From 8a302ee8d802cef51732b50bd5bad53714738425 Mon Sep 17 00:00:00 2001
From: Max Isom <codetheweb@users.noreply.github.com>
Date: Fri, 16 Sep 2016 14:06:17 -0500
Subject: [PATCH] Add comments

---
 setup/login-alerts.sh | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/setup/login-alerts.sh b/setup/login-alerts.sh
index 3741f59a..c5dd53c8 100644
--- a/setup/login-alerts.sh
+++ b/setup/login-alerts.sh
@@ -1,21 +1,22 @@
 #!/bin/bash
 
+# Create a script to be called when a user logs in
 cat << 'EOF' > /etc/ssh/login-alert.sh
 #!/bin/bash
 
 source /etc/mailinabox.conf # load global vars
 
 if [ "$PAM_TYPE" != "close_session" ]; then
-    IP=$(echo $SSH_CONNECTION | cut -d ' ' -f 1)
+    # send alert
     sendEmail -q -f "bot@$PRIMARY_HOSTNAME" -t "admin@$PRIMARY_HOSTNAME" -u "SSH Login: $PAM_USER from $PAM_RHOST" -m "If you don't recognize this login, your key or password may be compromised."
 fi
 EOF
 
-chmod +x /etc/ssh/login-alert.sh
+chmod +x /etc/ssh/login-alert.sh # make script executable
 
-if grep -Fq "login-alert" /etc/pam.d/sshd
+if grep -Fq "login-alert" /etc/pam.d/sshd # if line has already been added to sshd
 then
-    :
+    : # do nothing
 else
-    echo 'session optional pam_exec.so seteuid /etc/ssh/login-alert.sh' >> /etc/pam.d/sshd
+    echo 'session optional pam_exec.so seteuid /etc/ssh/login-alert.sh' >> /etc/pam.d/sshd # otherwise add the line
 fi