#!/bin/sh
######################################
#
# Validate_Maps 
# (C) Magnus Abrante 1999-2001
#
# Simple script to make sure the
# ypmaps are valid... (in terms of
# keys / pairs / etc)
#
# Features left to implement:
# Checks for holes in hosts table (DONE)
# Check for duplicates (by addr) in ethers
# Cleanup Trap (DONE)
#
######################################
#
# Configuration options:
#
# Type, can be either nis(for nis+) or yp
type="nis"
#
# Check IP range if given Subnet:
subnet="129.159.167"

# temp maps:
passmap=/tmp/passwd.$$
automap=/tmp/automap.$$
groupmap=/tmp/group.$$
hostsmap=/tmp/hosts.$$
ethermap=/tmp/ethermap.$$

rm_list="passwd automap group hosts ethermap"

system_users="nuucp root sys daemon tty lp smtp adm daemon majordom nobody listen uucp noaccess sys bin "

# misc variables:
progress="1"

# functions:
functions="users_in_automap home_in_passwd users_in_group check_primary_group check_groupname login_length check_hosts"

##################################
# 
# Progress meter
#
##################################
progress_meter () {
	case $progress in
	"1")
		echo "-\b\c"	
		progress="2"
		;;
	"2")
		echo "\\ \b\b\c"
		progress="3"
		;;
	"3")
		echo "|\b\c"
		progress="4"
		;;
	"4")
		echo "/\b\c"
		progress="5"
		;;
	"5")
		echo "-\b\c"
		progress="6"
		;;
	"6")
		echo "\\ \b\b\c"
		progress="7"
		;;
	"7")
		echo "|\\b\c"
	        progress="8"
		;;
	"8")
		echo "/\b\c"
		progress="1"
		;;
	esac
}

##################################
# 
# Our (vacum)cleaner..
#
##################################
cleanup () {
	for file in $rm_list; do
		rm /tmp/${file}.$$
	done
	exit 0
}

##################################
#
# Main:
#
##################################
main () {
	if [ "${type}" = "nis" ]; then
		type_ext=".org_dir"
		auto_home="auto_home"
	else
		auto_home="auto.home"
		auto_switch="-k"
	fi
	
	# generate maps:
	${type}cat passwd${type_ext} > $passmap
	${type}cat ${auto_switch} ${auto_home}${type_ext} > $automap
	${type}cat group${type_ext} > $groupmap
	${type}cat hosts${type_ext} > $hostsmap
	${type}cat ethers${type_ext} > $ethermap

	# make sure we cleanup upon ctrl+c
	trap cleanup 2
	for function in $functions; do
		$function
		if [  -z "${errors}" ]; then
			echo "done"
		else
			echo "done"
			echo "${fancy_text} ${errors}\n"
			errors=""
		fi
	done
	cleanup
}
##################################
#
# users_in_automap
#
##################################
users_in_automap () {
	fancy_text="these users dont exist but have entries in auto.home:"
	echo "validating users in map auto.home.. \c"
	for i in `cat $automap | awk '{print $1}'`;do 
		progress_meter
		if [ -z "`grep \"^${i}:\" $passmap `" ]; then
			errors="${i} ${errors}"
		fi
	done
}

##################################
#
# test homes in passwd
#
##################################
home_in_passwd () {
	fancy_text="these users dont have an existing \$home (in passwd):"
	echo "validating homes in map passwd.. \c"
	for i in `cat $passmap | cut -d: -f6`; do
		progress_meter
		if [ ! -d "${i}" ]; then
			user="`grep ${i} $passmap | cut -d: -f1`"
			errors="${user} ${errors}"
		fi
	done
}

##################################
#
# Test users in the group map
#
##################################
users_in_group () {
	echo "validating users in group map.. \c"
	fancy_text="these non-existing users are in the groupmap:"

	for i in `cat $groupmap | cut -d: -f4 | sed -e "s/,/ /g" `; do
		progress_meter

		# check if the user in question already have been noted in $errors:
		test_users=`echo ${errors} | grep $i`
		test_sysuser="`echo $system_users |grep $i`"

		if [ -z "${test_users}" -a -z "${test_sysuser}" ]; then
			user=`cat $passmap | grep "^${i}:"`
			if [ -z "${user}" ]; then	
#				groups="`cat $groupmap | grep $i | cut -d: -f1`"
				errors="${i} ${errors}"
			fi
		fi
	done
}

##################################
#
# Checks if the users primary
# groups exists.
#
##################################
check_primary_group () {
	fancy_text="These users have an invalid primary group:"
	echo "validating primary groups.. \c"
	for user in `cat ${passmap} | cut -d: -f 1`; do
		progress_meter
		primary_group=`grep "^${user}:" ${passmap} |cut -d: -f 4`
		test_group=`grep ":${primary_group}:" ${groupmap}`
		if [ -z "${test_group}" ] ; then
			errors="${user} ${errors}"
		fi
	done
}

##################################
#
# Check if the groupname is correct
# (aka doesn't cointains "-"
#
##################################
check_groupname () {
	for i in `cat $groupmap | cut -d: -f1`; do
		progress_meter
		test_gid=$i
	done
}

##################################
#
# Check if any user have a login-
# name longer than 8 chars
#
##################################
login_length () {
	echo "validating length of loginnames.. \c"
	fancy_text="These users have loginnames longer than 8 chars:"
	for user in `cat $passmap | cut -d: -f 1`; do
		progress_meter
		length=`echo $user | wc |awk '{print $3}'`	
		if [ ${length} -gt 9 ]; then
			errors="${user} ${errors}"
		fi
	done
}

##################################
#
# Checks the range of IPs in
# hosts table
#
##################################
check_hosts () {
	if [ -z "${subnet}" ]; then
		return
	fi
	echo "validating hosts map (checking for holes).. \c"
	fancy_text="These IP's are not in the hosts table"
	count="1"
	while [ ${count} -lt 255 ]; do # .255 is probably not in it anyway, why chk?
		progress_meter
		check_ip=`grep "${subnet}.${count} " ${hostsmap}`
		if [ -z "${check_ip}" ]; then
			errors="$count $errors"
		fi
		count=`echo ${count}+1 |bc`
	done
}

####################################################################
# Main:
####################################################################
main $@