#!/bin/sh

set -e

# remove old link

if [ -L /etc/alternatives/sudo ]; then
	rm /etc/alternatives/sudo
fi

# complain if no sudoers file is present
if [ ! -f /etc/sudoers ];then
	echo "WARNING:  /etc/sudoers not present!";
fi

# modify nsswitch.conf if needed
if [ -z "`grep \"^sudoers:\" /etc/nsswitch.conf`" ]
then
	echo "sudoers:	files ldap" >> /etc/nsswitch.conf
fi

# handle state directory transition from /var/run/sudo to /var/lib/sudo,
# moving any existing content over to avoid re-lecturing existing users
if [ -d "/var/run/sudo" ];then
    mkdir -p /var/lib/sudo
    (cd /var/run/sudo ; tar cf - .) | (cd /var/lib/sudo ; tar xf -)
    rm -rf /var/run/sudo
fi

# make sure sudoers has the correct permissions and owner/group
chown root:root /etc/sudoers
chmod 440 /etc/sudoers

update-rc.d -f sudo remove >/dev/null 2>&1

update-rc.d sudo start 75 2 3 4 5 . >/dev/null

# create symlink to ease transition to new path for ldap config
# if old config file exists and new one doesn't
if [ -e /etc/ldap/ldap.conf -a ! -e /etc/sudo-ldap.conf ];then
	ln -s ldap/ldap.conf /etc/sudo-ldap.conf
fi

# if we've gotten this far .. remove the saved, unchanged old sudoers file
rm -f /etc/sudoers.pre-conffile

# make sure we have a sudo group

[ -n "`getent group sudo`" ] && exit 0   # we're finished if there is a group sudo:

# start search with gid 27
gid="27"
while [ -n "`getent group $gid | cut -d: -f3`" ];do
	gid=`expr $gid + 1`
done


if [ "$gid" -ne "27" ];then
	echo "On Debian we normally use gid 27 for 'sudo'."
	gname="`getent group 27 | cut -d: -f1`"
	echo "However, on your system gid 27 is group '$gname'."
	echo ""
	echo "Would you like me to stop configuring sudo so that you can change this?"; 
	while true;do
		echo -n "(Enter 'yes' to stop, enter to continue): "
		read ans
		[ "$ans" = "" ] && break
        	if [ "$ans" = "yes" -o "$ans" = "YES" ];then
			echo "'dpkg --pending --configure' will restart the configuration."
			exit 1;
		fi
		echo "Please enter exactly 'yes' to stop, or press the enter key to continue without stopping"
	done
fi

echo "Creating group 'sudo' with gid = $gid";
groupadd -g $gid sudo

echo ""

#DEBHELPER#