISOLATE_NO_NEW_LOGINS} " ; then
2530 if [[ " ${ACTION} " == " set" ]]; then
2631 run " ${SUDO} touch /var/run/nologin"
2732 echo " Created /var/run/nologin - new non-root logins blocked"
2833 elif [[ " ${ACTION} " == " unset" ]]; then
29- if [[ " ${MLC_ISOLATE_NOLOGIN_EXISTED} " == " yes " ]] ; then
34+ if is_true " ${MLC_ISOLATE_NOLOGIN_EXISTED} " ; then
3035 echo " /var/run/nologin existed before set - leaving it in place"
3136 else
3237 run " ${SUDO} rm -f /var/run/nologin"
@@ -36,9 +41,9 @@ if [[ "${MLC_ISOLATE_NO_NEW_LOGINS}" == "yes" ]]; then
3641fi
3742
3843# --- Force logout other users ---
39- if [[ " ${MLC_ISOLATE_FORCE_LOGOUT} " == " yes " ]] ; then
44+ if is_true " ${MLC_ISOLATE_FORCE_LOGOUT} " ; then
4045 if [[ " ${ACTION} " == " set" ]]; then
41- echo " Forcing logout of all sessions except current user (${CURRENT_USER} )... "
46+ echo " Forcing logout of all sessions except current user (${CURRENT_USER} ).."
4247 OTHER_USERS=$( who | awk -v me=" ${CURRENT_USER} " ' $1 != me {print $1}' | sort -u)
4348 if [[ -n " ${OTHER_USERS} " ]]; then
4449 for u in ${OTHER_USERS} ; do
@@ -54,7 +59,7 @@ if [[ "${MLC_ISOLATE_FORCE_LOGOUT}" == "yes" ]]; then
5459fi
5560
5661# --- Network isolation ---
57- if [[ " ${MLC_ISOLATE_NETWORK} " == " yes " ]] ; then
62+ if is_true " ${MLC_ISOLATE_NETWORK} " ; then
5863 if [[ " ${ACTION} " == " set" ]]; then
5964 echo " Disabling non-loopback network interfaces..."
6065 IFS=' ,' read -ra IFACES <<< " ${MLC_ISOLATE_SAVED_INTERFACES}"
0 commit comments