#!/bin/bash

MYDIR=`pwd`
cd / >/dev/null

ln -sf /proc/mounts etc/mtab

# omit syncing for all log files
CFG_FILE=etc/rsyslog.conf
if [ -f $CFG_FILE ]; then
    cat $CFG_FILE | sed "s,[[:blank:]]/var/log/, -/var/log/,g" > ${CFG_FILE}.$$
    if [ $? -eq 0 ]; then
        chown --reference=${CFG_FILE} $CFG_FILE.$$ || exit 1 > /dev/null 2>&1
	chmod --reference=${CFG_FILE} $CFG_FILE.$$ || exit 1 > /dev/null 2>&1
	mv -f $CFG_FILE.$$ ${CFG_FILE} > /dev/null 2>&1
    fi
fi


# Convert system to shadow password files
usr/sbin/pwconv

# Fix the udevtrigger
CFG_FILE=etc/init/udevtrigger.conf
if [ -f $CFG_FILE ]; then
    sed -e "s,and not-container,,g" \
	$CFG_FILE > ${CFG_FILE}.$$
	if [ $? -eq 0 ]; then
	        chown --reference=${CFG_FILE} $CFG_FILE.$$ || exit 1 > /dev/null 2>&1
		chmod --reference=${CFG_FILE} $CFG_FILE.$$ || exit 1 > /dev/null 2>&1
		mv -f $CFG_FILE.$$ ${CFG_FILE} > /dev/null 2>&1
	fi
fi

# Create lo setup config

echo "
auto lo
iface lo inet loopback
	address 127.0.0.1
	netmask 255.0.0.0
	broadcast 127.255.255.255
	up ip route replace 127.0.0.0/8 dev lo
" > etc/network/interfaces.template

# turn off and stop some services
for i in bind9 quotarpc fetchmail rsync wide-dhcpv6-client rpcbind samba; do
	usr/sbin/update-rc.d -f $i remove > /dev/null 2>&1
	etc/init.d/$i stop > /dev/null 2>&1
done
usr/sbin/update-rc.d -f umountroot remove > /dev/null 2>&1

# export PATH
CFG_FILE=etc/bash.bashrc
if [ -f $CFG_FILE ] ; then
	echo >> $CFG_FILE
	echo "export PATH" >> $CFG_FILE
	echo >> $CFG_FILE
fi


# apache tuning
CFG_FILE=etc/apache2/apache2.conf
if [ -f $CFG_FILE ]; then
    sed -e "s/^[[:blank:]]*StartServers[[:blank:]]*.*/StartServers       1/" \
	-e "s/^[[:blank:]]*MinSpareServers[[:blank:]]*.*/MinSpareServers    1/" \
	-e "s/^[[:blank:]]*MaxSpareServers[[:blank:]]*.*/MaxSpareServers    5/" \
	-e "s/^[[:blank:]]*MaxClients[[:blank:]]*.*/MaxClients        10/" \
	-e "s/^[[:blank:]]*MinSpareThreads[[:blank:]]*.*/MinSpareThreads    1/" \
	-e "s/^[[:blank:]]*MaxSpareThreads[[:blank:]]*.*/MaxSpareThreads    4/" \
	$CFG_FILE > ${CFG_FILE}.$$
	if [ $? -eq 0 ]; then
	        chown --reference=${CFG_FILE} $CFG_FILE.$$ || exit 1 > /dev/null 2>&1
		chmod --reference=${CFG_FILE} $CFG_FILE.$$ || exit 1 > /dev/null 2>&1
		mv -f $CFG_FILE.$$ ${CFG_FILE} > /dev/null 2>&1
        fi
fi

# and disable root user
/usr/sbin/usermod -L root

# do not execute some cron-jobs by default
chmod a-x `find /etc/cron.daily/ -type f | grep -v "logrotate\|sysklogd"` > /dev/null 2>&1
chmod a-x /etc/cron.weekly/* > /dev/null 2>&1
chmod a-x /etc/cron.monthly/* > /dev/null 2>&1

# Fill /etc/apt/sources.list
if [ ! -f etc/apt/sources.list ]; then

cat << EOF > etc/apt/sources.list
deb http://ftp.debian.org/debian wheezy main contrib non-free
deb http://security.debian.org wheezy/updates main contrib non-free

EOF

fi

# Disable samba and bind9 ifup hook
chmod 0644 etc/network/if-down.d/bind9 etc/network/if-up.d/bind9

# Clean /run
rm -rf /run/*

# Clean logs
for i in `find var/log/ -type f`; do
    echo "" > $i
done

# create devices, needed to enter into Container
if [ ! -c lib/udev/devices/ptmx ]; then
    mknod lib/udev/devices/ptmx c 5 2
    chmod 666 lib/udev/devices/ptmx
fi
if [ ! -c dev/ptmx ]; then
    mknod dev/ptmx c 5 2
    chmod 666 dev/ptmx
fi

for i in 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15; do
    a=`awk -v num=$i 'BEGIN { printf("%x\n", num) }'`
    if [ ! -c lib/udev/devices/ttyp$i ]; then
	mknod lib/udev/devices/ttyp$a c 3 $i
    fi
    if [ ! -c lib/udev/devices/ptyp$i ]; then
	mknod lib/udev/devices/ptyp$a c 2 $i
    fi
    if [ ! -c dev/ttyp$i ]; then
	mknod dev/ttyp$a c 3 $i
    fi
    if [ ! -c dev/ptyp$i ]; then
	mknod dev/ptyp$a c 2 $i
    fi
done

# Remove /dev/log
rm -f dev/log >/dev/null 2>&1

# ssh host keys hack

echo "#!/bin/sh
rm -f etc/ssh/ssh_host_*
/usr/bin/ssh-keygen -t rsa -N '' -f /etc/ssh/ssh_host_rsa_key
/usr/bin/ssh-keygen -t dsa -N '' -f /etc/ssh/ssh_host_dsa_key
/usr/bin/ssh-keygen -t rsa1 -N '' -f /etc/ssh/ssh_host_key
/usr/sbin/service ssh restart
rm -f /etc/init.d/ssh_key_hack.sh
rm -f /etc/rc2.d/S11sshhack
" > etc/init.d/ssh_key_hack.sh
chmod a+x etc/init.d/ssh_key_hack.sh
ln -s /etc/init.d/ssh_key_hack.sh etc/rc2.d/S11sshhack

# Fix modprobe.conf
touch etc/modprobe.conf

# Fix modules.dep
echo "#!/bin/sh
### BEGIN INIT INFO
# Provides:          modules_dep
# Required-Start:
# Required-Stop:
# Default-Start:     2 3 4 5
# Default-Stop:      0 6
# Short-Description: modules.dep creation.
# Description:       Create and destroy modules.dep.
### END INIT INFO

case \"\$1\" in
  start|\"\")
	if [ ! -d \"/lib/modules/\`uname -r\`\" ]; then
		mkdir -p /lib/modules/\`uname -r\`
	fi
	depmod -a >/dev/null 2>&1
	;;
  restart|reload|force-reload)
	echo \"Error: argument '\$1' not supported\" >&2
	exit 3
	;;
  stop|force-stop)
	if [ -d \"/lib/modules/\`uname -r\`\" ]; then
		rm -rf /lib/modules/\`uname -r\`
	fi
	;;
  *)
	echo \"Usage: modules_dep.sh [start|stop]\" >&2
	exit 3
	;;
esac

:

" > etc/init.d/modules_dep.sh
chmod a+x etc/init.d/modules_dep.sh
/usr/sbin/update-rc.d modules_dep.sh defaults >/dev/null 2>&1

# Create empty /etc/inittab file
touch etc/inittab

# Turn back wide-dhcpv6-client init script and clean default conf file
for i in etc/init.d/wide-dhcpv6-client; do
	mv -f $i.dpkg-dist $i
done
# regenerate dhcp6cctlkey if exists
cat > etc/default/wide-dhcpv6-client <<'EOFINITCONFFILE'
# Defaults for dhcpv6 client initscript
# Used by /etc/init.d/wide-dhcpv6-client

# Interfaces on which the client should send DHCPv6 requests and listen to
# answers. If empty, the client is deactivated.
INTERFACES=""
EOFINITCONFFILE

rm -f etc/wide-dhcpv6/dhcp6cctlkey

echo "#!/bin/sh
DHCP6CCTLKEY=/etc/wide-dhcpv6/dhcp6cctlkey

# The key mustn\'t be world readable
umask 066

echo \"Generating \${DHCP6CCTLKEY}...\" >&2
dd if=/dev/random bs=32 count=1 2>/dev/null | \
	uuencode -m \${DHCP6CCTLKEY} | \
	head -n 2 | tail -n 1 > \${DHCP6CCTLKEY}

umask 022
rm -f /etc/init.d/dhcpv6_hack.sh
rm -f /etc/rc2.d/S11dhcpv6hack
"> etc/init.d/dhcpv6_hack.sh
chmod a+x etc/init.d/dhcpv6_hack.sh
ln -s /etc/init.d/dhcpv6_hack.sh etc/rc2.d/S11dhcpv6hack

# saslauthd tuning
CFG_FILE=etc/default/saslauthd
if [ -f $CFG_FILE ]; then
    sed -i -e "s/^THREADS=.*/THREADS=2/" -e "s/^START=.*/START=yes/" \
        $CFG_FILE
fi

# Disable startpar
touch etc/init.d/.legacy-bootordering

# Add ia32 arch support
/usr/bin/dpkg --add-architecture i386 > /dev/null 2>&1

# Disable sysvinit on dist-upgrade
echo "Package: sysvinit
Pin: release c=main
Pin-Priority: -1" > etc/apt/preferences.d/parallels

cd $MYDIR > /dev/null
