#!/bin/sh
# copyright Philipp Wuensche
# License: beer ware (http://en.wikipedia.org/wiki/Beerware)

if [ ! -f /usr/local/sbin/portaudit ]; then
        echo "Error: `basename $0 ` depends on portaudit"
        exit
fi

if [ -f /usr/local/etc/jailaudit.conf ]; then
        . /usr/local/etc/jailaudit.conf
fi

if [ "X${audit_path}" = "X" ]; then
        audit_path=/var/jailaudit/audits
fi

if [ "X${tmp_path}" = "X" ]; then
        tmp_path=/var/jailaudit/tmp
fi

if [ "X${hostname}" = "X" ]; then
        hostname=`/bin/hostname`
fi

action=$1
mailaddr=$2
jailnames=$3

if [ "X${action}" != "Xmail" ] && [ "X${action}" != "Xgenerate" ]; then
  echo "Usage: `basename $0` <generate|mail> mailaddr \"jailnames\""
  echo "        mailaddr can be \"-\" for stdout"
  echo "        jailnames can be \"ALL\" for all audits or list of jail-hostnames"
  exit
fi

if [ "X${action}" != "Xgenerate" ] && [ ! $jailnames ]; then
  echo "Usage: `basename $0` <generate|mail> mailaddr \"jailnames\""
  echo "        mailaddr can be \"-\" for stdout"
  echo "        jailnames can be \"ALL\" for all audits or list of jail-hostnames"
  exit
fi

if [ "X${action}" = "Xgenerate" ]; then

        echo
        echo "Downloading a current audit database:"
        /usr/local/sbin/portaudit -Fd
        echo

        rm -rf ${tmp_path}/*
        rm -rf ${audit_path}/*
        rm -f ${tmp_path}/_jailaudit_allports

        for jid in `/usr/sbin/jls |grep -v JID|awk '{print $1}'`; do
                jexec $jid /usr/sbin/pkg_info 2> /dev/null |awk '{print $1}' >> ${tmp_path}/_jailaudit_allports 2> /dev/null
        done

        for portname in `cat ${tmp_path}/_jailaudit_allports|sort|uniq`; do
                /usr/local/sbin/portaudit $portname > ${tmp_path}/_$portname 2> /dev/null
        done

        for jid in `/usr/sbin/jls |grep -v JID|awk '{print $1}'`; do
          pcount=0
          for portname in `jexec $jid /usr/sbin/pkg_info 2> /dev/null`; do
            if [ -f ${tmp_path}/_${portname} ]; then
              if [ "`cat ${tmp_path}/_${portname}|grep -v "problem(s) found."`" != "" ]; then
                cat ${tmp_path}/_${portname}|grep -v "problem(s) found." >> $audit_path/$jid 2> /dev/null
                pcount=$((${pcount}+1))
              fi
            fi
          done
          echo "$pcount problem(s) found." >> $audit_path/$jid
        done

        cd $audit_path
        /usr/sbin/jls | grep -v JID | awk '{print $1" "$3}' | xargs -n2 mv
        rm -rf ${tmp_path}/*
        exit
fi

tmpfile=${tmp_path}/_audit-$mailaddr
rm -f $tmpfile

if [ "X$jailnames" = "XALL" ]; then
        jailnames=`ls -1 $audit_path`
fi

pcount=0
 
for jailname in `echo $jailnames`; do

        if [ -f $audit_path/$jailname ]; then
                audit=`cat $audit_path/$jailname|grep "problem(s)"`
                if [ ! "$audit" = "0 problem(s) found." ]; then
                        tmpcount=`echo -n $audit|awk '{print $1}'`
                        pcount=`expr "$pcount" "+" "$tmpcount"`
                        echo "" >> $tmpfile
                        echo "portaudit for jail: $jailname" >> $tmpfile
                        echo >> $tmpfile
                        cat $audit_path/$jailname >> $tmpfile
                fi
        else
                echo "" >> $tmpfile
                echo "error: \"$jailname\" does not exist" >> $tmpfile
        fi
 
done

if [ -e ${tmpfile} ]; then
        if [ "X${mailaddr}" = "X-" ]; then
                echo "portaudit for jails on $hostname - $pcount problem(s) found."
                cat $tmpfile
        else
                cat $tmpfile |mail -s "portaudit for jails on $hostname - $pcount problem(s) found." $mailaddr
        fi
        rm -f $tmpfile
fi
