#!/bin/sh
#----------------------------------------------------------------------------
# remove-group - remove a group
#
# Creation:     2001-11-04  fm
# Last Update:  $Id$
#
# Copyright (c) 2001-@@YEAR@@ the eisfair team, team(at)eisfair(dot)org
#
# usage:        remove-group
#    or:        remove-group [--force] group
#
#                          -f | --force    - force
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#----------------------------------------------------------------------------

# include eislib
. /var/install/include/eislib

#debug=true

if ${debug:-false}
then
    exec 2>/tmp/$(basename ${0})-trace$$.log
    set -x
    ask_debug=true
    export ask_debug
fi

ASK=/var/install/bin/ask
AWK=/usr/bin/gawk
CUT=/usr/bin/cut
GETENT=/usr/bin/getent
GREP=/usr/bin/grep
GROUPDEL=/usr/sbin/groupdel
MKTEMP=/usr/bin/mktemp
RM=/usr/bin/rm
SED=/usr/bin/sed

#----------------------------------------------------------------------------
# usage
#----------------------------------------------------------------------------
usage()
{
cat  <<EOF

 Usage:
 ${0}
                              - empty for interactive mode
               -f | --force   - force

 Example: ${0} man
 Example: ${0} -f man
 Example: ${0}

EOF
}

#----------------------------------------------------------------------------
# do exit
#----------------------------------------------------------------------------
do_exit()
{
    if "${interactive:-false}"
    then
        mecho
        anykey
    fi
    exit $1
}

#----------------------------------------------------------------------------
# myecho, do output to tty
#----------------------------------------------------------------------------
myecho()
{
    if ${interactive:-false}
    then
        mecho ${1} "${2}"
    fi
}

#----------------------------------------------------------------------------
# set default GID range values
#----------------------------------------------------------------------------
set_defaults()
{
    if [ -f /etc/login.defs ]
    then
        # read default value from file
        # system group
        system_gidmax=$(${GREP} "^SYS_GID_MAX" /etc/login.defs | tr -s '[\t ]' ' ' | ${CUT} -d' ' -f2)

        # user group
        user_gidmax=$(${GREP} "^GID_MAX" /etc/login.defs | tr -s '[\t ]' ' ' | ${CUT} -d' ' -f2)
    fi

    if [ -z "${system_gidmax}" ]
    then
        system_gidmax=499
    fi

    if [ -z "${user_gidmax}" ]
    then
        user_gidmax=60000
    fi
}

#----------------------------------------------------------------------------
# remove group
#----------------------------------------------------------------------------
remove_group()
{
    group=${1}


    if "${interactive}"
    then
        clrhome
        mecho --info "Remove group"
        mecho
        mecho

        _ask_tmpfile=$(${MKTEMP} -t XXXXXXXXXXXXX)
        ${ASK} "Group to remove (e.g. 'www'): " '' '*' >${_ask_tmpfile}
        rc=${?}
        read group < ${_ask_tmpfile}
        ${RM} -f ${_ask_tmpfile}
        if [ ${rc} = 255 ]
        then
            exit 1
        fi

        if echo "${group}" | ${GREP} -q '^\-f'
        then
            force=true
            group="$(echo "${group}" | ${AWK} '{print $2}')"
        fi
    fi

    if [ -z "${group}" ]
    then
        mecho
        myecho --warn "Command aborted"
        do_exit 1
    fi

    group_line=$(${GETENT} group "${group}")

    if [ -z "${group_line}" ]
    then
        mecho
        myecho --error "Group ${group} does not exist"
        do_exit 1
    fi

    if ! ${force:-false}
    then
        gid=$(echo "${group_line}" | ${CUT} -d':' -f3)

        if [ ${gid} -lt ${system_gidmax} -o ${gid} -ge ${user_gidmax} ]
        then
            mecho
            myecho --error "It is not allowed to remove group ${group}, sorry"
            do_exit 1
        fi
    fi

    group_user=$(echo "${group_line}" | ${CUT} -d':' -f4 | ${SED} 's/,/\n/g')

    # do that only if goup_user exists ;-)
    if [ -n "${group_user}" ]
    then
        while read passwd_line
        do
            passwd_user=$(echo "${passwd_line}" | ${CUT} -d':' -f1) 
       
            if echo "${group_user}" | ${GREP} -q "${passwd_user}$"  
            then
                mecho
                myecho --error "Cannot remove group ${group}, user ${passwd_user} is member of ${group}"
                do_exit 1
            fi
        done </etc/passwd
    fi 

    ${GROUPDEL} "${group}"
}

#----------------------------------------------------------------------------
# main
#----------------------------------------------------------------------------
main()
{
    group=''
    interactive=false
    force=false

    if [ "${1}" = "-f" ]
    then
        force=true
        shift
    fi

    if [ ${#} -eq 0 ]
    then
        interactive=true
        set_defaults
        remove_group
        exit 0
    fi

    case ${#} in
    1)
        group="${1}"
        shift
        ;;
    *)
        usage
        exit 1
        ;;
    esac


    set_defaults
    remove_group ${group}

    exit 0
}

#----------------------------------------------------------------------------
# call function main
#----------------------------------------------------------------------------
main "${@}"

#----------------------------------------------------------------------------
# end
#----------------------------------------------------------------------------