#!/bin/bash

don="False"
cat /var/log/btmp >/dev/null 2>/dev/null
stderr=$(echo $?)
if [ $stderr = 1 ]
then
  echo "You're not root, try again with the good permissions."
  exit 84
fi
while [ $don = "False" ]
  do
    read -p "Please enter your supervision user [shinken]: " user
    user=${user:-shinken}
    groups $user >/dev/null 2>/dev/null
    stderr=$(echo $?)
    while [ $stderr != 0 ]
      do
        read -p "There is no $user user. Please enter another user: " user
        groups $user >/dev/null 2>/dev/null
        stderr=$(echo $?)
    done
    read -p "Now please enter your supervision group [shinken]: " group
    group=${group:-shinken}
    cat /etc/group | awk -F: '{print $1}' | grep $group >/dev/null 2>/dev/null
    stderr=$(echo $?)
    while [ $stderr != 0 ]
      do
        read -p "There is no $group group. Please enter another group: " group
        cat /etc/group | awk -F: '{print $1}' | grep $group >/dev/null 2>/dev/null
        stderr=$(echo $?)
    done
    groups $user | grep $group >/dev/null 2>/dev/null
    stderr=$(echo $?)
    while [ $stderr != 0 ]
      do
        read -p "$user is not in the $group group. Do you want to add him to this group [yes]? " answer
        answer=${answer:-yes}
        while [ $answer != "yes" ] && [ $answer != "no" ] && [ $answer != "Yes" ] $$ [ $answer != "No" ]
          do
            read -p "You can only answer \"Yes\" or \"No\": " answer
        done
        if [ $answer = "no"] || [ $answer = "No" ]
        then
          read -p "Please enter another group: " group
        else
          usermod -a -G $group $user
        fi
        groups $user | grep $group >/dev/null 2>/dev/null
        stderr=$(echo $?)
    done
    read -p "Your user is : $user, your group is : $group. Is it correct [yes] ? " answer
    answer=${answer:-yes}
    while [ $answer != "yes" ] && [ $answer != "no" ] && [ $answer != "Yes" ] $$ [ $answer != "No" ]
      do
        read -p "You can only answer \"Yes\" or \"No\": " answer
    done
    if [ $answer = "no" ] || [ $answer = "No" ]
    then
      continue
    fi
    don="True"
done
echo "Now we modify the logrotate.conf and the var.conf files for future logs backup. We also add read rights for $group in /var/log/btmp and /etc/ssh/sshd_config."
sed -i -e "s/btmp 0600 root utmp/btmp 0640 root $group/g" /usr/lib/tmpfiles.d/var.conf ; sed -i -e "s/create 0600 root utmp/create 0640 root $group/g" /etc/logrotate.conf
chmod 640 /etc/ssh/sshd_config /var/log/btmp ; chown root:$group /etc/ssh/sshd_config /var/log/btmp
echo "Done ! You can now use the entire linux advanced pack."
exit 0