#!/bin/ksh -p

#
# ident "@(#)utfwsync.ksh	1.17 04/05/04 SMI"
#
# Copyright 2000-2004 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#

umask 022
PATH="/usr/sbin:/usr/bin:/bin"

PROGRAM_ID="${0##*/}"

trap "" INT QUIT  # ignore these signals

trap "CleanupAndExit 1" TERM

TRACING=":"
case "$-" in
*x*)
  TRACING="set -x"
  typeset -ftx GetGroup
  typeset -ftx StopGroup
  typeset -ftx RestartGroup
  typeset -ftx WaitPeriod
  ;;
esac

CleanupAndExit() {
  exit $1
}

Usage() {
  print -u2 "Usage: $PROGRAM_ID $PROGRAM_OPTS"
  print -u2 "	-d: Disable publishing default firmware"
  print -u2 "	-v: Verbose mode"
  print -u2 "	With no options, default firmware will be published"
  CleanupAndExit 1
}

Error() {
  print -u2 "$PROGRAM_ID: error, $1"
  return 0
}

Fatal() {
  print -u2 "$PROGRAM_ID: fatal, $1"
  exit 1
}

CheckUidIsZero() {
  case "$(id)" in
    'uid=0('*) return 0;;  # uid is zero
    *)         Fatal "must be run as UID 0 (root)";;
  esac
}

GetGroup() {
  $TRACING

  /opt/SUNWut/sbin/utgstatus | sed -ne 's/\([^ ]*\)[ ][ ]*T.*/\1/p'

  return 0
}

StopGroup() {
  $TRACING
  
  typeset OUTPUT_CNTL="1>/dev/null 2>&1" # output supression

  print "\nStopping Authentication Managers on $GROUP ..."

  for HOST in $GROUP; do
    if $VERBOSE; then
      print "\nStopping host '$HOST'"
      OUTPUT_CNTL="" # no output supression
    fi
    if $ENABLE_DEFAULT_FW; then
      eval $UTRCMD -n $HOST $UTO_BASEDIR/sbin/utfwadm -A -a -n all $OUTPUT_CNTL
      eval $UTRCMD -n $HOST $UTO_BASEDIR/sbin/utfwadm -A -a -N all $OUTPUT_CNTL
    fi
    eval $UTRCMD -n $HOST $UTO_BASEDIR/lib/utauthd -e
  done

  return 0
}

RestartGroup() {
  $TRACING
  
  typeset OUTPUT_CNTL="1>/dev/null 2>&1" # output supression

  print "\nRestarting Authentication Managers ..."

  for HOST in $GROUP; do
    if $VERBOSE; then
      print "\nRestarting host '$HOST'"
      OUTPUT_CNTL="" # no output supression
    fi
    eval $UTRCMD -n $HOST /etc/init.d/utsvc restart $OUTPUT_CNTL
  done

  return 0
}

WaitPeriod() {
  typeset -i PERIOD_LEN=$2
  typeset -i TIME_LEFT=$(expr $1 \* $PERIOD_LEN)

  print ""

  while (( $TIME_LEFT > 0 )); do
    print -n "Will restart Authentication Managers in $TIME_LEFT seconds  \r"
    sleep $PERIOD_LEN
    TIME_LEFT=$( expr $TIME_LEFT - $PERIOD_LEN )
  done

  print ""

  return 0
}

# main() {
BASEDIR=/etc/opt/SUNWut/basedir
UTPRODDIR="$BASEDIR"/lib

UTO_BASEDIR="$("$UTPRODDIR"/utprodinfo -r SUNWuto)/SUNWut"
UTRCMD="$UTO_BASEDIR/lib/utrcmd"

OPTSTR="dv"
PROGRAM_OPTS="[-dv]"

VERBOSE=false
ENABLE_DEFAULT_FW=true

while getopts $OPTSTR OPT 2>&-; do
  case "$OPT" in
    v) VERBOSE=true;;
    d) ENABLE_DEFAULT_FW=false;;
   \?) Usage;;
  esac
done
shift $(($OPTIND - 1))

if (( $# != 0 )); then
  Usage
fi

CheckUidIsZero

GROUP=$(GetGroup)

if [[ -z "$GROUP" ]]; then
  Fatal "unable to determine the trusted host group"
fi

StopGroup

WaitPeriod 12 5

RestartGroup

CleanupAndExit 0

# }
