#!/usr/bin/perl
# IBM(c) 2007 EPL license http://www.eclipse.org/legal/epl-v10.html
#(C)IBM Corp

#

#-----------------------------------------------------------------------------

=head1   aixremoteshell 

   This sets up the remote shell for rooton the AIX node,such that root can
   login using with no password. The default is /bin/rsh and
   /bin/rcp but can be overriden by setting the useSSHonAIX attribute in the 
   site table to yes, in which case we will use ssh/scp.
=cut

#-----------------------------------------------------------------------------

#
#  If USESSHONAIX does not exist or is no or 0 then
#     setup .rhosts on the node
#  else (ssh)
#     setup the ssh keys on the node
#  end

# MAIN
use strict;
my $rc = 0;

# Override from site table
my $usesshonaix = $ENV{'USESSHONAIX'};
my $master      = $ENV{'MASTER'};
my $node        = $ENV{'NODE'};
my $msg;
my $home;
my $cmd;
my $username = "root";
my @root = split ':', (`/bin/grep ^$username /etc/passwd 2>&1`);
$home = $root[5];
#  root home directory must be root system 
$rc = &runcmd("chown root $home");
if ($rc != 0)
{
   exit 1;
}
$rc = &runcmd("chgrp system $home");
if ($rc != 0)
{
   exit 1;
}
if ($home eq "\/")
{
    $home = "";
}

$usesshonaix =~ tr/a-z/A-Z/;    # convert to upper
if ((!defined($usesshonaix)) || ($usesshonaix eq "0") || ($usesshonaix eq "NO"))
{                               # setting up rsh
                                # setup .rhosts if not already setup
    $cmd = "/bin/grep \"^$master root\" $home/.rhosts";
    `$cmd 2>&1`;
    my $rc = $? >> 8;
    if ($rc)
    {                           # if not found, then add entry in .rhosts
        &runcmd("/bin/echo $master root >> $home/.rhosts");
        chmod 0600, "$home/.rhosts";
    }

}
else
{                               # setting up ssh
    my $sshdconfig = "/etc/ssh/sshd_config";
    my $sshconfig  = "/etc/ssh/ssh_config";
    if (-e $sshdconfig)
    {                           # ssh installed
        my $tmp="$sshdconfig.ORIG";
        if (!(-e "$sshdconfig.ORIG"))
        {
            &runcmd("cp $sshdconfig $sshdconfig.ORIG");
        }
        &runcmd("echo \"KeyRegenerationInterval 0\" >>$sshdconfig");
        &runcmd("echo \"X11Forwarding yes\" >>$sshdconfig");
        &runcmd("echo \"MaxStartups 1024\" >>$sshdconfig");
        &runcmd("echo \"PasswordAuthentication no\" >>$sshdconfig");
        if (!(-e "$sshconfig.ORIG"))
        {
            &runcmd("cp $sshconfig $sshconfig.ORIG");
        }
        &runcmd("echo \"StrictHostKeyChecking no\" >>$sshconfig");
    }
    else
    {    # ssh not installed
        my $msg = "Failed to setup ssh on $node, ssh not installed. \n";
        `logger -t xcat $msg`;
        exit 1;
    }
    if (-e "/xcatpost/_ssh")
    {    # ssh public key available
        $rc = &runcmd("mkdir -p $home/.ssh");
        if ($rc == 0)
        {
            $rc = &runcmd("cp -fp /xcatpost/_ssh/* $home/.ssh");
            if ($rc == 0)
            {
                #$rc = &runcmd("scp -p $master:$home/.ssh/id_* $home/.ssh");
                $rc = &runcmd("chmod 0700 $home/.ssh");
                $rc = &runcmd("chmod 0600 $home/.ssh/*");
            }
        }
    }
    else
    {    # ssh keys not available
        my $msg = "Failed to setup ssh on $node, ssh keys not available. \n";
        `logger -t xcat $msg`;
        exit 1;
    }
}
exit $rc;

#
# run the command
#
sub runcmd
{
    my ($cmd) = @_;
    my $rc = 0;
    $cmd .= ' 2>&1';
    my $outref = [];
    @$outref = `$cmd`;
    if ($?)
    {
        $rc = $? >> 8;
        if ($rc > 0)
        {
            my $msg = "$cmd returned rc=$rc @$outref\n";
            `logger -t xcat $msg`;
			print $msg;
        }
    }
    return $rc;
}