#!/bin/bash

LOG=/opt/rh/httpd24/root/var/log/httpd/alt-suexec.log
declare -A list_of_suexec



list_of_suexec[home]="DOCUMENT ROOT /home/ MIN_UID 500 MIN_GID 100 CALLER apache"
list_of_suexec[www]="DOCUMENT ROOT /var/www/ MIN_UID 500 MIN_GID 100 CALLER apache"

function show_available_suexec(){
    for k in "${!list_of_suexec[@]}"
    do
	CONF=`echo $k | tr '[:lower:]' '[:upper:]'`
	echo "USE_$CONF - ${list_of_suexec[$k]}"
    done
}

function get_suexec_from_config(){
    if [ -f /opt/rh/httpd24/root/etc/sysconfig/alt-suexec24 ]; then
	cat /opt/rh/httpd24/root/etc/sysconfig/alt-suexec24 | grep USE_ | cut -d_ -f2 | tr '[:upper:]' '[:lower:]' | tr -d '\n'
    fi
}

function get_permission_of_suexec(){
    if [ -f /opt/rh/httpd24/root/etc/sysconfig/alt-suexec24 ]; then
	RES=`cat /opt/rh/httpd24/root/etc/sysconfig/alt-suexec24 | grep OWNER= | cut -d= -f2 | tr -d '\n'`
	if [ -n "$RES" ]; then
	    echo -n "$RES"
	fi
    fi
    echo "root:apache"
}
function get_path_of_suexec(){
    if [ -f /opt/rh/httpd24/root/etc/sysconfig/alt-suexec24 ]; then
	RES=`cat /opt/rh/httpd24/root/etc/sysconfig/alt-suexec24 | grep PATH= | cut -d= -f2 | tr -d '\n'`
	if [ -n "$RES" ]; then
	    echo -n ${RES%/}
	fi
    fi
    echo "/opt/rh/httpd24/root/usr/sbin/"
}


function copy_needed_suexec(){
    echo "$(date) Begin suexec installation " >> $LOG
    PARAM=`get_suexec_from_config`
    PERM=`get_permission_of_suexec`
    PATHS=`get_path_of_suexec`
    echo "$(date) Detected $PARAM with owners $PERM for path $PATHS" >> $LOG
    for k in "${!list_of_suexec[@]}"
    do
	if [ "$k" == "$PARAM" ]; then
	    if [ -e "$PATHS"/suexec.bkp ]; then
		echo "$(date) $PATHS/suexec.bkp already exists" >> $LOG
	    else
		echo "$(date) $PATHS/suexec creating" >> $LOG
		RESULT=`cp $PATHS/suexec "$PATHS"/suexec.bkp 2>&1`
		echo "$(date) $RESULT" >> $LOG
	    fi
	    RESULT=`cp -f /opt/alt/suexecs24/suexec.$k "$PATHS"/suexec 2>&1`
	    echo "$(date) $RESULT" >> $LOG
	    RESULT=`chown "$PERM" "$PATHS"/suexec 2>&1`
	    echo "$(date) $RESULT" >> $LOG
	    RESULT=`chmod 4510 "$PATHS"/suexec 2>&1`
	    echo "$(date) $RESULT" >> $LOG
	    echo "$(date) End suexec24 installation " >> $LOG
	    return
	fi
    done
    echo "$(date) Unknown suexec type in /opt/rh/httpd24/root/etc/sysconfig/alt-suexec24" >> $LOG
    echo "$(date) End suexec installation " >> $LOG
}

function show_help(){
    echo " -l - list of available suexec"
    echo " -u - update suexec according to /opt/rh/httpd24/root/etc/sysconfig/alt-suexec24"
    echo " -s - set new suexec and install it"
    echo " -p - set new suexec path and install it"
    echo " -o - set new suexec owners and install it"
    echo " -r - restore native apache suexec"
}

function is_type_available(){
    P="$1"
    P1=`echo "$P" | grep USE_`
    if [ -n "$P1" ]; then
	P2=`echo "$P1" | cut -d_ -f2 | tr '[:upper:]' '[:lower:]' | tr -d '\n'`
    for k in "${!list_of_suexec[@]}"
    do
	if [ "$k" == "$P2" ]; then
	    CONF=`echo $k | tr '[:lower:]' '[:upper:]'`
	    echo -n "USE_$CONF"
	fi
    done
    fi
    echo ""
}
function replace_param(){
    grep -v "^$1" /opt/rh/httpd24/root/etc/sysconfig/alt-suexec24 > /opt/rh/httpd24/root/etc/sysconfig/alt-suexec24
    echo "$2" >> /opt/rh/httpd24/root/etc/sysconfig/alt-suexec24
}

function restore_suexec(){
    PARAM=`get_suexec_from_config`
    PERM=`get_permission_of_suexec`
    PATHS=`get_path_of_suexec`
    echo "$(date) Detected $PARAM with owners $PERM for path $PATHS" >> $LOG
    if [ -e "$PATHS"/suexec.bkp ]; then
	echo "$(date) $PATHS/suexec.bkp restoring" >> $LOG
	RESULT=`mv -f $PATHS/suexec.bkp "$PATHS"/suexec 2>&1`
	echo "$(date) $RESULT" >> $LOG
    fi
}

if [ "$(id -u)" != "0" ]; then
   echo "This script must be run as root" 1>&2
   exit 1
fi

while getopts ":hlrus:p:o:" opt; do
  case $opt in
    s)
	RES=`is_type_available "$OPTARG"`
	if [ -n "$RES" ]; then
	    replace_param "USE_" "$RES"
	    copy_needed_suexec
	fi
      ;;
    p)
	if [ -n "$OPTARG" -a -d "$OPTARG" ]; then
	    replace_param "PATH=" "PATH=$OPTARG"
	    copy_needed_suexec
	fi
      ;;
    o)
	if [ -n "$OPTARG" ]; then
	    replace_param "OWNER=" "OWNER=$OPTARG"
	    copy_needed_suexec
	fi
      ;;
    u)
      copy_needed_suexec
      exit 0
      ;;
    r)
      restore_suexec
      exit 0
      ;;
    l)
      show_available_suexec
      exit 0
      ;;
    h)
      show_help
      exit 0
      ;;
    \?)
      echo "Invalid option: -$OPTARG" >&2
      exit 1
      ;;
    :)
      echo "Option -$OPTARG requires an argument." >&2
      exit 1
      ;;
  esac
done
