#!/bin/bash
#
# sudo2uls
#
# sudo2uls erfragt Veranlassung, wenn noch nicht angegeben
# und wechsel per sudo zum neuen User. Ab dann werden all
# Bildschirmausgaben aufgezeichnet und an ULS versendet.
#####################################################################
#
if [[ ${PATH#*/usr/local/bin} = $PATH ]]
 then
  export PATH=$PATH:/usr/local/bin
fi
#
if [[ -f /etc/uls/uls.conf ]]
 then
  . /etc/uls/uls.conf
fi
if [[ -z "$ULSHOSTNAME" ]]
 then
  ULSHOSTNAME=`hostname`
fi
#
unset CMD ORIGUSER XAUTHORITY WORKLOG WLDEF
#
while getopts d:x:v:c:o:wW:? op
 do
  case "$op" in
    d) DISPLAY="$OPTARG"
       export DISPLAY;;
    v) SUDO2ULS_CAUSE="$OPTARG";;
    o) ORIGUSER="$OPTARG";;
    c) CMD="$OPTARG";;
    x) XAUTHDIPLAYNAME="`echo $OPTARG | cut -d ' ' -f 1`"
       xauth add $OPTARG;;
    w) WORKLOG=1;;
    W) WLDEF="$OPTARG"
       WORKLOG=1;;
    *) echo "usage: `basename $0` [-o <OrigUser>] [-v <Veranlassung>] [-d <display>] [-c <cmd>] [-w |-W <worklog>] [-x <xauthdisplay>]"
       exit 0;;
  esac
done
shift $(( $OPTIND - 1))
#
if ! tty -s && [[ -z "$SUDO2ULS_CAUSE" || -z "$CMD" ]]
 then
  echo "No Terminal connected!"
  exit 1
fi
#
stoptouls()
{
  DE="`date '+%Y-%m-%d %H:%M:%S%:z'`"
  #
  send_test_value -S -s adm Security Dialog Start-Stop $ULSDT "Stop $DE" '{T}'
  #
  if [[ -n "$XAUTHDIPLAYNAME" ]]
   then
    echo xauth remove $XAUTHDIPLAYNAME
    xauth remove $XAUTHDIPLAYNAME
  fi
  #
  if [[ -n "$WORKLOG" ]]
   then
    WLTMP=/tmp/ulsworklog.$$.txt
    if [[ -n "$WLDEF" ]]
     then
      echo "$WLDEF" >$WLTMP
    else
      >$WLTMP
    fi
    if ${EDITOR:-vi} $WLTMP
     then
      [[ -s $WLTMP ]] && send_test_value -S Security Dialog Worklog $ULSDT "$(<$WLTMP)" '_'
    fi
    rm $WLTMP
  fi
  exit 0
}
#
if [[ -z "$SUDO_USER" ]]
 then
  SUDO_USER=$USER
fi
typeset -r SUDO_USER
typeset -r SUDO_TO_USER=$USER
#
RE='^[[:blank:]]*$'
while [[ $SUDO2ULS_CAUSE =~ $RE ]]
 do
  echo -n "Veranlassung: "
  read SUDO2ULS_CAUSE
done
#
if [[ $LANG == *8 ]]
 then
  if echo "$SUDO2ULS_CAUSE" | LANG=de_DE grep -q '[]'
   then
    SUDO2ULS_CAUSE="$(echo "$SUDO2ULS_CAUSE" | iconv -f iso8859-1 -t utf-8)"
  fi
else
  if echo "$SUDO2ULS_CAUSE" | LANG=de_DE.utf-8 grep -q '[äöüÄÖÜß]'
   then
    SUDO2ULS_CAUSE="$(echo "$SUDO2ULS_CAUSE" | iconv -f utf-8 -t iso8859-15)"
  fi
fi
#
trap 'stoptouls' 1 2 3 6 9 14 15
#
typeset -r SUDO2ULS_CAUSE
export SUDO2ULS_CAUSE
#
typeset -r ULSDT="`date '+%Y-%m-%d %H:%M:%S%:z'`"
#
send_test_value -S -s adm Security Dialog Start-Stop $ULSDT "Start $ULSDT" '{T}'
if [[ -n "$ORIGUSER" ]]
 then
  send_test_value -S -s adm Security Dialog "OrigUser" $ULSDT "$ORIGUSER" " "
fi
send_test_line -S -s adm Security Dialog $ULSDT "User:$SUDO_USER: " "To:$SUDO_TO_USER: "
send_test_value -S -s adm Security Dialog "Veranlassung" $ULSDT "$SUDO2ULS_CAUSE" " "
if echo "$SUDO2ULS_CAUSE" | egrep -q 'UTT *I?D? *[0-9][0-9]* '
 then
  UTTID=`echo "$SUDO2ULS_CAUSE" | sed -n 's/.*UTT *I*D* *\([0-9]*\).*/\1/p'`
  if [[ -n "$UTTID" ]]
   then
    send_test_value -s adm Security Dialog 'uttid' $ULSDT "$UTTID" '[UTTID]'
  fi
fi
#
cd
if [[ -z "$CMD" ]]
 then
  SH=`/usr/bin/getent passwd | /usr/bin/awk -F ':' '$1 == "'$SUDO_TO_USER'"{print $7}'`
  if "$SH" </dev/null
   then
    export SSH_TTY=`tty`
    CMD="$SH -l"
  fi
else
  send_test_value -S -s adm Security Dialog "CMD" $ULSDT "$CMD" " "
fi
#
script2uls "$SUDO_USER" "$ULSHOSTNAME" Security Dialog Dialog "$ULSDT" "$CMD"
#
stoptouls
