From a0ee00aa8aefec9b41b6238acd2006af08033121 Mon Sep 17 00:00:00 2001
From: Cyteen May <cyteen@ring-zero.co.uk>
Date: Thu, 20 Feb 2020 00:17:19 +0000
Subject: [PATCH] Commit before push.

---
 020_molly-guard.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/020_molly-guard.sh b/020_molly-guard.sh
index 2d02907..89029cd 100644
--- a/020_molly-guard.sh
+++ b/020_molly-guard.sh
@@ -1,9 +1,16 @@
 #!/usr/bin/env bash
 
 # Molly-Guard try to block you from accidentally running or shutting down or rebooting Linux servers via ssh.
+
+# molly-guard was primarily designed to shield SSH connections. This functionality (which should arguably be provided by the openssh-server package) is implemented in:
+#
+# /etc/molly-guard/run.d/30-query-hostname.
+#
+# Before molly-guard invokes the real command, all scripts in /etc/molly-guard/run.d/ have to run and exit successfully; else, it aborts the command.
+
 apt-get install -y molly-guard
 
-# sudo and tmux stop  detection of the SSH session. (It also affects screen the same way - this is a known issue listed in man molly-guard.)
+# sudo and tmux stop detection of the SSH session. (It also affects screen the same way - this is a known issue listed in man molly-guard.)
 cat > /etc/sudoers.d/molly-guard << EOF
 Defaults env_keep += SSH_CONNECTION
 EOF