#!/bin/bash
cd /
image=$1

for i in /home/*
do
   if [ -f $i/websm.script ]
   then
      rm -f $i/websm.script
   fi
done
chown bin.bin /opt/hsc/bin/initNetscape
chmod 555 /opt/hsc/bin/initNetscape
for i in $image/RPMS/*.rpm
do
  rpm -Fvh $i --nodeps
done
if [ ! -f /opt/hsc/data/.ssh_enabled ]
then
   /sbin/chkconfig --del sshd
fi
tar -xf $image/hsc.tar

grep "HMC Security Fix R3 (2003-07-26)" /opt/hsc/data/version 2>&1 >/dev/null
if [ $? -ne 0 ]
then
  echo "HMC Security Fix R3 (2003-07-26)" >>/opt/hsc/data/version
fi
LANG=en_US
export LANG
if [ ! -d /usr/hmcrbin ]
then
   mkdir /usr/hmcrbin
fi
if [ ! -d /hmcrbin ]
then
   mkdir /hmcrbin
fi
x=`find /opt/hsc/bin/ -type l -print`
for i in $x
do
   file $i | grep "/opt/hsc/bin/commandcontrol" 2>/dev/null
   if [ $? -eq 0 ]
   then
      b=`/bin/basename $i`
      if [ -L /usr/hmcrbin/$b ]
      then
         rm -f /usr/hmcrbin/$b
      fi
      ln -s $i /usr/hmcrbin/
   fi
done
for i in `cat $image/restrictedCommands`
do
   d=`/usr/bin/dirname $i`
   f=`/bin/basename $i`
   if [ "$d" = "/bin" ]
   then
     if [ ! -f /hmcrbin/$f ]
     then
        if [ -L $i ]
        then
          ln -s $i /hmcrbin/ 2>&1 >/dev/null
        else
          ln $i /hmcrbin/ 2>&1 >/dev/null
        fi
     fi
   fi
   if [ "$d" = "/usr/bin" ]
   then
      if [ ! -f /usr/hmcrbin/$f ]
      then
        if [ -L $i ]
        then
           ln -s $i /usr/hmcrbin/ 2>&1 >/dev/null
        else
           ln $i /usr/hmcrbin/ 2>&1 >/dev/null
	fi
      fi
    fi
done
cd /home
for i in *
do
   /opt/hsc/sbin/setupssh $i
done
grep "/lib/" /etc/pam.d/su | grep ^auth | grep root-members 2>/dev/null
if [ $? -eq 1 ]
then
   echo "auth       sufficient   /lib/security/pam_stack.so service=root-members" >> /etc/pam.d/su
fi
grep "/lib/" /etc/pam.d/su | grep ^auth | grep pe-members 2>/dev/null
if [ $? -eq 1 ]
then
   echo "auth       sufficient   /lib/security/pam_stack.so service=pe-members" >> /etc/pam.d/su
fi
grep "/lib/" /etc/pam.d/su | grep ^auth | grep pam_deny.so  2>/dev/null
if [ $? -eq 1 ]
then
   echo "auth       required   /lib/security/pam_deny.so" >> /etc/pam.d/su
fi
mv $image/runUpdate /opt/hsc/bin/runUpdate
v=`/opt/hsc/bin/hsc version |grep Version |cut -d':' -f2 | cut -d'.' -f1`
if [ "$v" = " 1" ]
then
   cp $image/commandcontrol.r31x /opt/hsc/bin/commandcontrol
else if [ "$v" = " 2" ]
  then
     cp $image/commandcontrol.r32x /opt/hsc/bin/commandcontrol
  fi
fi
exit 0
