#!/usr/bin/perl

# ------------------------------------------------------------------
#
#    Copyright (C) 2002-2005 Novell/SUSE
#
#    This program is free software; you can redistribute it and/or
#    modify it under the terms of version 2 of the GNU General Public 
#    License published by the Free Software Foundation.
#
# ------------------------------------------------------------------


################################################################################
# ag_apparmor
#
#	Version 0.61
################################################################################

use strict;
use ycp;
use Data::Dumper;
use Immunix::AppArmor;


# Subroutines
################################################################################

sub getAppArmorStatus {

  my $aaStatus = "disabled";

  # Ok check that there are profiles loaded to 
  # determine status
  my $mountpoint = Immunix::AppArmor::check_for_apparmor();
  if ( $mountpoint ) {
    open( PROFILES, "cat $mountpoint/profiles|" );
    while (<PROFILES>) {
      # Ensure we have loaded profiles
      # not just a loaded module
      if ( /\// ) {
        $aaStatus = "enabled";
        last;
      }
    } 
    close PROFILES;
  } 
  return $aaStatus;
}

sub profileSyntaxCheck {
   my $errlist = [];
   Immunix::AppArmor::checkIncludeSyntax($errlist);
   Immunix::AppArmor::checkProfileSyntax($errlist);
   my @errlist = Immunix::AppArmor::uniq(@$errlist);
   return \@errlist;
}


# Main 
################################################################################

while ( <STDIN> ) {
  my ($command, $path, $argument) = ycp::ParseCommand($_);

  my $result = undef;
  my $donereturn = 0;
  if ( $command && $path && $argument ) {
    if ( $argument eq 'aa-all') {
      my %hResult = '';		# hashed result, duh 
      $hResult{'aa-status'} = getAppArmorStatus();
      #ycp::ycpReturnHashAsMap( %hResult );
      ycp::Return( %hResult );
      $donereturn = 1;
    } elsif ( $argument eq 'aa-status') {
      $result = getAppArmorStatus();
    } elsif ( $command eq "Read" and $argument eq 'custom-includes') {
      my $cfg = Immunix::AppArmor::read_config("logprof.conf");
      my @ret = split(' ', $cfg->{settings}{custom_includes});
      ycp::ycpReturn(\@ret);
      $donereturn = 1;
    } elsif ( $command eq "Execute" and $argument eq 'profile-syntax-check') {
      $result = profileSyntaxCheck();
      ycp::ycpReturn($result);
      $donereturn = 1;
    }
    ycp::ycpReturnSkalarAsString( $result ) if ( ! $donereturn );
  } 
  else {
      #ycpGetCommand and ycpGetArgType is obsolete, we have those
      #from ycp::ParseCommand
      if ($command eq "result") {
  	exit 0;
      } else { 
          $result = "Unknown instruction $command or argument: $argument\n";
          ycp::ycpReturnSkalarAsString( $result );
      }
  }
  print "\n";
}
exit 0;



