#!/bin/sh
# $NetBSD: script,v 1.3 2005/01/18 18:12:55 peter Exp $

BACKUPDIR="/var/sushi"
CONFFILE="/etc/security.conf"
BACKUP="${BACKUPDIR}/security.conf"

echo "Saving changes..."

if [ ! -d $BACKUPDIR ]; then
	mkdir $BACKUPDIR
	chown root:wheel $BACKUPDIR
	chmod 700 $BACKUPDIR
fi

# create a backup
cp -p $CONFFILE $BACKUP
if [ $? -ne 0 ]; then
	echo "Can't create a backup"
	exit 1
fi

# temporary files
cp -p $BACKUP $BACKUP.new
cp -p $BACKUP $BACKUP.old

. /etc/defaults/security.conf
. $CONFFILE

a=1
for i in `/usr/share/sushi/system/securityconf/script3`
do
	new=$(echo `eval echo \\$${a}` | sed -e 's/ $//' | sed -e 's/^0*//')
	old=`eval echo \\$${i}`
	if [ "$new" != "$old" ]; then
		line=`grep -n $i $BACKUP | cut -f1 -d:`
		# if no such line, add a new entry, otherwise edit the entry.
		if [ -z "$line" ]; then
			if [ "$new" = "YES" -o "$new" = "NO" ]; then
				echo "$i=$new" >> $BACKUP.new
			else
				echo "$i=\"$new\"" >> $BACKUP.new
			fi
		else
			sed "${line}s/$old/$new/" < $BACKUP.old > $BACKUP.new
			if [ $? -ne 0 ]; then
				echo "sed failed"
				rm -f $BACKUP.new $BACKUP.old
				exit 1
			fi
		fi
		cp -p $BACKUP.new $BACKUP.old
	fi
	a=`expr $a + 1`
done

cp -p $BACKUP.new $CONFFILE

if [ $? -eq 0 ]; then
	echo "Successfully wrote a new $CONFFILE"
	echo ""
	cat $CONFFILE
else
	echo "Failed to write a new $CONFFILE"
fi

rm -f $BACKUP.new $BACKUP.old

exit 0
