#!/bin/bash

function move_file() {
	[ $# -eq 2 ] || exit 1
	local src=$1 dst=$2

	chown --reference=$dst $src || exit 1 
	chmod --reference=$dst $src || exit 1 
	mv -f $src $dst
}

pushd / >/dev/null

# Convert system to shadow password files
/usr/sbin/pwconv > /dev/null 2>&1

# Set default target as multi-user target
rm -f etc/systemd/system/default.target > /dev/null 2>&1
ln -s multi-user.target etc/systemd/system/default.target > /dev/null 2>&1

# turn services on
list="network httpd sshd xinetd saslauthd sendmail crond firewalld"
for i in $list; do
	/bin/systemctl enable $i.service > /dev/null 2>&1
done

# turn services off
list="rpcbind"
for i in $list; do
	/bin/systemctl disable $i.service > /dev/null 2>&1
done

mask_list="systemd-vconsole-setup"
for i in $mask_list; do
	/bin/systemctl mask $i.service > /dev/null 2>&1
done

# Enable rpcbind socket
/bin/systemctl enable rpcbind.socket > /dev/null 2>&1

# Fix sshd_config
CFG_FILE=etc/ssh/sshd_config
if [ -f $CFG_FILE ]; then
    sed -e "s/^X11Forwarding yes/X11Forwarding no/" \
        $CFG_FILE > ${CFG_FILE}.$$ && \
		move_file ${CFG_FILE}.$$ $CFG_FILE > /dev/null 2>&1
fi

# Turn apache ports on
/usr/bin/firewall-offline-cmd --port 80:tcp > /dev/null 2>&1

# saslauthd tuning
CFG_FILE=etc/sysconfig/saslauthd
if [ -f $CFG_FILE ]; then
    sed -e "s/^FLAGS=/FLAGS=\"-n 2\"/" \
        $CFG_FILE > ${CFG_FILE}.$$ && \
		move_file ${CFG_FILE}.$$ $CFG_FILE > /dev/null 2>&1
fi

rm -rf run/* > /dev/null 2>&1

mkdir var/log/journal
mkdir run/lock
chown root:systemd-journal var/log/journal
chmod g+s var/log/journal

mv -f etc/os-release.rpmnew etc/os-release > /dev/null 2>&1

popd > /dev/null
