#!/usr/bin/perl

# Copyright (C) 2000 NEC Corporation
# All Rights Reserved.

# RCS: $Id: passapache,v 1.1 2006/12/22 05:33:58 shodai Exp $

require "/opt/nec/wbmc/lib/wbmc.pl";


#-------------------------------------------------------------------
#
# [̾]
#    passapache - ApacheѤΥѥɥե뤪ӥ롼ץեκޥ
#
# []
#     : 0
#    ۾ : -1
#
# []
#    passapache [-pin filename] [-pout filename]
#               [-gin filename] [-gin2 filename] [-gout filename]
#
# []
#    (åϥǥե)
#    pin : ꥸʥΥѥɥեꤹ(/etc/shadow)
#    pout: Υѥɥեꤹ(/etc/httpd/passwd/shadow)
#    gin : ꥸʥΥ롼ץեꤹ(/etc/group)
#    gin2: ꥸʥΥɥ롼ץեꤹ(/etc/passwd)
#    gout: Υ롼ץեꤹ(/etc/httpd/passwd/group)
#
{
# 
$error = 0;
$USER_ORG = "/etc/shadow";
$GROUP_ORG = "/etc/group";
$GROUP2_ORG = "/etc/passwd";
$APACHE_USER = "/etc/opt/nec/wbmc/shadow";
$APACHE_GROUP = "/etc/opt/nec/wbmc/group";

# β
for ($i = 0; $i <= $#ARGV; $i++) {
	if ($ARGV[$i] eq "-pin") {
		if ($i == $#ARGV) {
			last;
		}
		$USER_ORG = $ARGV[++$i];
		next;
	}
	if ($ARGV[$i] eq "-pout") {
		if ($i == $#ARGV) {
			last;
		}
		$APACHE_USER = $ARGV[++$i];
		next;
	}
	if ($ARGV[$i] eq "-gin") {
		if ($i == $#ARGV) {
			last;
		}
		$GROUP_ORG = $ARGV[++$i];
		next;
	}
	if ($ARGV[$i] eq "-gin2") {
		if ($i == $#ARGV) {
			last;
		}
		$GROUP2_ORG = $ARGV[++$i];
		next;
	}
	if ($ARGV[$i] eq "-gout") {
		if ($i == $#ARGV) {
			last;
		}
		$APACHE_GROUP = $ARGV[++$i];
		next;
	}
	&usage;
	goto done;

}

#
# ꥸʥ뤫ǡ
#

# 桼եμ
if (-e "$USER_ORG") {
	$shadow_flag = 1;
	if (!&readFile("$USER_ORG", "shadow", *lines)) {
		$error = -1;
		goto done;
	}
	# 桼̾ȥѥɤʬ(ɬפʥǡ̵)
	for (@lines) {
		($user, $passwd, @data) = split(/:/, $_);
		$USER{$user}= $passwd;
	}
	($user, $passwd) = ("", "");
	@data = ();
}

# 롼ץեμ
if (!&readFile("$GROUP_ORG", "group", *lines)) {
	$error = -1;
	goto done;
}

# 롼̾ȥ롼ץ
# ӥ롼̾ȥ롼ֹʬ(ɬפʥǡ̵)
for (@lines) {
	$buf = $_;
	$buf =~ /^([^:]+):[^:]*:([^:]+):([^:]*)[\r\n]+$/;
	$group = $1;
	$group_num = $2;
	$user = $3;
	$user =~ s/\,/ /g;
	$GROUP{$group}= $user;
	$NUMBER{$group_num}= $group;
}
($group, $group_num, $user) = ("", "");

 # 桼եμ
if (!&readFile("$GROUP2_ORG", "passwd", *lines)) {
	$error = -1;
	goto done;
}

# 桼ν°륰롼פϿ(ɬפʥǡ̵)
for (@lines) {
	$buf = $_;
	$buf =~ /^([^:]+):([^:]+):([^:]+):([^:]+).+[\r\n]+$/;
	$user = $1;
	$passwd = $2;
	$my_num = $3;
	$group_num = $4;
	$USER_GROUP{$user} = $group_num;
	if (!$shadow_flag) {
		$USER{$user}= $passwd;
	}
	($user, $passwd) = ("", "");
}
($user, $group_num) = ("", "");

while (($name, $passwd) = each(%USER)) {
	$flag = 0;
	$passwd = "";
	if (!$NUMBER{$USER_GROUP{$name}}) {
		$NUMBER{$USER_GROUP{$name}} = $USER_GROUP{$name};
	}
	if (!$GROUP{$NUMBER{$USER_GROUP{$name}}}) {
		$GROUP{$NUMBER{$USER_GROUP{$name}}} = $name;
	} else {
		@buf = split (/,/, $GROUP{$NUMBER{$USER_GROUP{$name}}});
		for (@buf) {
			if ($_ eq $name) {
				$flag = 1;
				next;
			}
		}
		if (!$flag) {
			$GROUP{$NUMBER{$USER_GROUP{$name}}} .= " $name";
		}
	}
}

#
# ꥸʥ뤫ǡȿǤ
#

# 񤭽Фե(ǥ쥯ȥ)̵硢
if (! -e $APACHE_USER) {
	$DIR = $APACHE_USER;
	$DIR =~ s/^(.+)\/[^\/]+$/$1/;
	if (!open CREATE, "/bin/mkdir -p $DIR |") {
		$error = -1;
		goto done;
	}
	close(CREATE);
	if (!open CREATEFILE, "/bin/touch  $APACHE_USER |") {
		$error = -1;
		goto done;
	}
	close(CREATEFILE);
}

# ǡϤ
@lines = ();
while (($user, $passwd) = each(%USER)) {
	push(@lines, "$user:$passwd\n");
}

# ѡߥåѹ
if (chmod(0600, $APACHE_USER) != 1) {
	$error = -1;
}

# 桼եν񤭽Ф
if (!writeFile($APACHE_USER, "shadow", @lines)) {
	$error = -1;
	goto done;
}

# ѡߥåѹ
if (chmod(0400, $APACHE_USER) != 1) {
	$error = -1;
}

# 񤭽Фե(ǥ쥯ȥ)̵硢
if (! -e $APACHE_GROUP) {
	$DIR = $APACHE_GROUP;
	$DIR =~ s/^(.+)\/[^\/]+$/$1/;
	if (!open CREATE, "/bin/mkdir -p $DIR |") {
		$error = -1;
		goto done;
	}
	close(CREATE);
}

# ǡϤ
@lines = ();
while (($group, $passwd) = each(%GROUP)) {
	print OUT "$group: $passwd\n";
}

# 롼ץեν񤭽Ф
if (!writeFile($APACHE_GROUP, "group", @lines)) {
	$error = -1;
	goto done;
}

done:

exit($error);
}

# إɽ
sub usage {
print <<EOD;
Usage: passapache [-pin filename] [-pout filename] [-gin filename] [-gin2 filename] [-gout filename]
	
-pin              input original shadow file($USER_ORG)
-pout             output apache's password file($APACHE_USER)
-gin              input original group file($GROUP_ORG)
-gin2             input original password file($GROUP2_ORG)
-gout             output apache's group file($APACHE_GROUP)
)
EOD
return 0;
}
