#!/bin/bash
#
# (c) Copyright 2001-2014, Server General, Inc. All rights reserved.

# Copyright (c) 2001-2014. The Server General, Inc.
# All Rights Reserved. Contact Server General, Inc., 865
# Merrick Road, Suite 204, NY 11510, (650) 485-1415 for any additional
# information regarding this notice.

# All materials are the intellectual property of Server General,
# Inc. and may not be copied, reproduced, distributed or
# displayed without Server General, Inc.'s express written
# permission.

# IN NO EVENT SHALL SERVER GENERAL BE LIABLE TO ANY PARTY FOR DIRECT,
# INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING
# LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS
# DOCUMENTATION, EVEN IF SERVER GENERAL HAS BEEN ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

# SERVER GENERAL SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT
# NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
# FOR A PARTICULAR PURPOSE. THE SOFTWARE AND ACCOMPANYING DOCUMENTATION,
# IF ANY, PROVIDED HEREUNDER IS PROVIDED "AS IS". SERVER GENERAL HAS NO
# OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR
# MODIFICATIONS.

LICENSE_FILE="/etc/serverg/sg-license.txt"
SERVERG_CONF="/etc/serverg/serverg.conf"
LOG_FILE="/var/log/serverg/serverg.log"

usage_sg_uninstall()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg sg-uninstall"
    test "$1" = "q" && exit 1
}
usage_license_add()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg license-add [-l <license-key>]"
    test "$1" = "q" && exit 1
}
usage_license_update()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg license-update [-l <license-key> -S <so-key>]"
    test "$1" = "q" && exit 1
}
usage_so_add()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg so-add -c <config-file> [-S <so-key>]"
    test "$1" = "q" && exit 1
}
usage_so_edit()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg so-edit [-s <so-id> -S <so-key> -F <fname> -L <lname> -E <email> -T <phone>]"
    test "$1" = "q" && exit 1
}
usage_smk_rotate()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg smk-rotate [-O <old-so-key> -N <new-so-key>]"
    test "$1" = "q" && exit 1
}

usage_da_add()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg da-add -c <config-file> [-D <da-key> -S <so-key>]"
    test "$1" = "q" && exit 1
}
usage_da_edit()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg da-edit -d <da-id> [-D <da-key> -F <fname> -L <lname> -E <email> -T <phone>]"
    test "$1" = "q" && exit 1
}
usage_da_list()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg da-list [-o <output-file> -S <so-key>]"
    test "$1" = "q" && exit 1
}
usage_policy_add()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg policy-add -c <policy-file> [-D <da-key>]"
    test "$1" = "q" && exit 1
}
usage_policy_reassign()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg policy-reassign -p <policy-name> -r <revoke da-id> -a <assign da-id> [-S <so-key>]"
    test "$1" = "q" && exit 1
}
usage_policy_remove()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg policy-remove -p <policy-name> -d <da-id> [-D <da-key>]"
    test "$1" = "q" && exit 1
}
usage_policy_edit()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg policy-edit -p <policy-name> -d <da-id> -c <policy-file> [-D <da-key>]"
    test "$1" = "q" && exit 1
}
usage_policy_start()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg policy-start -p <policy-name> -d <da-id> [-D <da-key>]"
    test "$1" = "q" && exit 1
}
usage_policy_stop()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg policy-stop -p <policy-name> -d <da-id> [-D <da-key>]"
    test "$1" = "q" && exit 1
}
usage_da_mk_rotate()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg da-mk-rotate -d <da-id> [-O <old-da-key> -N <new-da-key>]"
    test "$1" = "q" && exit 1
}
usage_da_revoke()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg da-revoke -r <revoked-da-id> [-S <so-key>]"
    test "$1" = "q" && exit 1
}
usage_da_revoke_reassign()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg da-revoke-reassign -r <revoked-da-id> -a <assigned-da-id> [-S <so-key>]"
    test "$1" = "q" && exit 1
}
usage_sg_status()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg sg-status [-S <so-key> -o <output-fname>]"
    test "$1" = "q" && exit 1
}
usage_policy_list()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg policy-list -d <da-id> -t <key-type (SMK|DMK)> [-K <key> -o <output-fname>]"
    echo "    srvg policy-list -A [-S <so-key> -o <output-fname>]"
    test "$1" = "q" && exit 1
}
usage_policy_status()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg policy-status -d <da-id> -p <policy-name> -t <key-type> (SMK|DMK) [-K <key> -o <output-fname>]"
    echo "    srvg policy-status -d <da-id> -t <key-type> (SMK|DMK) [-K <key> -o <output-fname>]"
    echo "    srvg policy-status -A [-S <so-key> -o <output-fname>]"
    test "$1" = "q" && exit 1
}
usage_put()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg put -p <policy-name> -d <da-id> [-D <da-key>]"
    test "$1" = "q" && exit 1
}
usage_get()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg get -p <policy-name> -d <da-id> [-D <da-key>]"
    test "$1" = "q" && exit 1
}
usage_backup_log()
{
    test "$1" = "q" && echo "Usage:"
    echo "    srvg backup-log"
    test "$1" = "q" && exit 1
}
usage()
{
    echo "Usage: srvg [-h] <command> [-h] [options/args] where:"
    echo "    -h: print full (or sub-command) help and exit"
#    usage_backup_log
    usage_da_add
    usage_da_edit
    usage_da_list
    usage_da_mk_rotate
    usage_da_revoke
    usage_da_revoke_reassign
    usage_license_add
    usage_license_update
    usage_policy_add
    usage_policy_reassign
    usage_policy_edit
    usage_policy_list
    usage_policy_remove
    usage_policy_start
    usage_policy_status
    usage_policy_stop
    usage_sg_status
    usage_so_add
    usage_so_edit
    usage_smk_rotate
    usage_sg_uninstall
    test "$1" = "q" && exit 1
}

check_cfg_file()
{
    cfg_file=$1

    # Check if the file is readable
    if test -f $cfg_file ; then
	return 0
    else
	echo "Error: Config file $cfg_file does not exist"
	exit 1
    fi
}
append_mk()
{
    cp $2 $temp_cfg_file
    if [ $? -eq 1 ]; then
	echo "Error: cp $2 $temp_cfg_file failed"
	exit 1
    fi
    if [ "$3" != "" ]; then
	echo "$1=$3" >> $temp_cfg_file
    fi
    return 0
}

append_temp_config()
{
    if [ "$2" != "" ]; then
	echo "$1=$2" >> $temp_cfg_file
    fi
    return 0
}

get_os_sg_version()
{
	# Check the platform
	if test -f /etc/redhat-release
	then
	    if grep -q "CentOS" /etc/redhat-release
	    then
		MYRELEASE="CentOS"
	    else
		MYRELEASE="RedHat"
	    fi
	else
	    MYRELEASE=`lsb_release -is 2>/dev/null || echo unknown` # ubuntu/debian
	    if test "$MYRELEASE" = "unknown" && \
        	egrep -q "^7\." /etc/debian_version 2>/dev/null
	    then
        	MYRELEASE="Debian"
    		fi
	fi

	case "$MYRELEASE" in
	   Ubuntu ) 
		SG_VERSION=`dpkg -s serverg | grep Version | awk '{print $2}'`
		OS_VERSION=`lsb_release -ds`
        	;;
	   Debian ) 
		SG_VERSION=`dpkg -s serverg | grep Version | awk '{print $2}'`
		version=`cat /etc/debian_version`
		OS_VERSION="$MYRELEASE $version"
        	;;
	    CentOS | RedHat ) # supported release(s); centos/redhat
		SG_VERSION=`rpm -q --queryformat '%{VERSION}-%{RELEASE}\n' serverg`
		OS_VERSION=`cat /etc/redhat-release`
        	;;
	    * ) # unsupported
        	echo "This release ($MYRELEASE) is unsupported.  Please contact $EMAIL_SUP for support."
	        return 1
	       ;;
	esac

}

update_os_sg_version()
{
	SERVERG_FILE=/etc/serverg/serverg.conf

	get_os_sg_version

	if test -f $SERVERG_CONF
	then
		get_os_sg_version

		temp_cfg_file=`mktemp || echo ${TMP:-/tmp}/.config.$$`
		echo "[GLOBAL]" > $temp_cfg_file
		echo "SG Version=$SG_VERSION" >> $temp_cfg_file
		echo "OS Version=$OS_VERSION" >> $temp_cfg_file

		cat $SERVERG_FILE | grep -v "SG Version" | grep -v "OS Version" | grep -v "GLOBAL" >> $temp_cfg_file	
		mv $temp_cfg_file $SERVERG_FILE
	fi
		
}

##############################################################################
# MAIN CODE
PATH=/sbin:/bin:/usr/sbin:/usr/bin:$PATH
export PATH
IFS='
'

# Only root can run this
if test `id -u` != 0
then
    uname -a | grep -i CYGWIN >/dev/null
    if [ $? != "0" ]; then
	echo "Error: The Server-GENERAL script must be run as sudo"
	echo ""
	exit 1
    fi
fi

if [ "$SUDO_USER" = "" ]; then
    echo "This command cannot be executed by root"
    echo "Please re-run the command by logging in as \"sgadmin\""
    exit 1
elif [ "$SUDO_USER" != "sgadmin" ]; then
    echo "Please re-run the command by logging in as \"sgadmin\""
    exit 1
fi

# check for -h(elp) option
test "$1" = "-h" && usage q

update_os_sg_version
# Create a Temp File for Config
export TMP
temp_cfg_file=`mktemp || echo ${TMP:-/tmp}/.srvg.$$`
trap "rm -f $tmp_cfg_file > /dev/null" 0 1 2 3 15

verbose="verbose"		# default is verbose (non-interactive) mode
cmd="$1"			# first argment is sub-command
shift

##############################################################################
### SUB-COMMANDS
##############################################################################
do_license_add()
{
    while getopts "hl:" opt; do
	case $opt in
	    l)
		lkey=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_license_add q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test "$verbose" = "quiet" ; then
	if test -z "$lkey" ; then
	    usage_license_add q
	fi
    else
	if [ $# -ne 0 ]; then
	    usage_license_add q
	fi
    fi

    # Check if machine is already licensed.
    if test -f $SERVERG_CONF && grep -q "license=" $SERVERG_CONF
    then
	echo "Error: This machine is already licensed."
	echo "Command: license-add Failed."
	exit 1
    fi

    # Non interactive, call serverg with the input key.
    if test "$verbose" = "quiet" ; then
        # Call Serverg
        serverg license-add $verbose $lkey
        return $?
    fi

    # show the license agreement
    answer="n"
    more $LICENSE_FILE

    i=1
    while [ $i -le 3 ]; do
	read -p "ACCEPT License Agreement? [NO/YES] (default NO)" yn
	case $yn in
	    Yes | YES | yes )
		answer="y"
		break
		;;
	    No | NO | no )
		answer="n"
		break
		;;
	    * ) echo "Please answer yes or no."
		;;

	esac
	let i=i+1
    done

    if [ "$answer" = "n" ]; then
	echo "License Not Added"
	echo "Program Exiting"
	exit 1
    fi

    # Call Serverg
    serverg license-add $verbose $lkey
    return $?
}

##############################################################################
do_license_update()
{
    while getopts "hl:S:" opt; do
	case $opt in
	    l)
		lkey=$OPTARG
		verbose="quiet"
		;;
	    S)
		smk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_license_update q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test "$verbose" = "quiet" ; then
	if test -z "$lkey" || test -z "$smk" ; then
	    usage_license_update q
	fi
    else
	if [ $# -ne 0 ]; then
	    usage_license_update q
	fi
    fi

    # Call Serverg
    serverg license-update $verbose $lkey $smk
    return $?
}

##############################################################################
do_so_add()
{
    while getopts "hc:S:" opt; do
	case $opt in
	    c)
		config_file=$OPTARG
		;;
	    S)
		smk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_so_add q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$config_file" ; then
	echo "Error: Empty config-file" # mandatory arg
	usage_so_add q
    fi
    if test "$verbose" = "quiet" ; then
	if  test -z "$smk" ; then
	    usage_so_add q
	fi
    else
	if [ $# -ne 2 ]; then
	    usage_so_add q
	fi
    fi

    check_cfg_file $config_file

    append_mk "so_mk" $config_file $smk

    # Call Serverg
    serverg so-add $verbose $temp_cfg_file
    return $?
}

##############################################################################
do_so_edit()
{
    while getopts "hS:F:L:E:T:" opt; do
	case $opt in
	    S)
		smk=$OPTARG
		verbose="quiet"
		;;
	    F)
		fname=$OPTARG
		verbose="quiet"
		;;
	    L)
		lname=$OPTARG
		verbose="quiet"
		;;
	    E)
		email=$OPTARG
		verbose="quiet"
		;;
	    T)
		phone=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_so_edit q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test "$verbose" = "quiet" ; then
	if test -z "$smk" || test -z "$fname" || test -z "$lname" ||
	    test -z "$email" || test -z "$phone"
	then
	    usage_so_edit q
	fi
    else
	if [ $# -ne 0 ]; then
	    usage_so_edit q
	fi
    fi

    # Call Serverg
    if test "$verbose" = "verbose"
    then
	serverg so-edit $verbose 
    else
	
	append_temp_config "so_fname" $fname
	append_temp_config "so_lname" $lname
	append_temp_config "so_email" $email
	append_temp_config "so_phone" $phone
	append_temp_config "so_mk" $smk
	serverg so-edit $verbose $temp_cfg_file $smk
    fi
    return $?
}

##############################################################################
do_smk_rotate()
{
    while getopts "hO:N:" opt; do
	case $opt in
	    O)
		old_smk=$OPTARG
		verbose="quiet"
		;;
	    N)
		new_smk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_smk_rotate q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test "$verbose" = "quiet" ; then
	if test -z "$old_smk" || test -z "$new_smk" ; then
	    usage_smk_rotate q
	fi
    else
	if [ $# -ne 0 ]; then
	    usage_smk_rotate q
	fi
    fi

    # Call Serverg
    serverg smk-rotate $verbose $old_smk $new_smk
    return $?
}

##############################################################################
do_da_add()
{
    while getopts "hc:D:S:" opt; do
	case $opt in
	    c)
		config_file=$OPTARG
		;;
	    D)
		dmk=$OPTARG
		verbose="quiet"
		;;
	    S)
		smk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_da_add q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$config_file" ; then
	echo "Error: Empty config-file" # mandatory arg
	usage_da_add q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$dmk" || test -z "$smk" ; then
	    usage_da_add q
	fi
    else
	if [ $# -ne 2 ]; then
	    usage_da_add q
	fi
    fi

    check_cfg_file $config_file

    append_mk "da_mk" $config_file $dmk

    # Call Serverg
    serverg da-add $verbose $temp_cfg_file $smk
    return $?
}

##############################################################################
do_da_edit()
{
    while getopts "hd:D:F:L:E:T:" opt; do
	case $opt in
	    d)
		da_id=$OPTARG
		;;
	    D)
		dmk=$OPTARG
		verbose="quiet"
		;;
	    F)
		fname=$OPTARG
		verbose="quiet"
		;;
	    L)
		lname=$OPTARG
		verbose="quiet"
		;;
	    E)
		email=$OPTARG
		verbose="quiet"
		;;
	    T)
		phone=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_da_edit q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$da_id" ; then
	echo "Error: Empty da-id" # mandatory arg
	usage_da_edit q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$dmk" || test -z "$fname" || test -z "$lname" ||
	    test -z "$email" || test -z "$phone"
	then
	    usage_da_edit q
	fi
    else
	if [ $# -ne 2 ]; then
	    usage_da_edit q
	fi
    fi

    # Call Serverg
    if test "$verbose" = "verbose"
    then
	serverg da-edit $verbose $da_id
    else
	append_temp_config "da_id" $da_id
	append_temp_config "da_fname" $fname
	append_temp_config "da_lname" $lname
	append_temp_config "da_email" $email
	append_temp_config "da_phone" $phone
	append_temp_config "da_mk" $dmk
	serverg da-edit $verbose $da_id $temp_cfg_file $dmk
    fi
    return $?
}

##############################################################################
do_da_list()
{
    while getopts "hS:o:" opt; do
	case $opt in
	    S)
		smk=$OPTARG
		verbose="quiet"
		;;
	    o)
		out_file=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_license_add q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test "$verbose" = "quiet" ; then
	if test -z "$out_file" || test -z "$smk" ; then
	    usage_da_list q
	fi
	if [ $# -ne 4 ]; then
	    usage_da_list q
	fi
    else
	if [ $# -ne 0 ]; then
	    usage_da_list q
	fi
    fi


    # Call Serverg
    serverg da-list $verbose $smk $out_file
    return $?
}

##############################################################################
do_policy_add()
{
    while getopts "hc:D:" opt; do
	case $opt in
	    c)
		config_file=$OPTARG
		;;
	    D)
		dmk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_policy_add q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$config_file" ; then
	echo "Error: Empty policy-file" # mandatory arg
	usage_policy_add q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$dmk" ; then
	    usage_policy_add q
	fi
    else
	if [ $# -ne 2 ]; then
	    usage_policy_add q
	fi
    fi

    check_cfg_file $config_file

    # XXX: is it ok if $dmk is empty in append_mk below?
    append_mk "da_mk" $config_file $dmk

    # Call Serverg
    serverg configure $verbose $temp_cfg_file $SUDO_USER
    return $?
}

##############################################################################
do_policy_reassign()
{
    while getopts "hp:r:a:S:" opt; do
	case $opt in
	    p)
		policy_name=$OPTARG
		;;
	    r)
		r_da_id=$OPTARG
		;;
	    S)
		smk=$OPTARG
		verbose="quiet"
		;;
	    a)
	        a_da_id=$OPTARG
		;;
	    h)  usage_policy_reassign q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$policy_name" ; then
	echo "Error: Empty policy-name" # mandatory arg
	usage_policy_reassign q
    fi
    if test -z "$r_da_id" ; then
	echo "Error: Empty da-id" # revoke da id mandatory arg
	usage_policy_reassign q
    fi
    if test -z "$a_da_id" ; then
	echo "Error: Empty  assign da-id" # assign da id mandatory arg
	usage_policy_reassign q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$smk" ; then
	    usage_policy_reassign q
	fi
    else
	if [ $# -ne 6 ]; then
	    usage_policy_reassign q
	fi
    fi

    # Call Serverg
    serverg policy-reassign $verbose $policy_name $r_da_id $a_da_id $smk
    return $?
}

##############################################################################
do_policy_remove()
{
    while getopts "hp:d:D:" opt; do
	case $opt in
	    p)
		policy_name=$OPTARG
		;;
	    d)
		da_id=$OPTARG
		;;
	    D)
		dmk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_policy_remove q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$policy_name" ; then
	echo "Error: Empty policy-name" # mandatory arg
	usage_policy_remove q
    fi
    if test -z "$da_id" ; then
	echo "Error: Empty da-id" # mandatory arg
	usage_policy_remove q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$dmk" ; then
	    usage_policy_remove q
	fi
    else
	if [ $# -ne 4 ]; then
	    usage_policy_remove q
	fi
    fi

    # Call Serverg
    serverg unconfigure $verbose $policy_name $da_id $SUDO_USER $dmk
    return $?
}

##############################################################################
do_policy_edit()
{
    while getopts "hp:d:c:D:" opt; do
	case $opt in
	    c)
		config_file=$OPTARG
		;;
	    p)
		policy_name=$OPTARG
		;;
	    d)
		da_id=$OPTARG
		;;
	    D)
		verbose="quiet"
		dmk=$OPTARG
		;;
	    h)  usage_policy_edit q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$policy_name" ; then
	echo "Error: Empty policy-name" # mandatory arg
	usage_policy_edit q
    fi
    if test -z "$config_file" ; then
	echo "Error: Empty policy-file" # mandatory arg
	usage_policy_edit q
    fi
    if test -z "$da_id" ; then
	echo "Error: Empty da-id" # mandatory arg
	usage_policy_edit q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$dmk" ; then
	    usage_policy_edit q
	fi
    else
	if [ $# -ne 6 ]; then
	    usage_policy_edit q
	fi
    fi

    check_cfg_file $config_file

    # Call Serverg
    serverg profile-edit $verbose $policy_name $config_file $da_id $SUDO_USER $dmk
    return $?
}

##############################################################################
do_policy_start()
{
    while getopts "hp:d:D:" opt; do
	case $opt in
	    p)
		policy_name=$OPTARG
		;;
	    d)
		da_id=$OPTARG
		;;
	    D)
		dmk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_policy_start q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$policy_name" ; then
	echo "Error: Empty policy-name" # mandatory arg
	usage_policy_start q
    fi
    if test -z "$da_id" ; then
	echo "Error: Empty da-id" # mandatory arg
	usage_policy_start q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$dmk" ; then
	    usage_policy_start q
	fi
    else
	if [ $# -ne 4 ]; then
	    usage_policy_start q
	fi
    fi

    # Call Serverg
    serverg start $verbose $policy_name $da_id $SUDO_USER $dmk
    return $?
}

##############################################################################
do_policy_stop()
{
    while getopts "hp:d:D:" opt; do
	case $opt in
	    p)
		policy_name=$OPTARG
		;;
	    d)
		da_id=$OPTARG
		;;
	    D)
		dmk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_policy_stop q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$policy_name" ; then
	echo "Error: Empty policy-name" # mandatory arg
	usage_policy_stop q
    fi
    if test -z "$da_id" ; then
	echo "Error: Empty da-id" # mandatory arg
	usage_policy_stop q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$dmk" ; then
	    usage_policy_stop q
	fi
    else
	if [ $# -ne 4 ]; then
	    usage_policy_stop q
	fi
    fi

    # Call Serverg
    serverg stop $verbose $policy_name $da_id $SUDO_USER $dmk
    return $?
}

##############################################################################
do_da_mk_rotate()
{
    while getopts "hd:O:N:" opt; do
	case $opt in
	    d)
		da_id=$OPTARG
		;;
	    O)
		old_dmk=$OPTARG
		verbose="quiet"
		;;
	    N)
		new_dmk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_da_mk_rotate q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$da_id" ; then
	echo "Error: Empty da-id" # mandatory arg
	usage_da_mk_rotate q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$old_dmk" || test -z "$new_dmk" ; then
	    usage_da_mk_rotate q
	fi
    else
	if [ $# -ne 2 ]; then
	    usage_da_mk_rotate q
	fi
    fi

    # Call Serverg
    serverg da-mk-rotate $verbose $da_id $old_dmk $new_dmk
    return $?
}

##############################################################################
do_da_revoke()
{
    while getopts "hr:S:" opt; do
	case $opt in
	    r)
		revoked_da_id=$OPTARG
		;;
	    S)
		smk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_da_revoke q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$revoked_da_id" ; then
	echo "Error: Empty revoked-da-id" # mandatory arg
	usage_da_revoke q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$smk" ; then
	    usage_da_revoke q
	fi
    else
	if [ $# -ne 2 ]; then
	    usage_da_revoke q
	fi
    fi

    # Call Serverg
    serverg da-revoke $verbose $revoked_da_id $smk
    return $?
}

##############################################################################
do_da_revoke_reassign()
{
    while getopts "hr:a:S:" opt; do
	case $opt in
	    r)
		revoked_da_id=$OPTARG
		;;
	    a)
		assigned_da_id=$OPTARG
		;;
	    S)
		smk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_da_revoke_reassign q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$revoked_da_id" ; then
	echo "Error: Empty revoked-da-id" # mandatory arg
	usage_da_revoke_reassign q
    fi
    if test -z "$assigned_da_id" ; then
	echo "Error: Empty assigned-da-id" # mandatory arg
	usage_da_revoke_reassign q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$smk" ; then
	    usage_da_revoke_reassign q
	fi
    else
	if [ $# -ne 4 ]; then
	    usage_da_revoke_reassign q
	fi
    fi

    # Call Serverg
    serverg da-revoke-reassign $verbose $revoked_da_id $assigned_da_id $smk
    return $?
}

##############################################################################
do_policy_status()
{
    mode=""
    while getopts "hAd:p:t:K:o:S:" opt; do
	case $opt in
	    A)
		test -n "$mode" && usage_policy_status q
		mode="so_all"
		;;
	    d)
		case "$mode" in
		    da_all | da_one ) ;;
		    so_all ) usage_policy_status q ;;
		    * ) mode="da_all" ;;
		esac
		da_id=$OPTARG
		;;
	    p)
		case "$mode" in
		    da_one | so_all ) usage_policy_status q ;;
		    da_all ) mode="da_one" ;;
		    * ) mode="da_one" ;;
		esac
		policy_name=$OPTARG
		;;
	    t)
		case "$mode" in
		    da_all | da_one ) ;;
		    so_all ) usage_policy_status q ;;
		    * ) mode="da_all" ;;
		esac
		key_type=$OPTARG
		;;
	    K)
		key=$OPTARG
		verbose="quiet"
		;;
	    S)
		smk=$OPTARG
		verbose="quiet"
		;;
	    o)
		out_file=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_policy_status q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    case "$mode" in
	so_all )
	    if test "$verbose" = "quiet" ; then
		if test -z "$out_file" || test -z "$smk" ; then
		    usage_policy_status q
		fi
	    fi
	    # Call Serverg
	    serverg profiles-status-all $verbose $smk $out_file
	    ;;

	da_all )
	    if test -z "$da_id" ; then
		echo "Error: Empty da-id" # mandatory arg
		usage_policy_status q
	    fi
	    if test -z "$key_type" ; then
		echo "Error: Empty key-type" # mandatory arg
		usage_policy_status q
	    else
		case "$key_type" in
		    SMK | DMK ) ;;
		    * ) usage_policy_status q ;;
		esac
	    fi
	    if test "$verbose" = "quiet" ; then
		if test -z "$out_file" || test -z "$key" ; then
		    usage_policy_status q
		fi
	    fi
	    # Call Serverg
	    serverg da-profiles-status-all $verbose $da_id $key_type $key $out_file
	    ;;

	da_one )
	    if test -z "$da_id" ; then
		echo "Error: Empty da-id" # mandatory arg
		usage_policy_status q
	    fi
	    if test -z "$policy_name" ; then
		echo "Error: Empty policy-name" # mandatory arg
		usage_policy_status q
	    fi
	    if test -z "$key_type" ; then
		echo "Error: Empty key-type" # mandatory arg
		usage_policy_status q
	    else
		case "$key_type" in
		    SMK | DMK ) ;;
		    * ) usage_policy_status q ;;
		esac
	    fi
	    if test "$verbose" = "quiet" ; then
		if test -z "$out_file" || test -z "$key" ; then
		    usage_policy_status q
		fi
	    fi
	    # Call Serverg
	    serverg da-profile-status $verbose $da_id $policy_name $key_type $key $out_file
	    ;;

	* )
	    echo "Error: unknown mode $mode"
	    usage_policy_status q ;;
    esac

    return $?
}

##############################################################################
do_policy_list()
{
    mode=""
    while getopts "hAd:t:K:o:S:" opt; do
	case $opt in
	    A)
		test -n "$mode" && usage_policy_list q
		mode="all"
		;;
	    d)
		case "$mode" in
		    one ) ;;
		    all ) usage_policy_list q ;;
		    * ) mode="one" ;;
		esac
		da_id=$OPTARG
		;;
	    t)
		case "$mode" in
		    one ) ;;
		    all ) usage_policy_list q ;;
		    * ) mode="one" ;;
		esac
		key_type=$OPTARG
		;;
	    K)
		key=$OPTARG
		verbose="quiet"
		;;
	    S)
		smk=$OPTARG
		verbose="quiet"
		;;
	    o)
		out_file=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_policy_list q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    case "$mode" in
	all )
	    if test "$verbose" = "quiet" ; then
		if test -z "$out_file" || test -z "$smk" ; then
		    usage_policy_list q
		fi
	    fi
	    # Call Serverg
	    serverg profiles-list-all $verbose $smk $out_file
	    ;;

	one )
	    if test -z "$da_id" ; then
		echo "Error: Empty da-id" # mandatory arg
		usage_policy_list q
	    fi
	    if test -z "$key_type" ; then
		echo "Error: Empty key-type" # mandatory arg
		usage_policy_list q
	    else
		case "$key_type" in
		    SMK | DMK ) ;;
		    * ) usage_policy_list q ;;
		esac
	    fi
	    if test "$verbose" = "quiet" ; then
		if test -z "$out_file" || test -z "$key" ; then
		    usage_policy_list q
		fi
	    fi
	    # Call Serverg
	    serverg profiles-list $verbose $da_id $key_type $key $out_file
	    ;;

	* )
	    echo "Error: unknown mode $mode"
	    usage_policy_list q ;;
    esac

    return $?
}

##############################################################################
do_sg_status()
{
    while getopts "ho:S:" opt; do
	case $opt in
	    S)
		smk=$OPTARG
		verbose="quiet"
		;;
	    o)
		out_file=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_sg_status q ;;
	    \?) usage q ;;

	esac
    done
    # verify usage
    if test "$verbose" = "quiet" ; then
	if test -z "$out_file" || test -z "$smk" ; then
	    usage_sg_status q
	fi
    else
	if [ $# -ne 0 ]; then
	    usage_sg_status q
	fi
    fi

    # Call Serverg
    serverg sg-status $verbose $smk $out_file
    return $?
}

do_put()
{
    while getopts "hp:d:D:" opt; do
	case $opt in
	    p)
		policy_name=$OPTARG
		;;
	    d)
		da_id=$OPTARG
		;;
	    D)
		dmk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_put q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$policy_name" ; then
	echo "Error: Empty policy-name" # mandatory arg
	usage_put q
    fi
    if test -z "$da_id" ; then
	echo "Error: Empty da-id" # mandatory arg
	usage_put q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$dmk" ; then
	    usage_put q
	fi
    else
	if [ $# -ne 4 ]; then
	    usage_put q
	fi
    fi

    # Call Serverg
    serverg put $verbose $policy_name $da_id $SUDO_USER $dmk
    return $?
}

do_get()
{
    while getopts "hp:d:D:" opt; do
	case $opt in
	    p)
		policy_name=$OPTARG
		;;
	    d)
		da_id=$OPTARG
		;;
	    D)
		dmk=$OPTARG
		verbose="quiet"
		;;
	    h)  usage_get q ;;
	    \?) usage q ;;
	esac
    done
    # verify usage
    if test -z "$policy_name" ; then
	echo "Error: Empty policy-name" # mandatory arg
	usage_get q
    fi
    if test -z "$da_id" ; then
	echo "Error: Empty da-id" # mandatory arg
	usage_get q
    fi
    if test "$verbose" = "quiet" ; then
	if test -z "$dmk" ; then
	    usage_get q
	fi
    else
	if [ $# -ne 4 ]; then
	    usage_get q
	fi
    fi

    # Call Serverg
    serverg get $verbose $policy_name $da_id $SUDO_USER $dmk
    return $?
}

#############################################################################
do_backup_log()
{
    while getopts "h" opt; do
	case $opt in
	    h)  usage_backup_log q ;;
	    \?) usage q ;;

	esac
    done
    # verify usage: nothing to do

    # Call Serverg
    # XXX: is "quiet" really needed to backup-log sub-cmd?
    serverg backup-log "quiet"
    return $?
}

##############################################################################
do_sg_uninstall()
{
	SERVERG_PATH=/etc/serverg
	LOG_DIR=/var/log/serverg
	BIN_DIR=/usr/sbin
	SERVERG_FILE=/etc/serverg/serverg.conf
	VAULT_PATH=/vault

	while getopts "h" opt; do
		case $opt in
		    h)  usage_sg_uninstall q ;;
		    \?) usage q ;;
		esac
	done

	# If the serverg.conf is absent it means that the machine is 
	# not licensed. So we need not call serverg binary 
	if [ -f $SERVERG_FILE ]; 
	then
		#Check if there are any configured repos
		#If yes, fail the uninstall as no repo should be configured
		grep -r "repo=" $SERVERG_FILE > /dev/null
		if [ $? -eq 0 ]; then
        		echo "Failed to uninstall Server-GENERAL: You need to remove all SG Profiles"
	        	return 1
		fi

		#Call serverg binary to remove installation
		serverg uninstall "verbose"
		if [ $? != "0" ]; then
        		echo "Could not uninstall ServerG. Please see logs for more detail."
		        return 1
		fi
	fi

	# Check the platform
	if test -f /etc/redhat-release
	then
	    if grep -q "CentOS" /etc/redhat-release
	    then
		MYRELEASE="CentOS"
	    else
		MYRELEASE="RedHat"
	    fi
	else
	    MYRELEASE=`lsb_release -cs 2>/dev/null || echo unknown` # ubuntu/debian
	    if test "$MYRELEASE" = "unknown" && \
		egrep -q "^7\." /etc/debian_version 2>/dev/null
   	    then
		MYRELEASE="wheezy"
   	    else
		if egrep -q "^8\." /etc/debian_version 2>/dev/null
		then
			MYRELEASE="jessie"
		fi
    	   fi

	fi

	case "$MYRELEASE" in
	    lucid | precise | trusty | xenial  ) # supported release(s): ubuntu
		apt-get remove -q -y serverg
		if [ $? -eq 1 ]; then
        		echo "Failed to uninstall Server-GENERAL package"
	        	return 1
		fi
        	;;
	    wheezy | jessie ) # supported release(s): debian
		apt-get remove -q -y serverg
		if [ $? -eq 1 ]; then
        		echo "Failed to uninstall Server-GENERAL package"
	        	return 1
		fi
        	;;
	    CentOS | RedHat ) # supported release(s); centos/redhat
		rpm --quiet --erase serverg 
		if [ $? -eq 1 ]; then
        		echo "Failed to uninstall Server-GENERAL package"
	        	return 1
		fi
        	;;
	    * ) # unsupported
        	echo "This release ($MYRELEASE) is unsupported.  Please contact $EMAIL_SUP for support."
	        return 1
	       ;;
	esac

	rm -rf $VAULT_PATH > /dev/null 2>&1
	rm -rf $SERVERG_PATH > /dev/null 2>&1
	rm /etc/rc0.d/K99sg -rf > /dev/null 2>&1
	rm /etc/rc6.d/K99sg -rf > /dev/null 2>&1
	rm /etc/init.d/sgstop > /dev/null 2>&1

	echo "Server-GENERAL uninstalled successfully"
	echo "Please delete sgadmin user manually by using the following command:"
	echo "      userdel sgadmin"
	return 0
}


##############################################################################
# Compute mtime of LOG_FILE before any commands are run, because
# these commands may update the log's mtime.
if test -f "$LOG_FILE" ; then
    mtime=`stat --printf=%Y "$LOG_FILE" 2> /dev/null || echo 0`
else
    mtime="0"
fi
case "$cmd" in
    da-add) do_da_add "$@" ;;
    da-edit) do_da_edit "$@" ;;
    da-list) do_da_list "$@" ;;
    da-mk-rotate) do_da_mk_rotate "$@" ;;
    da-revoke-reassign) do_da_revoke_reassign "$@" ;;
    da-revoke) do_da_revoke "$@" ;;
    license-add) do_license_add "$@" ;;
    license-update) do_license_update "$@" ;;
    policy-add) do_policy_add "$@" ;;
    policy-edit) do_policy_edit "$@" ;;
    policy-list) do_policy_list "$@" ;;
    policy-remove) do_policy_remove "$@" ;;
    policy-reassign) do_policy_reassign "$@" ;;
    policy-start) do_policy_start "$@" ;;
    policy-status) do_policy_status "$@" ;;
    policy-stop) do_policy_stop "$@" ;;
    sg-status) do_sg_status "$@" ;;
    so-add) do_so_add "$@" ;;
    so-edit) do_so_edit "$@" ;;
    smk-rotate) do_smk_rotate "$@" ;;
    put) do_put "$@" ;;
    get) do_get "$@" ;;
    # Commenting backup-log since we already backup the log.
    # Once we add support for any other log server we wil enable it
    # backup-log) do_backup_log "$@" ;;
    sg-uninstall) do_sg_uninstall "$@" ;;
    *)
	test -n "$cmd" && echo "Wrong command: $cmd"
	usage q
	;;
esac

# cleanup
rm -rf $temp_cfg_file
exit $?
