#!/bin/ksh
#
#ident	"@(#)postremove	1.15	05/05/25 SMI"
#
# Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#
# STAF postremove
#

# variables
tfile=/tmp/pkg.tmp
stafservice=/tmp/staf-tcp.conf
version=`/usr/bin/uname -r|awk -F. '{print $2}'`

# functions

# kill the named process(es)
killproc() {
        pid=`/usr/bin/ps -e |
             /usr/bin/grep -w $1 |
             /usr/bin/sed -e 's/^  *//' -e 's/ .*//'`
        [ "$pid" != "" ] && kill -HUP $pid
}

### MAIN ###

# remove from /etc/inet/services
cat /etc/inet/services | sed -e /staf/d > $tfile
mv $tfile /etc/inet/services
chmod 444 /etc/inet/services

# remove from /etc/inet/inetd.conf
cat /etc/inet/inetd.conf | sed -e /staf/d > $tfile
mv $tfile /etc/inet/inetd.conf
chmod 444 /etc/inet/inetd.conf

# added for starting staf service after solaris 10 greeline(build 65) 
if [ $version -gt 9 ]
then
	/usr/sbin/svccfg delete -f svc:/network/staf/tcp:default >/dev/null 2>&1
	
fi


# restart inetd
killproc inetd


# remove from /etc/dfs/dfstab
cat /etc/dfs/dfstab | sed -e /staf/d > $tfile
mv $tfile /etc/dfs/dfstab
chmod 644 /etc/dfs/dfstab
/etc/init.d/nfs.server stop

# remove staf directory
rm -rf /opt/SUNWstaf

#added for removing all the files created or revert all the changes made during the HCTS installation

# Change files back to as they were before HCTS installation
cat /etc/default/login | sed -e 's/#CONSOLE=/CONSOLE=/' > /tmp/etc_default_login
mv /tmp/etc_default_login /etc/default/login

# Remove files and directories created

if [ -f /.rhosts ]
then
	rm -f /.rhosts
fi

if [ -d /export/home/nfs ]
then
	rm -rf /export/home/nfs
fi

if [ -d /mnt/nfstest ]
then
	mountpoint=`mount|grep /mnt/nfstest|awk '{print $1}'`
	mountnum=`mount|grep /mnt/nfstest|awk '{print $1}'|wc -l`
	 
	if [ $mountnum != 0 ]
	then
		for i in $mountpoint
		do
			if [ $i != "/mnt/nfstest" ]
			then
				cd /
				umount $i >/dev/null 2>&1
			fi
		done
		cd /
		umount /mnt/nfstest >dev/null 2>&1
	fi

	rm -rf /mnt/nfstest
fi

if [ -d /export/home/tmp ]
then
	rm -rf /export/home/tmp
fi

if [ `grep -c '/export/home/nfs' /etc/dfs/dfstab` != 0 ]
then
	cat /etc/dfs/dfstab | sed -e '/HCTS/d' > /tmp/etc_dfs_dfstab
	mv /tmp/etc_dfs_dfstab /etc/dfs/dfstab
	rm -f /tmp/etc_dfs_dfstab
fi

# Revert ftpaccess to as it was before HCTS install
if [ $version -gt 8 ]; then
   awk ' {
           if ( ($1 == "overwrite") && ($3 == "anonymous") )
		$2 = "      no             ";
           if ( ($1 == "delete") && ($3 == "anonymous") )
		$2 = "         no             ";
           if( ($1 == "upload") && ($2 == "class=anonusers") )
		{$2 = "         class=anonusers"; $3 = "   *"; $5  = "no"; $6 = "  nodirs"; }
           if( ($1 == "allow-retrieve") && ($2 == "absolute") && ($3 == "class=anonusers") && ($4 == "/export/home/ftp") )
              next;
           print $0
         }' /etc/ftpd/ftpaccess > /tmp/ftpaccess
         mv /tmp/ftpaccess /etc/ftpd/ftpaccess
fi

# Revert all the additions made by setup_anon_ftp
# Some of these are already part of postremove.

# Remove directory ftp and all subdirectories
if [ -d /export/home/ftp ] 
then
	rm -rf /export/home/ftp
fi

if [ ! -z "`getent passwd ftp`" ]
then
	mv /etc/passwd /etc/passwd.bak
        cat /etc/passwd.bak | sed -e /ftp/d > /etc/passwd
        chmod 444 /etc/passwd
fi

rm -f /etc/passwd.bak

if [ -f /etc/shadow.bak ]
then
	mv /etc/shadow.bak /etc/shadow
fi


if [ ! -z "`grep 'ftp:NP:6445::::::' /etc/shadow`" ]
then
	mv /etc/shadow /etc/shadow.bak
        cat /etc/shadow.bak | sed -e /ftp/d > /etc/shadow
#        chmod 400 /etc/shadow
fi

if [ ! -z "`grep 'nobody:zFs1NS7haBA3w:::::::' /etc/shadow`" ]
then
	mv /etc/shadow /etc/shadow.bak
        cat /etc/shadow.bak | sed -e /zFs1NS7haBA3w/d > /etc/shadow
        chmod 400 /etc/shadow
fi

rm -f /etc/shadow.bak

if [ -d /dev/cua ]
then
	chown -h root /dev/cua/*
	chown root /dev/cua/*
fi


#add for starting staf service after solaris 10 greeline(build 65) 
if [ -f $stafservice ]
then
	rm -f $stafservice
fi

# Recover config file for ssh
#Modify /etc/ssh/ssh_config and set StrictHostKeyChecking from no to ask
awk '{ if($1=="StrictHostKeyChecking") {$1="#   StrictHostKeyChecking";$2="ask"};print $0}' \
/etc/ssh/ssh_config > /tmp/ssh_config
mv /tmp/ssh_config /etc/ssh/ssh_config
/usr/bin/chgrp sys /etc/ssh/ssh_config

#Root logins permitted using sshd.Modify /etc/ssh/sshd_config and set
#PermitRootLogin from yes to no
awk '{if(($1=="PermitRootLogin")&&($2=="yes")) $2="no";print $0}' /etc/ssh/sshd_config > /tmp/sshd_config
mv /tmp/sshd_config /etc/ssh/sshd_config
/usr/bin/chgrp sys /etc/ssh/sshd_config

if [ -d /.ssh.hcts.bak -a -d /.ssh ]
then
	rm -r "/.ssh"
	mv /.ssh.hcts.bak /.ssh
else 
	if [ -d /.ssh ]
	then
		rm -r "/.ssh"
	fi
fi

#end add 

