#!/bin/bash
set -e

function kerberos-kind() {
    if dpkg --status heimdal-clients | grep " install " > /dev/null ; then
	KRB5KIND=HEIMDAL
    else
	if dpkg --status krb5-user | grep " install " > /dev/null ; then
	    KRB5KIND=MIT
	else
	    KRB5KIND=UNKNOWN
	fi
    fi
}

function kerberos-realm() {
    KRB5REALM=`egrep "[[:blank:]]*default_realm" /etc/krb5.conf | awk '{ print $3 }'`
}

kerberos-kind
kerberos-realm

case $KRB5KIND in
    HEIMDAL)
	if ktutil -k /etc/krb5.keytab list | grep host/`hostname -f`@${KRB5REALM} ; then
	    echo "Keytab for salsautd seams to be good"
	else
	    echo "Didn't find the keytab needed for method kerberos5 for saslauthd"
	fi
    ;;
    MIT)
	if klist -k /etc/krb5.keytab | grep host/`hostname -f`@${KRb5REALM} ; then
	    echo "Keytab for saslauthd seams to be good"
	else
	    echo "Didn't find the keytab needed for method kerberos5 for saslauthd"
	fi    
	;;
    *)
	echo "I don't know this kind of kerberos, so I can't validate the keytab"	
esac

TMPPROG=`mktemp`
TMPFILE=`mktemp`
cp /etc/default/saslauthd ${TMPFILE}
cp /etc/default/saslauthd /etc/default/saslauthd.dpkg-tp-task-gemeas.old

echo "/^[[:blank:]]*MECHANISMS=/ { print \"MECHANISMS='kerberos5'\"} ; ! /^[[:blank:]]*MECHANISMS=/ {print} ;" > ${TMPPROG}

awk -f ${TMPPROG} ${TMPFILE} > /etc/default/saslauthd

cp -f /etc/default/saslauthd  ${TMPFILE}
echo "/^[[:blank:]]*START=/ { print \"START=yes\"} ; ! /^[[:blank:]]*START=/ {print} ;" > ${TMPPROG}

awk -f ${TMPPROG} ${TMPFILE} > /etc/default/saslauthd

rm ${TMPFILE}
rm ${TMPPROG}

if egrep "^[[:blank:]]*START=yes" /etc/default/saslauthd ; then
    echo "saslauthd is enabled"
else
    echo "saslauth maybe disabled, pay attention"
fi
