#!/bin/bash

CHRBIN=/usr/sbin/chroot
CHRD=/chroot/admin


if ! [ -x /usr/bin/makepasswd ]; then
    echo "Error: makepasswd package not installed!"
    exit 7
fi

if ! [ -x /usr/bin/mysql ]; then
    echo "Error: mysql package not installed!"
    exit 7
fi


makepass() {
    echo $(makepasswd --chars=16)
}

# exec sql query in admin chroot
exec_sql_chr()
{

    if [ $# -lt 1 -o $# -gt 2 ]; then
	echo "Programing error!"
	exit 200
    fi

    if [ $# -eq 1 ]; then
	CHRCMD=""
    else
	CHRDIR=$2

	if ! [ -d $CHRDIR ]; then
	    echo "Chroot $CHRDIR doesn't exist!"
	    exit 201
	fi
	CHRCMD="$CHRBIN $CHRDIR"
    fi

$CHRCMD mysql --defaults-file=/etc/mysql/debian.cnf -ss -n <<STOP
$1
\q
STOP

    if [ $? -ne 0 ] ; then  echo "SQL job failed: $1" >&2
	exit 131
    fi
}

# -----------------------------------------------------

# -----------
# sanity check

if [ "$1" != "SURE" ]; then
    echo "WARNING! This script will overwrite sys_admin mysql passwords."
    echo "If you are sure, type SURE as parameter"
    echo "Usage: reset-mysqlpw-sysadmin [SURE]"
    exit 7
fi


# -----------------------------------------------------

# changing root and debian_sys_maint passwords
sapasswd=$(makepass)
sarpasswd=$(makepass)

echo "Resetting sys_admin passwords..."

exec_sql_chr "SET PASSWORD FOR 'sys_admin'@'localhost' = PASSWORD('$sapasswd');" $CHRD

# sys-admin frontend
sed -i -E "s/^[\t ]*[\$]CONFIG\['db_pass'\][\t ]*=[\t ]*'.*'[\t ]*;\$/\$CONFIG['db_pass'] = '$sapasswd';/" $CHRD/web/sys/admin/sysadmin/config/config.php

exec_sql_chr "SET PASSWORD FOR 'sys_admin_r'@'localhost' = PASSWORD('$sarpasswd');" $CHRD

# sys-admin backend
sed -i -E "s/^password[\t ]*=.*\$/password = $sapasswd/" /etc/sys-admin/config/sys-admin.conf

# postfix
for ppcf in /chroot/maild/etc/postfix/mysql_*.cf; do
    pcf=`basename $ppcf`
    sed -i -E "s/^password=.*\$/password=$sarpasswd/" /chroot/maild/etc/postfix/$pcf
done
sed -i -E "s/^sql_passwd:.*\$/sql_passwd: $sarpasswd/" /chroot/maild/etc/postfix/sasl/smtpd.conf

# dovecot
sed -i -E "s/^[\t ]*connect[\t ]*=[\t ]*host=localhost[\t ]*dbname=sys_admin[\t ]*user=sys_admin_r[\t ]*password=.*\$/connect = host=localhost dbname=sys_admin user=sys_admin_r password=$sarpasswd/" /chroot/maild/etc/dovecot/dovecot-sql.conf.ext

# pure-ftpd-mysql
sed -i -E "s/^MYSQLPassword.*\$/MYSQLPassword   $sarpasswd/" /etc/pure-ftpd/db/mysql.conf

exec_sql_chr "flush privileges;" $CHRD

# admin apache auth

sed -i -E "s/DBDParams[\t ]*\"[\t ]*host=localhost[\t ]*port=3307[\t ]*user=sys_admin_r[\t ]*pass=.[^ \t]*[\t ]*dbname=sys_admin[\t ]*\"/DBDParams \"host=localhost port=3307 user=sys_admin_r pass=$sarpasswd dbname=sys_admin\"/" /chroot/admin/etc/apache2/vhost-sys.conf

echo "new sys_admin password: $sapasswd"
echo "new sys_admin_r password: $sarpasswd"

/etc/init.d/postfix-chroot restart
/etc/init.d/dovecot-chroot restart
/etc/init.d/apache2-chroot restart
/etc/init.d/pure-ftpd-mysql restart
/etc/init.d/pure-lftpd-mysql restart
/etc/init.d/pure-localftpd-mysql restart
/etc/init.d/pure-secftpd-mysql restart