#!/bin/sh

pamdir=/etc/pam.d
pamcommon="login su sumac sumac.xauth fly-dm fly-dm-np xrdp-sesman"

install_pam_aud()
{
	if grep -q 'session required pam_parsec_cap.so' $1; then
		pam_parsec_cap_present=1
	else
		pam_parsec_cap_present=0
	fi
	awk 'BEGIN{ \
			is_aud_session=0; \
		} \
		{ \
			print $0; \
			if ('$pam_parsec_cap_present' == 1)  { \
				if (is_aud_session == 0 && $1 ~ "session" && $2 ~ "required" && $3 ~ "pam_parsec_cap.so") { \
					print "session required pam_parsec_aud.so"; \
					is_aud_session = 1 \
				} \
			} \
			else { \
				if (is_mac_session == 0 && $1 ~ "@include" && $2 ~ "common-session") { \
					print "session required pam_parsec_aud.so"; \
					is_aud_session = 1 \
				} \
			} \
		}' $1
}

uninstall_pam_aud()
{
	egrep -v 'pam_parsec_aud.so' $1
}

del()
{
	for cfg in $pamcommon; do
		if [ ! -w $pamdir/$cfg ]; then
			continue
		fi
		uninstall_pam_aud $pamdir/$cfg > $pamdir/$cfg.parsec
		mv $pamdir/$cfg.parsec $pamdir/$cfg
	done
}

add()
{
	for cfg in $pamcommon; do
		if [ ! -w $pamdir/$cfg ]; then
			continue
		elif grep -q 'pam_parsec_aud.so' $pamdir/$cfg; then
			echo -e "$0: has already been added into $pamdir/$cfg"
			continue
		fi
		install_pam_aud $pamdir/$cfg > $pamdir/$cfg.parsec
		mv $pamdir/$cfg.parsec $pamdir/$cfg
	done
}

fix()
{
	del
	add
}

case "$1" in
  add)
	add
	errcode=$?
	;;
  del)
	del
	errcode=$?
        ;;
  fix)
	fix
	errcode=$?
	;;
  *)
	echo "Usage: $0 {add|del|fix}" >&2
	exit 1
	;;
esac

exit $errcode
