#!/bin/bash

. /lib/lsb/init-functions

export PROJECT=parsec
export PARSECFS_DIR=${PROJECT}fs

#
# Set 'NO CHMOD +X' flag
#
set_nochmodx()
{
	cat /etc/${PROJECT}/nochmodx > /$PARSECFS_DIR/nochmodx;
	return $?
}

#
# Unset 'NO CHMOD +X' flag
#
unset_nochmodx()
{
	echo -n "0" 2>/dev/null > /$PARSECFS_DIR/nochmodx
	return $?
}

#
# Clear private dirs.
#
clear_private() {

    for d in `find /var/private/*/* 2>/dev/null`
	do
	    rm -rf $d;
    done

    return $?;
}

set_env()
{
	CHMAC="/usr/sbin/pdpl-file"
	CHMAC_EQU="$CHMAC -f :::ehole"
	EQU_FILES="/dev/tty /dev/dsp /dev/snd/* /run/shm"
	#/dev/ptmx /dev/null /dev/full

	for EQUF in $EQU_FILES;
	    do
		$CHMAC_EQU $EQUF;
	done

	if [ "$(stat -c %d:%i /)" != "$(stat -c %d:%i /proc/1/root/.)" ]; 
	    then
		echo -n "We are chrooted, skip pdp-init-fs"
	else
		/bin/mount --make-rshared /;
		mkdir -p /run/user/private 2> /dev/null
		mkdir -p /run/private/mount 2> /dev/null
		mkdir -p /run/private/shm 2> /dev/null
		mkdir -p /run/firejail 2> /dev/null
		/usr/sbin/pdp-init-fs;
	fi
}

set_daud() {

	local flags;

	if flags=`/usr/sbin/useraud -o 2>/dev/null`;
	    then
		/usr/bin/psaud $PPID $flags;
		return $?;
	fi
	return 0;
}

case "$1" in
  start)
	log_action_begin_msg "Set up PARSEC ENV"
	set_env
	log_action_end_msg $?

	log_action_begin_msg "Clear Private Directory"
	clear_private
	log_action_end_msg $?

	log_action_begin_msg "Setting default audit"
	set_daud
	log_action_end_msg $?

	log_action_begin_msg "Set NO CHMOD +X flag"
	set_nochmodx
	log_action_end_msg $?

	systemctl --no-ask-password daemon-reload
	;;
  stop)
	log_action_begin_msg "UnSet NO CHMOD +X flag"
	unset_nochmodx
	log_action_end_msg $?

	;;
  *)
	echo $"Usage: $0 {start|stop}"
	exit 1
esac

exit $?
