#!/bin/sh

. alterator-sh-functions
alterator_api_version=1

read_avahi()
{
	grep -Eqs '^<volume.*dnssd_lookup="1" mountpoint="/home/%\(USER\)/share"' /etc/security/pam_mount.conf.xml
}

read_homes()
{
	grep -Eqs '^<volume.*path="homes" mountpoint="/home/%\(USER\)"' /etc/security/pam_mount.conf.xml
}

enable_avahi()
{
	subst 's|</pam_mount>|<volume uid="5000-10000" fstype="cifs" dnssd_lookup="1" mountpoint="/home/%(USER)/share" options="sec=krb5,cruid=%(USERUID)" />\n</pam_mount>|' /etc/security/pam_mount.conf.xml

}

disable_avahi()
{
	subst 's|^<volume.*dnssd_lookup="1" mountpoint="/home/%(USER)/share".*$||' /etc/security/pam_mount.conf.xml
}

enable_homes()
{
	server=$(host $(host ldap | grep -v : | cut -d' ' -f4)| cut -d' ' -f5 | sed 's/\.$//'|grep -v '^$'|head -1)
	subst 's|<pam_mount>|<pam_mount>\n<volume uid="5000-10000" fstype="cifs" server="'$server'" path="homes" mountpoint="/home/%(USER)" options="sec=krb5,cruid=%(USERUID)" />|' /etc/security/pam_mount.conf.xml
}

disable_homes()
{
	subst 's|^<volume.*path="homes" mountpoint="/home/%(USER)".*$||' /etc/security/pam_mount.conf.xml
}


on_message() {
  case "$in_action" in
    read)
	! system-auth status | grep -qs krb5
	write_bool_param krb5 $?
        ! read_avahi
	write_bool_param avahi $?
	! read_homes
	write_bool_param homes $?
	;;
    write)
	if [ -n "$in_avahi" ]; then
		read_avahi || enable_avahi
	else
		read_avahi && disable_avahi
	fi
	if [ -n "$in_homes" ]; then
		read_homes || enable_homes
	else
		read_homes && disable_homes
	fi
	;;
  esac
}

message_loop
