hardened-queue is a long running program ran in a shell, protecting an internal queue of people that grows and shrinks through commands in the shell. It is designed to only allow a certain set of individuals, defined by the roster file, to enter the queue. Only administrators with the admin password may remove (or "pop") people from the front of the queue.
Upon startup of the queue, it will look for and attempt to read the roster.csv file in its working directory.
This roster file determines the set of people that are allowed to enter the queue, denoted by their ID (whatever format that
may be). This file MUST be in the format of ID,FIRST_NAME,LAST_NAME for each line, with NO extraneous
characters. Assuming this reading & parsing is successful, hardened-queue's shell will then begin and
continuously prompt for a command. See section Commands for a list of all commands hardened-queue's
shell accepts.
hardened-queue, as its name implies, is a hardened version of queue, named as such due to its resilience against
novice sabotage. This is done with two main mechanisms: disabling of SIGINT (CTRL+C)
and SIGTSTP (CTRL+Z), as well as queue backup mechanism in case of successful sabotage. See
section Security Notes for why the "protections" are so limited.
Every minute, hardened-queue will produce a backup file containing the state of the internal queue, named
queue_backup.csv. It is in the format of ID,FIRST_NAME,LAST_NAME. This can be forced
at will by using the backup command (see Commands section). It will also store a log file, named
queue_log.log, which logs when hardened-queue starts, ends, and when the internal queue's
state changes (i.e. is added to or popped from).
The options for hardened-queue are as follows:
-b backup-file
Normally, when hardened-queue begins execution, the internal queue will be empty. However, if a backup
is needing to be restored or the administrator wishes to begin execution with a populated queue, if the -b
option is specified, the internal queue will be populated with the entries of the file denoted by the path
backup-file. backup-file should have the same format as the roster file, i.e.
ID,FIRST_NAME,LAST_NAME. This option makes the assumption that each entry in backup-file
is listed on the roster.
-p prompt
Changes the prompt given to the user when requesting for a command. If option -p is not specified, the
prompt will default to hardened-queue>.
After successful initialization, hardened-queue will then continuously prompt the user for commands. The list of valid commands are as follows:
add id-string
Adds to the tail of the internal queue the person denoted by id-string. If no person exists on the roster with the id of id-string OR the person does exist but is already on the queue, this command will fail. Does not require administrator password.
pop
Removes the person from the front of the queue, and prints their name. Has no effect if the queue is empty. Requires administrator password.
view
Prints the current state of the internal queue, i.e. all people currently in the internal queue, in order. Does not require administrator password.
clear
Clears the terminal screen. Requires administrator password.
backup
Forces a backup of the internal queue. Does not require administrator password.
lock
Locks/unlocks the internal queue. A locked internal queue prevents any new adds with the add command. Administrators can pop as usual. Requires administrator password.
help
Prints out list of all commands and a short description. Does not require administrator password.
quit | exit
Backs up the internal queue and and then exits the shell. Requires administrator password.
hardened-queue currently only has releases on x86 Linux and Windows. To use hardened-queue, simply download the respective executable from the Releases page (on github). Remember, this is a program that needs to be ran in a shell, it is not its own stand-alone program - also, make sure your necessary files are in the same working directory as the executable (namely your roster file and backup file, if applicable).
As stated briefly in the Description section, hardened-queue has been designed to only protect
against novice sabotage. The reason for this is two-fold: firstly, full lockdown on any arbitrary system
is a rather complex thing to do, especially for a small shell program like this one. Secondly: it's a bit out of
scope for me (the author) at the moment (and probably indefinitely). That being said, if someone wants to undertake
the endeavor to really make this a super secure shell program - be my guest! But, for the time being, someone
could very easily just ALT-F4 or just close the terminal straight up.
Also, the administrator password is currently stored in plain-text, inside the code-base. Yeah, not very secure. But, for the context of why this application was created, it's good enough. I am open to making it more secure, if other people need it to be as such.
Created by MutantWafflez.
Check the LICENSE file provided with the source code. For quick reference, it is the GPL-3.0 license.