#!/bin/sh
#
# /secure/trip_host.sh					Sean Boran, 6.2.96
#
# Function: Run tripwire on $target (via SSH) & initialise database or
#           check if files have been changed.
# Needs:    locally: SSH, /secure/tripwire, /securetw_general.config
#           remotely: SSH, directory /secure
#

##---------- initialise variables -------
workdir='/secure/trip_work'
quiet='-q'
#quiet=''
arg1="$1";
arg2="$2";
USAGE="USAGE: $0  [-h | -help | -initialise | -check]   TARGET_HOST";

if [ "$arg2" != "" ] ; then
    target="$arg2";
else
    target="server1";
fi

## Select tripwire config file
#config="tw_$target.config"
config="tw_general.config"

if [ "$arg1" = "-initialise" ] ; then
    mode="-initialise";
    #echo "Will reinitialise database..."

elif [ "$arg1" = "-check" ] ; then
    mode="-check";
    #echo "Will check database..."

elif [ "$arg1" = "-help" ] ; then
    echo $USAGE
    exit 1;

elif [ "$arg1" = "-h" ] ; then
    echo $USAGE
    exit 1;
else
    echo "Your must select an option -initialise or -check."
    echo $USAGE
    exit 1;
fi

##---------- functions -------
check_err () {
    if [ $* -ne 0 ] ; then
    	echo "SCRIPT ABORTED: error received."
    	exit 1;
    fi
}

# Check connection to $target
ssh $target date >/dev/null
if [ $? -ne 0 ] ; then
    echo "  ==> SCRIPT ABORTED: cannot execute remote commands on $target."
    exit 1;
fi

cd $workdir;

##------ copy necessary files to $target -----
ssh $target "mkdir /secure/tw; mkdir /secure/tw/databases" >/dev/null 2>&1
scp -p /secure/tripwire /secure/$config $target:/secure/tw
check_err "$?";

if [ "$arg1" = "-initialise" ] ; then
    ## Initialise, upload db & wipe on target
    #ssh $target "cd /secure/tw; ./tripwire -c tw_$target.config -q -initialise"
    ssh $target "cd /secure/tw; ./tripwire -c $config -q -initialise"
    check_err "$?";
    scp -p $target:/secure/tw/databases/tw.db_$target .
    check_err "$?";
    ssh $target "rm -rf /secure/tw"
    check_err "$?";

elif [ "$arg1" = "-check" ] ; then
    ## Download db, check for changes, wipe db  on target
    scp -p $workdir/tw.db_$target $target:/secure/tw/databases
    check_err "$?";
    #ssh $target "cd /secure/tw; ./tripwire -c tw_$target.config -d ./databases/tw.db_$target"
    ssh $target "cd /secure/tw; ./tripwire -c $config -d ./databases/tw.db_$target $quiet"
    ssh $target "rm -rf /secure/tw"
    check_err "$?";

else
    echo "Error: $0 bug!"
    exit 1;
fi