#!/bin/bash

# The main resource file
RCMAIN="$RPM_INSTALL_PREFIX"/usr/share/resources/default/init/main

# discrete options for DHCP client: SET_DNS, SET_DOMAIN, SET_HOSTNAME
DHCPCD_OPTS="SET_DNS SET_DOMAIN"
DHCPCD_EX_OPTS="-d -t 20"

# the encrypted password
PASS='$1$U4.8u2Dh$UvJpU6AsN912qFZGBvUtN/'

net_conf="$RPM_INSTALL_PREFIX"/etc/network/interfaces
net_conf_def="$RPM_INSTALL_PREFIX"/etc/network/interfaces.spxsave
static_resolv_conf="$RPM_INSTALL_PREFIX"/etc/network/resolv.conf.static
dhcpcd_conf="$RPM_INSTALL_PREFIX"/etc/dhcpc/config
nscd_conf="$RPM_INSTALL_PREFIX"/etc/nscd.conf
nscd_init="$RPM_INSTALL_PREFIX"/etc/init.d/nscd
ppp_pap_secrets="$RPM_INSTALL_PREFIX"/etc/ppp/pap-secrets
ppp_chap_secrets="$RPM_INSTALL_PREFIX"/etc/ppp/chap-secrets
snmp_local_conf="$RPM_INSTALL_PREFIX"/etc/snmp/snmpd.local.conf
snmp_local_conf_def="$RPM_INSTALL_PREFIX"/etc/snmp/snmpd.local.conf.spxsave
ntpdate_conf="$RPM_INSTALL_PREFIX"/etc/default/ntpdate
ntpdate_conf_def="$RPM_INSTALL_PREFIX"/etc/default/ntpdate.spxsave
passwd_file="$RPM_INSTALL_PREFIX"/etc/passwd
sshd_init_conf="$RPM_INSTALL_PREFIX"/etc/default/ssh
sshd_conf="$RPM_INSTALL_PREFIX"/etc/ssh/sshd_config
sshdelayed_init_conf="$RPM_INSTALL_PREFIX"/etc/default/ssh-delayed
localtime="$RPM_INSTALL_PREFIX"/etc/localtime
php_timezone="$RPM_INSTALL_PREFIX"/etc/php.d/timezone.ini
rpmmacros="$RPM_INSTALL_PREFIX"/root/.mvlmacros
cron_daily_standard="$RPM_INSTALL_PREFIX"/etc/cron.daily/standard
logrotate_conf="$RPM_INSTALL_PREFIX"/etc/logrotate.conf
syslog_rotate_conf="$RPM_INSTALL_PREFIX"/etc/logrotate.d/syslog
syslog_conf="$RPM_INSTALL_PREFIX"/etc/syslog.conf
sysctl_conf="$RPM_INSTALL_PREFIX"/etc/sysctl.conf
pam_su_conf="$RPM_INSTALL_PREFIX"/etc/pam.d/su
securetty="$RPM_INSTALL_PREFIX"/etc/securetty
udev_init="$RPM_INSTALL_PREFIX"/etc/init.d/udev
rc_script="$RPM_INSTALL_PREFIX"/etc/init.d/rc
rc_conf="$RPM_INSTALL_PREFIX"/etc/default/rcS
inittab="$RPM_INSTALL_PREFIX"/etc/inittab
adjtime="$RPM_INSTALL_PREFIX"/etc/adjtime

start_tag="# START-spxsysconfig"
start_comm="DO NOT REMOVE THE START AND END TAGS"
end_tag="# END-spxsysconfig"

# Load resources
[ -f "$RCMAIN" ] && . "$RCMAIN"

# Creates a temporary file in the same directory as the source
# file (arg 1) and copies the contents. The name of the temp
# file is output to stdout if successful
function cptemp()
{
    local tmp="$(mktemp "$1".XXXXXX)" || return 1
    # preserve mode, ownership and any security contexts
    if cp -p -- "$1" "$tmp"; then
	echo "$tmp"
	return 0
    else
	rm -f -- "$tmp"
	return 1
    fi
}

# Copies a file (arg1) atomically using a temporary file in the same
# directory as the destination file (arg2)
function cpatomic()
{
    local tmp="$(mktemp "$2".XXXXXX)" || return 1
    # preserve mode, ownership and any security contexts
    if cp -p -- "$1" "$tmp"; then
	mv -f -- "$tmp" "$2"
	return
    else
	rm -f -- "$tmp"
	return 1
    fi
}

# The file to be edited inplace must be third argument !
# This works around sed bug in which it does not set the mode of the
# new file correctly if using the -i option
# File replacement is atomic
function sed_inplace()
{
    local tmp="$(cptemp "$3")"
    if [ $? -ne 0 ]; then
	echo "ERROR: failed editing file in spxsysconf (no temp)" >&2
	return 1
    fi

    sed "$@" > "$tmp"
    if [ $? -ne 0 ]; then
	echo "ERROR: failed editing file in spxsysconf" >&2
    else
	mv -f -- "$tmp" "$3" && return 0
	echo "ERROR: failed editing file in spxsysconf (cannot replace)" >&2
    fi

    # failed

    rm -f -- "$tmp"
    return 1
}

# The file to be edited inplace must be second argument !
# File replacement is atomic
function awk_inplace()
{
    local tmp="$(cptemp "$2")"
    if [ $? -ne 0 ]; then
	echo "ERROR: failed editing file in spxsysconf (no temp)" >&2
	return 1
    fi

    awk "$@" > "$tmp"
    if [ $? -ne 0 ]; then
	echo "ERROR: failed editing file in spxsysconf" >&2
    else
	mv -f -- "$tmp" "$2" && return 0
	echo "ERROR: failed editing file in spxsysconf (cannot replace)" >&2
    fi

    # failed

    rm -f -- "$tmp"
    return 1
}

function is_devel_sys()
{
    [ -e "$RPM_INSTALL_PREFIX"/usr/include/stdlib.h ]
}

function config_clean()
{
    sed_inplace -e "/^$start_tag/,/^$end_tag/d" "$1"
}

function check_config()
{
    grep -q "^$start_tag" "$1"
}

remove_locale_files()
{
    [ -z "$RPM_INSTALL_PREFIX" ] && return

    # WARNING: do not forget the "$RPM_INSTALL_PREFIX" for each path
    # or this will remove files in the build system when cross-installing !

    find "$RPM_INSTALL_PREFIX"/usr/share/locale/ \
	-mindepth 1 -maxdepth 1 -type d -print0 | \
	xargs -0r rm -rf --
}

remove_doc_files()
{
    [ -z "$RPM_INSTALL_PREFIX" ] && return

    # WARNING: do not forget the "$RPM_INSTALL_PREFIX" for each path
    # or this will remove files in the build system when cross-installing !

    find "$RPM_INSTALL_PREFIX"/usr/share/man/ \
	"$RPM_INSTALL_PREFIX"/usr/share/doc/ \
	"$RPM_INSTALL_PREFIX"/usr/share/info/ \
	-type f -print0 | xargs -0r rm -f --
}

function net_config_eth0_dhcp()
{
    local file="$1"

    [ -n "$file" ] || file="$net_conf"

    echo "$start_tag $start_comm" >> "$file" || return 1

    cat >> "$file" <<EOF

# Configure eth0 for DHCP
auto eth0
iface eth0 inet dhcp

EOF
    [ $? -eq 0 ] || return 1

    echo "$end_tag" >> "$file" || return 1

    return 0
}

function net_config_eth0_static()
{
    local ret ipaddr netmask brd gw dns1 dns2 dns3 domain junk
    local saved_ifs params ipvals
    local netfile="$2"
    local dnsfile="$3"

    [ -n "$netfile" ] || netfile="$net_conf"
    [ -n "$dnsfile" ] || dnsfile="$static_resolv_conf"

    params="$1"
    saved_ifs="$IFS"
    IFS=";"
    read -r ipaddr netmask brd gw dns1 dns2 dns3 domain junk < <( echo "$params" )
    ret=$?
    IFS="$saved_ifs"

    [ $ret -eq 0 ] || return 1

    if [ -z "$ipaddr" -o -z "$netmask" ]; then
	echo 'ERROR: static network config missing parameters' >&2
	return 1
    fi

    ipvals="$(ipcalc -b -m -s "$ipaddr" "$netmask")"
    if [ $? -ne 0 ]; then
	echo 'ERROR: invalid parameters in static network config' >&2
	return 1
    fi
    eval "$ipvals" || return 1

    NETCONFIG="static=${ipaddr};${NETMASK};${BROADCAST}"

    echo "$start_tag $start_comm" >> "$netfile" || return 1
    
    cat >> "$netfile" <<EOF

# Configured static IP address
auto eth0
iface eth0 inet static
    pre-up [ ! -x /etc/network/eth-inet-dad ] || /etc/network/eth-inet-dad
EOF
    [ $? -eq 0 ] || return 1

    echo -e "    address ${ipaddr}\n    netmask ${NETMASK}\n    broadcast ${BROADCAST}" >> "$netfile" || return 1

    if [ -n "$gw" ]; then
	NETCONFIG="${NETCONFIG};${gw}"
	echo -e "    gateway ${gw}\n" >> "$netfile" || return 1
    else
	echo "" >> "$netfile" || return 1
    fi

    echo "$end_tag" >> "$netfile" || return 1

    if [ -n "$dns1" ] || [ -n "$dns2" ] || [ -n "$dns3" ]; then
	[ -z "$gw" ] && NETCONFIG="${NETCONFIG};"
	NETCONFIG="${NETCONFIG};${dns1};${dns2};${dns3}"
	[ -z "$dns1" ] || echo "nameserver $dns1" >> "$dnsfile" || return 1
	[ -z "$dns2" ] || echo "nameserver $dns2" >> "$dnsfile" || return 1
	[ -z "$dns3" ] || echo "nameserver $dns3" >> "$dnsfile" || return 1
	if [ -n "$domain" ]; then
	    NETCONFIG="${NETCONFIG};${domain}"
	    echo "domain $domain" >> "$dnsfile" || return 1
	fi
    fi

    return 0
}

function net_config_eth0_default()
{
    local file="$1"

    [ -n "$file" ] || file="$net_conf"

    cpatomic "$net_conf_def" "$file" || return 1

    return 0
}

function net_config_eth0()
{
    local ret conf method params tmp dnstmp

    conf="$1"

    tmp="$(cptemp "$net_conf")"
    if [ $? -ne 0 ]; then
	echo "ERROR: failed editing file in spxsysconf (no temp)" >&2
	return 1
    fi

    if ! config_clean "$tmp"; then
	echo "ERROR: failed editing file in spxsysconf (cannot clean)" >&2
	rm -f -- "$tmp"
	return 1
    fi

    method="${conf%%=*}"
    params="${conf#*=}"
    [ "$params" != "$conf" ] || params=

    # global variable to pass back modifications to config string, if any
    NETCONFIG=
    
    case "$method" in
	dhcp)
	    net_config_eth0_dhcp "$tmp"
	    ret=$?
        ;;
	static)
	    dnstmp="$(cptemp "$static_resolv_conf")" && cat /dev/null > "$dnstmp"
	    if [ $? -ne 0 ]; then
		[ -n "$dnstmp" ] && rm -f -- "$dnstmp"
		ret=1
	    else
		net_config_eth0_static "$params" "$tmp" "$dnstmp"
		ret=$?
	    fi
	;;
	*)
	    echo "ERROR: unknown network config method '$method'" >&2
	    ret=1
    esac

    if [ $ret -eq 0 ]; then
	[ -n "$NETCONFIG" ] || NETCONFIG="$conf"
	if ! failsafe-data set network "$NETCONFIG"; then
	    echo "WARNING: failed saving network configuration for recovery console"
	    ret=2
	fi
	mv -f -- "$tmp" "$net_conf" || ret=1
	[ -n "$dnstmp" ] && mv -f -- "$dnstmp" "$static_resolv_conf" || ret=1
    fi

    [ -f "$tmp" ] && rm -f -- "$tmp"
    [ -n "$dnstmp" -a -f "$dnstmp" ] && rm -f -- "$dnstmp"

    return $ret
}

function dhcpcd_enable_opt()
{
    sed_inplace -e "s/^[ \t]*#[ \t]*\($1='yes'\)/\1/" "$dhcpcd_conf"
}

function dhcpcd_set_ex_opts()
{
    sed_inplace -e "s/^[ \t#]*OPTIONS=.*/OPTIONS='$1'/" "$dhcpcd_conf"
}

function dhcpcd_disable_opt()
{
    sed_inplace -e "s/^[ \t]*\($1='yes'\)/#\1/" "$dhcpcd_conf"
}

function dhcpcd_rm_ex_opts()
{
    sed_inplace -e "s/^[ \t#]*OPTIONS=.*/OPTIONS=''/" "$dhcpcd_conf"
}

function dhcpcd_set_opts()
{
    for o in $DHCPCD_OPTS; do
	dhcpcd_enable_opt "$o"
    done
    dhcpcd_set_ex_opts "$DHCPCD_EX_OPTS"
}

function dhcpcd_unset_opts()
{
    for o in $DHCPCD_OPTS; do
	dhcpcd_disable_opt "$o"
    done
    dhcpcd_rm_ex_opts
}

function nscd_config()
{
    # Set the number of threads, disable persistence and disable
    # the passwd and group DBs (not needed) so as to leave more
    # threads for host DB
    sed_inplace -e 's,^#\([[:space:]]\+threads[[:space:]]\+\)[0-9]\+,\13,;s,^\([[:space:]]\+\(persistent\|shared\)[[:space:]]\+[[:alpha:]]\+[[:space:]]\+\)yes,\1no,;s,^\([[:space:]]\+enable-cache[[:space:]]\+\(passwd\|group\)[[:space:]]\+\)yes,\1no,' "$nscd_conf"
    # Lower the stack size of each thread to 1 MByte (default is 8)
    grep -q '# Limit stack for each nscd thread' "$nscd_init" || \
	sed_inplace -e '/^[[:space:]]*start-stop-daemon.*--start\b/i\\t# Limit stack for each nscd thread to 1 MByte\n\tulimit -s 1024 && \\' "$nscd_init"
}

function ppp_pap_secret_config()
{
    echo "$start_tag $start_comm" >> "$ppp_pap_secrets"
    cat >> "$ppp_pap_secrets" <<EOF

# Set up the modem secret, for any user
*	modem		@/etc/ppp/modem-password
*	modem-pap	@/etc/ppp/modem-password

EOF
    echo "$end_tag" >> "$ppp_pap_secrets"
}

function ppp_chap_secret_config()
{
    echo "$start_tag $start_comm" >> "$ppp_chap_secrets"
    cat >> "$ppp_chap_secrets" <<EOF

# Set up the modem secret, for any user
*	modem		@/etc/ppp/modem-password
*	modem-chap	@/etc/ppp/modem-password

EOF
    echo "$end_tag" >> "$ppp_chap_secrets"
}

function snmp_upgrade()
{
    local ver="$(sed -ne '/^# ---VERSION=[0-9]\+---$/{s/.*=\([0-9]\+\).*/\1/;p;q}' "$snmp_local_conf")"
    [ -n "$ver" ] && [ "$ver" -ge 4 ] && return

    # use tmp file but preserve mode, ownership and any security contexts
    local tmp="$(cptemp "$snmp_local_conf")"
    if [ $? -ne 0 ]; then
	echo "ERROR: failed editing file $snmp_local_conf in spxsysconf" >&2
	return 1
    fi

    # Merge current configurable values info new config.
    # We keep the same rocommunity and rocommunity6 as well as listen addresses;
    # if no listen addresses are present then use old default of all IPv4 and IPv6
    # over UDP and TCP
    local comm="$(awk '$1 == "rocommunity" { print $2; exit}' "$snmp_local_conf")"
    local listen="$(awk '$1 == "agentaddress" { print $2; exit}' "$snmp_local_conf")"
    [ -n "$listen" ] || listen="udp:161,tcp:161,udp6:161,tcp6:161"
    awk -v c="$comm" -v l="$listen" '/^rocommunity/ {$2=c}; /^agentaddress[[:space:]]/ {$2=l}; {print}' "$snmp_local_conf_def" > "$tmp"

    if [ $? -ne 0 ]; then
	echo "ERROR: failed merging config changes into $snmp_local_conf in spxsysconf" >&2
	rm -f -- "$tmp"
	return 1
    fi

    # Atomically replace file
    mv -f -- "$tmp" "$snmp_local_conf"
}

function ntpdate_set_server()
{
    # transfer the factory default config to ntpdate's config
    . "$ntpdate_conf_def"
    sed_inplace -e "s/^[ \t]*NTPSERVERS=.*$/NTPSERVERS=$NTPSERVERS/" "$ntpdate_conf"
}

function ntpdate_remove_server()
{
    sed_inplace -e "s/^[ \t]*NTPSERVERS=.*$/NTPSERVERS=/" "$ntpdate_conf"
}

function ntpdate_convert_server()
{
    local s="$(sed -e '/[ \t]*TIMESERVER=/{s/.*TIMESERVER=\(.*\)/\1/;p};d' "$ntpdate_conf".rpmsave)"
    [ -n "$s" ] || return
    sed_inplace -e "s/^[ \t]*NTPSERVERS=.*$/NTPSERVERS=$s/" "$ntpdate_conf"
}

function set_passwd()
{
    grep -q '^root:[^:]' "$passwd_file" && return
    sed_inplace -e \
	"s,^root::,root:${PASS}:," "$passwd_file"
}

function sshd_init_set_opts()
{
    sed_inplace -e "s/^[ \t]*AUTOKEYGEN=.*$/AUTOKEYGEN=yes/" "$sshd_init_conf"
}

function sshd_init_unset_opts()
{
    sed_inplace -e "s/^[ \t]*AUTOKEYGEN=.*$/AUTOKEYGEN=no/" "$sshd_init_conf"
}

function sshd_config()
{
    echo "$start_tag $start_comm" >> "$sshd_conf"
    cat >> "$sshd_conf" <<EOF

# Allow only protocol version 2
Protocol 2

# Enable publick key authentication with pre-installed keys
PubkeyAuthentication yes
AuthorizedKeysFile	/etc/spinetix/ssh-%u-authorized_keys

# Disable undesired authentication methods
HostbasedAuthentication no
PasswordAuthentication no
ChallengeResponseAuthentication no
# Kerberos not compiled in, having directive below causes warning
#KerberosAuthentication no
# GSSAPI not compiled in, having directive below causes warning
#GSSAPIAuthentication no
UsePAM no

# Do not use reverse DNS, since we may not have a DNS configured in
UseDNS no

# Limit the number of daemons running in authentication phase
MaxStartups 3

EOF
    echo "$end_tag" >> "$sshd_conf"
}

function sshdelayed_disable_autostart()
{
    grep -q '^[[:space:]]*FACTORY_AUTOSTART=' "$sshdelayed_init_conf" && return
    rm -f -- "$RPM_INSTALL_PREFIX"/etc/rc.d/rc?.d/???ssh-delayed
    sed_inplace -e \
        "s/^[[:space:]]*#[[:space:]]*\(FACTORY_AUTOSTART\)=.*/\1=no/" \
	"$sshdelayed_init_conf"
}

function tz_set_default()
{
    if [ -n "$rc_default_tz" ]; then
	ln -sf ../usr/share/zoneinfo/"$rc_default_tz" "$localtime"
	if [ ! -f "$localtime" ]; then
	    echo "ERROR: invalid default timezone" >&2
	    rm -f "$localtime"
	    return 1
	fi
	return 0
    else
	echo "WARNING: no default timezone" >&2
	return 1
    fi
}

function tz_unset_default()
{
    rm -f -- "$localtime"
}

function php_tz_set_to_sys()
{
    local tz
    tz="$(readlink "$localtime" | sed -e 's|.*/zoneinfo/||')"
    if [ -z "$tz" ]; then
	echo "WARNING: no default timezone" >&2
	return 1
    fi
    # Replace the (possibly commented out) date.timezone setting by the timezone
    sed_inplace -e '/^[[:space:];]*date\.timezone[[:space:]]*=/s|^[[:space:];]*\(date\.timezone[[:space:]]*=\).*|\1 "'"$tz"'"|' "$php_timezone"
}

function rpm_opts_set()
{
    local optional=
    is_devel_sys && optional="# "
    cat > "$rpmmacros" <<EOF
# Prevent installation of locale files
%_install_langs C
# Prevent installation of doc files
${optional}%_excludedocs 1
EOF
}

function rpm_opts_del()
{
    rm -f -- "$rpmmacros"
}

function cron_jobs_set()
{
    cat > "$cron_daily_standard" <<EOF
#!/bin/sh
# Delibereately empty file, stuff done in normal cron.daily/standard
# is not relevnt for us, so we wipe it out.
EOF
}

function logrotate_conf()
{
    sed_inplace -e "s,^[ \t]*\(weekly\),#\1\n# rotate based on size by default\nsize 800k,;s,^[ \t]*#[ \t]*\(compress\),\1," "$logrotate_conf"
}

function syslog_conf()
{
    cat > "$syslog_rotate_conf" <<EOF
# the only the current syslog configuration generates
/var/log/syslog {
    missingok
    sharedscripts
    postrotate
        /usr/bin/killall -HUP syslogd
    endscript
}

# files that the original syslog configuration created
# for these we do time based rotation so that they will
# eventually disappear but will still be kept for some time
/var/log/messages /var/log/debug /var/log/auth.log /var/log/daemon.log /var/log/cron.log /var/log/kern.log /var/log/lpr.log /var/log/mail.log /var/log/user.log /var/log/uucp.log /var/log/mail.info /var/log/mail.warn /var/log/mail.err {
    weekly
    missingok
    nocreate
    sharedscripts
    postrotate
        /usr/bin/killall -HUP syslogd
    endscript
}
EOF

    cat > "$syslog_conf" <<EOF
# /etc/syslog.conf
#
# SPX specific configuration file for syslogd
#
# This is very simple and it is meant to lower
# the amount of writes to the filesystem, so
# we use a single file

# log everything to a central log file
*.*		-/var/log/syslog

# emergencies are sent to everybody logged in
*.emerg		*

EOF
}

function sysctl_config()
{
    echo "$start_tag $start_comm" >> "$sysctl_conf"
    cat >> "$sysctl_conf" <<EOF

# Set cache writeback params to reduce supurious writes
# expire is set to slightly more than ext3 commit interval
# so that writeout is mostly driven by ext3 journal resulting
# in larger write batches
vm.dirty_expire_centisecs = 12100
#vm.dirty_writeback_centisecs = 500

# Reduce the dirty ratios from the default 10% / 40% to 5% / 10%
# as having a lot of pending writes is not useful for our workload
# and generates big I/O pauses during writeback
vm.dirty_background_ratio = 5
vm.dirty_ratio = 10

# Disable memory overcommint accounting as that sometimes
# prevents fork'ing the player to spawn new processes
vm.overcommit_memory = 1

# Increase the maximum receive buffer size for streaming
net.core.rmem_max=1048576

EOF
    echo "$end_tag" >> "$sysctl_conf"
}

function protect_su()
{
    sed_inplace -e 's,^#[[:space:]]*\(auth[[:space:]].*pam_wheel\.so\),\1,' \
	"$pam_su_conf"
}

function unprotect_su()
{
    sed_inplace -e 's,^[[:space:]]*\(auth[[:space:]].*pam_wheel\.so\),# \1,' \
	"$pam_su_conf"
}

function add_extra_securetty()
{
    echo "$start_tag $start_comm" >> "$securetty"
    cat >> "$securetty" <<EOF

# ttyS1 is another secure port on Sakura
ttyS1
# ttyO{0,1,2} are the native UART ports on DM816x and similar used for console
ttyO0
ttyO1
ttyO2
EOF
    echo "$end_tag" >> "$securetty"
}

function workaround_udev_bugs()
{
    # The udev init script thinks that having /dev/null as stdin is
    # interactive... teach him.
    # Modifying the udev script here is not a proper fix but a hack,
    # the proper fix is to patch udev RPM, but we need the SRPM for that.
    sed_inplace -e '/^[^[]\+\[\s\+-z\s\+"$TTY"\s\+-o\s\+"$TTY"\s\+=\s\+"\/dev\/console"\s\+\][^]]\+$/s,\[\([^]]\+\),[\1-o "$TTY" = "/dev/null" ,' "$udev_init"
}

function workaround_stty_hang()
{
    grep -q '^[[:space:]]*stty[[:space:]]' "$rc_script" || return 0
    sed_inplace -e 's,\(^[[:space:]]*stty[[:space:]].*\),#\1 # Disabled since potential hang with current serial driver,' "$rc_script"
}

function inittab_conf()
{
    if [ "$rc_ctrlaltdel_mode" = "poweroff" ]; then
        sed_inplace -e 's,^\([^#]\+:ctrlaltdel:\).*,\1/sbin/shutdown -t1 -a -h now,' "$inittab"
    fi
    sed_inplace -e 's,^\(con:.*console\),#\1,' "$inittab"

    echo "$start_tag $start_comm" >> "$inittab"
    cat >> "$inittab" <<EOF

# Enable a serial console for login but conditional on serial console
# being enabled in the kernel command line.
TS:2345:respawn:/etc/spinetix/seriallogin

EOF
    echo "$end_tag" >> "$inittab"
    
}

function inittab_unconf()
{
    config_clean "$inittab"

    sed_inplace -e 's,^#\(con:.*console\),\1,' "$inittab"
}

function do_rc_conf()
{
    sed_inplace -e 's,^DELAYLOGIN=.*,DELAYLOGIN=no,;s,EDITMOTD=.*,EDITMOTD=no,' "$rc_conf"
}

function set_adjtime()
{
    # Make sure hwclock knows RTC is in UTC (it defaults to local)
    if [ ! -f "$adjtime" ] || ! grep -q UTC "$adjtime"; then
	echo -e "0.0 0 0.0\n0\nUTC" > "$adjtime"
    fi
}

#
# Main
#

case "$1" in
    save)
	# old request, nothing saved any longer
    ;;
    restore)
	# old request, nothing to be restored any longer
    ;;
    config|upgrade)
        if [ "$1" = "config" ]; then
	    # These apply only to "configure", since user may change them
	    check_config "$net_conf" || net_config_eth0_default
	    ntpdate_set_server
	    tz_set_default
	    # some packages have locale files mislabeled and hence are
	    # installed anyways, remove them
	    remove_locale_files
	    # likewise for doc files, but only wanted on non-devel systems
	    is_devel_sys || remove_doc_files
	fi
	# The ones below also apply to upgrade
	php_tz_set_to_sys
	nscd_config # this one has no revert counterpart
	check_config "$ppp_pap_secrets" || ppp_pap_secret_config
	check_config "$ppp_chap_secrets" || ppp_chap_secret_config
	config_clean "$sshd_conf"
	dhcpcd_set_opts
	set_passwd
	sshd_init_set_opts
	sshd_config
	sshdelayed_disable_autostart
	check_config "$inittab" || inittab_conf
	do_rc_conf # this one has no revert counterpart
	set_adjtime
	workaround_udev_bugs
	workaround_stty_hang
	rpm_opts_set
	cron_jobs_set
	logrotate_conf
	syslog_conf
    	config_clean "$sysctl_conf"
	sysctl_config
	protect_su
	config_clean "$securetty"
	add_extra_securetty
    ;;
    upgrade-nscd)
	nscd_config # this one has no revert counterpart
    ;;
    upgrade-ppp)
	check_config "$ppp_pap_secrets" || ppp_pap_secret_config
	check_config "$ppp_chap_secrets" || ppp_chap_secret_config
    ;;
    upgrade-udev)
	workaround_udev_bugs
    ;;
    upgrade-snmp)
	snmp_upgrade
    ;;
    upgrade-initscripts)
	workaround_stty_hang
    ;;
    upgrade-syslog)
	syslog_conf
    ;;
    convert-ntpdate)
	ntpdate_convert_server
    ;;
    revert)
	config_clean "$net_conf"
	ntpdate_remove_server
	dhcpcd_unset_opts
	tz_unset_default
	config_clean "$ppp_pap_secrets"
	config_clean "$ppp_chap_secrets"
	config_clean "$sshd_conf"
	sshd_init_unset_opts
	inittab_unconf
	rpm_opts_del
    	config_clean "$sysctl_conf"
	unprotect_su
	config_clean "$securetty"
    ;;
    dhcp)
	config_clean "$net_conf"
	net_config_eth0_dhcp
    ;;
    net)
	net_config_eth0 "$2"
    ;;
    *)
    	echo "Usage: $0 {config|upgrade|revert|save|restore|dhcp|net <config>}"
esac
