#!/bin/sh -
#
# @(#)mk-afs-wrapper	1.7 (hursley) 11/1/96
# /afs/hursley.ibm.com/common/src/afs/@cell/rs_aix32/usr/local/sbin/mk-afs-wrapper/SCCS/s.mk-afs-wrapper
#
# NAME		mk-afs-wrapper
# AUTHOR	Paul Blackburn <mpb@acm.org>
# PURPOSE	Wrapper to get AFS authentication and then start a daemon.
#
# USAGE		mk-afs-wrapper -d daemon -u AFS-ID -p passwordfile -da dargs
#
# EXAMPLE       mk-afs-wrapper -d /usr/lib/sendmail -id postman \
#			/etc/security/pw6 -dargs "-bd -q30m"
#
# NOTES
#		See: ftp://ftp.transarc.com/pub/afs-contrib/tools/reauth/

CMD=`basename ${0}`

PATH=/usr/afsws/bin:${PATH}; export PATH
REAUTH=/usr/etc/mk-afs-reauth
PAGSH=/usr/afsws/bin/pagsh
WRAPPER=/tmp/${CMD}.wrapper.$$

export REAUTH PAGSH CMD

# functions

tstamp() {
	echo "`date '+''%H''%M'':%S'` ${CMD}: ${1}"
}

warning() {
	echo "${CMD} warning: ${1}" >&2
}

error() {
        echo "${CMD} error: ${1}" >&2
}

fatal() {
	echo "${CMD} fatal: ${1}" >&2
	exit 1
}


doit() {
	tstamp "${1}"
	eval ${1}

	retcode=$?
	if [ ${retcode} != 0 ]; then
		error "\$?=${retcode}"
	fi
}

usage()
{
	cat <<eeooff
Usage: ${CMD} [-?] -d daemon -id AFS-ID -p passwordfile -s sleeptime
where:
	-?               display this usage message
	-d daemon        command to be run
	-dargs args      arguments for daemon command line
        -id AFS-ID       AFS ID that daemon will run as
        -p passwordfile  name of file containing AFS password
        -s sleeptime     duration to sleep between AFS re-authentications

example: mk-afs-wrapper -d /usr/lib/sendmail -id postman -p /etc/security/pw6

eeooff
}

tstamp "version 1.7 commenced on `date '+%a %d %h %y'`"

# sanity checking

if [ ! -x ${PAGSH} ]; then
	fatal "cannot execute ${PAGSH}" 
fi
if [ ! -x ${REAUTH} ]; then
	fatal "cannot execute ${REAUTH}" 
fi

# command line processing

if [ -z "${1}" ]; then
	warning "missing command line arguments"
	usage
	exit 1
fi

while [ ! -z "${1}" ]
do
	case ${1} in
		-d )
			shift
			DAEMON="${1}"
			;;
		-dargs )
			shift
			DARGS="${1}"
			;;
		-id )
			shift
			AFS_ID="${1}"
			;;
		-p )
			shift
			PASSWORDFILE="${1}"
			;;
		-s )
			shift
			SLEEPFOR="${1}"
			;;

		? | -? )
			usage
			exit
			;;
		* )
			warning "unknown command line option: ${1}"
			;;
	esac
	shift 2>/dev/null
done
			
# Check the command line options given:

if [ ! -s "${PASSWORDFILE}" ]; then
	fatal "cannot read password file ${PASSWORDFILE}" 
fi

if [ ! -x "${DAEMON}" ]; then
	fatal "cannot execute daemon: ${DAEMON}"
fi

(pts ex "${AFS_ID}" 2>&1 | grep Name:) 2>&1 > /dev/null

if [ $? -ne 0 ]; then
	fatal "No such AFS user: ${AFS_ID}"
fi

if [ -z "${SLEEPFOR}" ]; then
	warning "null value specified for sleep between re-authenticating"
	SLEEPFOR=86400	# 24 hours
	warning "defaulting to ${SLEEPFOR}"
fi

export DAEMON AFS_ID PASSWORDFILE SLEEPFOR DARGS

# Create wrapper script

doit "touch ${WRAPPER}"
doit "chmod 700 ${WRAPPER}"

cat << eeooff > ${WRAPPER}
#!/bin/sh -
# 
# NAME		\${WRAPPER}
# CREATED	for \${LOGNAME} by \${CMD} on \`date\`
# PURPOSE	Script to start AFS authenticated daemon

# functions

error() {
        echo "\${CMD} error: \${1}" >&2
}
tstamp() {
        echo "\`date '+%H''%M'':%S'\` \${CMD}: \${1}"
}
doit() {
        tstamp "\${1}"
        eval \${1}

        retcode=\$?
        if [ \${retcode} != 0 ]; then
                error "\\\$?=\${retcode}"
        fi
}

CMD=\`basename ${WRAPPER}\`
tstamp "version 1.7 commenced on \`date '+%a %d %h %y'\`"
doit "groups"
doit "tokens # ante reauth"
doit "${REAUTH} ${SLEEPFOR} ${AFS_ID} < ${PASSWORDFILE}"
doit "tokens # post reauth"
doit "exec ${DAEMON} ${DARGS}"
eeooff

tstamp "completed"
doit "exec ${PAGSH} ${WRAPPER}"
