#!/usr/bin/perl
# ----------------------------------------------------------------------
#  PROPRIETARY DATA of IMMUNIX INC.
#  Copyright (c) 2004, IMMUNIX (All rights reserved)
#
#  This document contains trade secret data which is the property of 
#  IMMUNIX Inc.  This document is submitted to recipient in 
#  confidence.  Information contained herein may not be used, copied or 
#  disclosed in whole or in part except as permitted by written agreement
#  signed by an officer of IMMUNIX, Inc.
#
# ----------------------------------------------------------------------

################################################################################
# ag_subdomain
#
#	Version 0.61
################################################################################

use strict;
use Immunix::Ycp;
use Data::Dumper;

# Subroutines
################################################################################

sub getSubdomainStatus {

	my $sdStatus = "disabled";

	open (LSMOD, "/sbin/lsmod |") || return ("Can't execute lsmod");
	while (<LSMOD>) {
		if (/\bsubdomain\b/) {
			$sdStatus = "enabled";
		}
	}
	close LSMOD;
      return $sdStatus if ( $sdStatus eq "disabled" );
       
       # Ok check that  there are profiles loaded to 
       # determine status
       my $profile = 0;
       open( PROFILES, "cat /subdomain/profiles|" );
         while (<PROFILES>) {
          # Hey YOU UGLY
           if ( /\// ) {
            #ok at least on profile
            $profile = 1;
            #break;
           }
         } 
      close PROFILES;
      $sdStatus = "disabled" if ( ! $profile ); 
      return $sdStatus;
}

sub getNotifySettings {

  my $config = { };
  if(open(CFG, "/etc/apparmor/notify.cfg")) {
    while(<CFG>) {
      chomp;
      $config->{$1} = $2 if /^(\S+)\s+(.+)\s*$/;
    }
    close(CFG);
  }

  return $config;
}


sub getNotifyStatus {

  my $config = getNotifySettings();

  my $noteStatus = "disabled";

  if($config->{terse_freq} && $config->{terse_freq} != 0) {
    $noteStatus = "enabled";
  } elsif($config->{summary_freq} && $config->{summary_freq} != 0) {
    $noteStatus = "enabled";
  } elsif($config->{verbose_freq} && $config->{verbose_freq} != 0) {
    $noteStatus = "enabled";
  } 

  return $noteStatus;
}

sub getLearnStatus {

    ############################################################
	#
    # Search the last entry in syslogs to see if subdomain
    # is in learning (complain) mode.
	#
	############################################################
	#
	# If subdomain is on:
	# 	1- Find the last subdomain activation
	#	2- Look for the complain flag 
	#
    ############################################################

	my $sdStatus = shift;

	if ($sdStatus eq 'enabled') {

	    my $logDir = '/var/log';
	    my $logFile = '/var/log/messages';
	    my @logList = ();
	    my $enabled = "disabled";    # default

	    my @logFileList = ();   # master logfile list

	    # Add main log
	    if ( -e $logFile ) { push(@logFileList, $logFile); }

	    # Create list of subdomain activation prospects from Old logfiles
	    opendir(LDIR, $logDir) || die "Can't opendir $logDir: $!";
	    my @otherLogs = grep { /messages\.\d+/ && -f "$logDir/$_" } readdir(LDIR);
	    closedir LDIR;

	    if (@otherLogs > 0) { push(@logFileList, @otherLogs); }

	    if (@logFileList < 1 ) { return "disabled"; }    # Nothing to see here, move along, move along

	    # Grep list of log files
	    for (@logFileList) {

	        #print "Checking $_\n";
	        open (LOG, "<$_") || die "Can't open $_";
	        @logList = grep(/SubDomain\s+initialized/, <LOG>);
	        close LOG;

	        if (@logList > 0) {
	            # Check latest log entry
	            if ( $logList[$#logList] =~ /SubDomain\s+initialized\:\s+complainmode\s+enabled/ ) {
	                return "enabled";
	            } else {
	                return "disabled";   # Subdomain NOT in complain mode
	            }
	        }
	    }

	}

	# Should only be here if subdomain if off
    return "disabled";
}

# Main 
################################################################################


while ( <STDIN> ) {

    my ($command, $path, $argument) = Immunix::Ycp::ParseCommand ($_);

	my $result = undef;
        my $donereturn = 0;
	if ( $command && $path && $argument ) {
		if ( $argument eq 'sd-all') {
			my %hResult = '';		# hashed result, duh 
			$hResult{'sd-status'} = getSubdomainStatus();
			$hResult{'sd-notify'} = getNotifyStatus();
			$hResult{'sd-learn'} = getLearnStatus();
			Immunix::Ycp::ycpReturnHashAsMap( %hResult );
			$donereturn = 1;
		} elsif ( $argument eq 'sd-status') {
			$result = getSubdomainStatus();
		} elsif ( $argument eq 'sd-notify') {
			$result = getNotifyStatus();
		} elsif ( $argument eq 'sd-notify-settings') {
			$result = getNotifySettings();
			Immunix::Ycp::ycpReturn($result);
                        $donereturn = 1;
		} elsif ( $argument eq 'sd-learn') {
			my $sdStatus = getSubdomainStatus();
			$result = getLearnStatus($sdStatus);
		}

		Immunix::Ycp::ycpReturnSkalarAsString( $result ) if ( ! $donereturn );

	} else {

		my $ycpCmd = ycpGetCommand() || "";
		my $ycpArg = ycpGetArgType() || "";
		$result = "Unknown instruction $ycpCmd or argument: $ycpArg\n";
		Immunix::Ycp::ycpReturnSkalarAsString( $result );
	}
}

exit 0;



