#!/bin/sh -e

. /usr/share/debconf/confmodule

if [ ! -f /var/log/heimdal-kdc.log ]
then
	touch /var/log/heimdal-kdc.log
	chmod 600 /var/log/heimdal-kdc.log
fi

add_servers() {
kadmin_entry="kerberos-adm	stream	tcp	nowait	root	/usr/sbin/tcpd /usr/lib/heimdal-servers/kadmind"
hprop_entry="#krb_prop	stream	tcp	nowait	root	/usr/sbin/tcpd /usr/sbin/hpropd"

	update-inetd --group KRB5 --add "$kadmin_entry"
	update-inetd --group KRB5 --add "$hprop_entry"
}

enable_servers() {
	update-inetd --pattern '[ \t]/usr/lib/heimdal-servers/kadmind' --enable kerberos-adm
}

# if not configured, try moving existing configuration
if [ ! -f /etc/heimdal-kdc/.configured ] &&
   [   -f /var/lib/heimdal-kdc/.configured ]
then
        for i in kdc.conf kadmind.acl
        do
                if [ -f /var/lib/heimdal-kdc/$i ]
                then
                        mv /var/lib/heimdal-kdc/$i /etc/heimdal-kdc/$i
                fi
        done
        mv /var/lib/heimdal-kdc/.configured /etc/heimdal-kdc/.configured
fi

# if already configured - dont reconfigure
if [ ! -f /etc/heimdal-kdc/.configured ]
then
	# get default realm
	# should use krb5-config setting???
	if db_get krb5-config/default_realm && [ "x$RET" != "x" ]
	then
		default_realm="$RET"
	else
		default_realm="`hostname -d | tr a-z A-Z`"
	fi
	db_fget heimdal/realm seen
	if [ "$RET" != "true" ]; then
		db_set heimdal/realm "$default_realm"
	fi
	db_subst heimdal/realm default_realm "$default_realm"
	db_input medium heimdal/realm || true
	db_go
	db_get heimdal/realm; REALM="$RET"
	
	# get password
	db_input medium heimdal-kdc/password || true
	db_go
	db_get heimdal-kdc/password; PASSWORD="$RET"
	db_set heimdal-kdc/password ""
	
	DST=/etc/heimdal-kdc/kdc.conf
	cp -a /usr/share/doc/heimdal-kdc/examples/kdc.conf "$DST"
#	/usr/lib/heimdal-kdc/setconfig --file "$DST" --section realms::REALM.ORG "=$REALM"
	
	DST=/etc/heimdal-kdc/kadmind.acl
	cp -a /usr/share/doc/heimdal-kdc/examples/kadmind.acl "$DST"
	
	kstash --master-key-fd=0 <<EOF
$PASSWORD
EOF
	
	echo -e "\n\n" | kadmin -l init "$REALM" > /dev/null
	
	touch /etc/heimdal-kdc/.configured
fi

case "$1" in
abort-upgrade | abort-deconfigure | abort-remove)
	;;
configure)
	if [ -z "$2" ]
	then
		add_servers
	elif dpkg --compare-versions "$2" le "0.7.2.dfsg.1-6"
	then
		enable_servers
	fi
	;;
*)
	printf "$0: incorrect arguments: $*\n" >&2
	exit 1
	;;
esac

	
#DEBHELPER#