#!/bin/sh
#
# stateless
#
# chkconfig: 345 11 99
# description: action stateless
#
# Source the library functions
. /etc/rc.d/init.d/functions


ZONE="US/Mountain"

case "$1" in
	start) 
		echo -n "Starting stateless configuration: "

		if [ -r /etc/stateless_done ]
		then
			echo_failure
			echo
			echo "  already run!"
			exit $?
		fi

#initrd=xcat/netboot/fedora8/x86_64/compute/initrd.gz imgurl=nfs://rro000/install/netboot/fedora8/x86_64/compute/rootimg console=ttyS1,19200n8r BOOT_IMAGE=xcat/netboot/fedora8/x86_64/compute/kernel 
		cat /proc/cmdline | grep imgurl >/dev/null 2>&1

		if [ "$?" != "0" ]
		then
			echo_failure
			echo
			echo "  imgurl missing from /proc/cmdline, i.e. stateful!"
			exit $?
		fi

		for i in $(cat /proc/cmdline)
		do
			KEY=$(echo $i | awk -F= '{print $1}')
			VALUE=$(echo $i | awk -F= '{print $2}')

			if [ "$KEY" = "imgurl" ]
			then
				SERVER=$(echo $VALUE | awk -F/ '{print $3}')
			fi
		done

		if [ -z "$SERVER" ]
		then
			echo_failure
			echo
			echo "bogus server in imgurl"
			exit $?
		fi

		echo
		echo "         Universal Server: $SERVER"

		echo -n "         Syslog: "
		echo "*.* @$SERVER" >/etc/rsyslog.conf
 		echo_success
		echo

		if [ -r /etc/rc.d/init.d/ntpd ]
		then
			echo -n "         NTP: "
			if [ ! -r /etc/sysconfig/clock ]
			then
				echo "ZONE=\"$ZONE\"
UTC=true
ARC=false" >/etc/sysconfig/clock
			fi

			echo "server $SERVER
driftfile /etc/ntp/drift
multicastclient
broadcastdelay 0.008
disable auth
keys /etc/ntp/keys
trustedkey 65535
requestkey 65535
controlkey 65535" >/etc/ntp.conf

			echo "$SERVER" >/etc/ntp/step-tickers

 			echo_success
			echo
		fi

		if [ -r /etc/ldap.conf -a -r /etc/resolv.conf ]
		then
			echo -n "         LDAP: "

			DC=$(
				cat /etc/resolv.conf | \
				egrep '(domain|search)' | \
				head -1 | \
				awk '{print $2}' | \
				sed 's/\./,dc=/g' | \
				sed 's/^/dc=/'
			)

			echo "host $SERVER
base $DC
nss_base_passwd ou=People,$DC
nss_base_shadow ou=People,$DC
nss_base_group  ou=Group,$DC
timelimit 120
bind_timelimit 120
idle_timelimit 3600
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd
ssl no
tls_cacertdir /etc/openldap/cacerts
pam_password md5" >/etc/ldap.conf

			echo "URI ldap://$SERVER
BASE $DC
TLS_CACERTDIR /etc/openldap/cacerts" >/etc/openldap/ldap.conf

			cd /etc
			cp nsswitch.conf nsswitch.conf.ORIG
			sed -r 's/^((passwd|shadow|group):.*)/\1 ldap/' <nsswitch.conf.ORIG >nsswitch.conf

			cd /etc/pam.d
			cp system-auth system-auth.ORIG
			sed -r 's/(account\s+required\s+pam_unix.so)/account     sufficient    pam_ldap.so\n\1/' <system-auth.ORIG >system-auth

 			echo_success
			echo
		fi
		touch /etc/stateless_done
		;;
	stop)
		;;
	*)
		echo "Usage: stateless {start|stop}"
		exit 1
esac
