#! /bin/sh -f
##
## etc/installconf:					June 1996
##
## installconf is cloned from apps/agent-boot.sh, which is
## still present from the original SunOS distribution.
##
## special: if run as -mini (in the meaning of minimal restrictions)
##	    the ident-table and the process-table are nevertheless
##	    excluded for the v1 `public' community string,
##	    but with the `private' v1 community string are included,
##	    with all permissions included.
##
##	    hopefully the README.linux had told you about...
##

usage() {
	echo "usage: installconf [-mini/-semi/-very] password" 1>&2
	echo "   use -mini, -semi, or -very  only exactly once" 1>&2
	exit 1
}

##
## the path we expect `installconf':
##
P=cmu-snmp-linux-3.1/etc/

##
## path to installed snmpd:
##
AGENT=/usr/sbin/snmpd

##
## files to create:
##
CONF=/etc/snmpd.conf
INFO=/etc/snmpd.agentinfo

TMP=/tmp/snmpd.$$

trap "rm -f $TMP" 1 2 3 13 15

##
## parse arguments:
##
for A in "$@"
do
    case "$A" in
	-mini|-semi|-very)
		if [ ! -z "$POSTURE" ]; then
			usage
		fi
		POSTURE="$A"
		;;

	-*)	echo "unknown option: $A" 1>&2
		usage
		;;

	*)	if [ ! -z "$PASSWORD" ]; then
		    usage
		else
		    PASSWORD="$A"
		fi
		;;
    esac
done

if [ "$PASSWORD" = "" ] ; then
	usage
fi

if [ -z "$POSTURE" ]; then
    ## use the restricted view (not the mini)
    LEVEL=xmini
else
    LEVEL="`echo $POSTURE | sed -e s%-%%`"
fi


##
## lookup path to ifconfig:
##
ifc="ifconfig"
for f in /bin /sbin /etc /usr/bin /usr/sbin $PATH ; do 
	if [ -x $f/$ifc ] ; then ifc=$f/$ifc ; fi 
done

##
## extract IP address:
##
IP=`$ifc -a \
    | sed -n -e 's/127.0.0.1//' \
	-e 's/.*addr[ :]*\([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*\)[^0-9].*/\1/p' \
	-e 's/.*inet *\([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*\)[^0-9].*/\1/p' \
    | head -1`

if [ -z "$IP" ]; then
    echo "unable to determine IP-address" 1>&2
    exit 1
fi

echo guessed host ip-address: $IP

AGENTID=`echo $IP | awk '{ split($0,quad,".")
	    printf "%02x%02x%02x%02x", 0, 0, 0, 35;
	    printf "%02x%02x%02x%02x", quad[1], quad[2], quad[3], quad[4];
	    printf "%02x%02x%02x%02x\n", 0, 0, 0, 0;
	}'`

##
## lookup path to authkey:
##
aut=authkey
for f in . apps .. ../apps /bin /sbin /etc /usr/bin /usr/sbin $PATH ; do 
	if [ -x $f/$aut ] ; then aut=$f/$aut ; fi 
done

if [ ! -x "$aut" ] ; then
	echo error: cannot find authkey.
	echo please run me from $P
	exit 1
fi

echo -n "generating key from password... "
KEY=`$aut "$PASSWORD" "$AGENTID" | awk '{ print $NF }'`
if [ -z "$KEY" ]; then
	echo "error: empty key."
        exit 1
fi
echo "done."


##
## init agent restarts info file:
##
if [ ! -f $INFO ]; then
    if (echo 0 > $INFO) 2>/dev/null; then
	echo "created $INFO"
    else
	echo "error: unable to create $INFO, you must do so by hand..."
	echo "run \`echo 0 > $INFO'"
    fi
else
    echo "warning: file $INFO already exists - not changed"
fi


cat <<_NASE_ > $TMP
#
# snmpd.conf - created `date`
#

#
# view configuration
#
#	viewName	OID			included/excluded
#

# internet
view	all		.1.3.6.1		included

# internet
view	mini		.1.3.6.1		included

# for v1 public exclude exclude mib-2.ident.identInfo
# and mib-2.host.hrSWRun in the mini view:
view	xmini		.1.3.6.1		included
view	xmini		.1.3.6.1.2.1.24.1	excluded
view	xmini		.1.3.6.1.2.1.25.4	excluded

# system, snmp, usecAgent, usecStats
view	semi		.1.3.6.1.2.1.1		included
view	semi		.1.3.6.1.2.1.11		included
view	semi		.1.3.6.1.6.3.6.1.1	included
view	semi		.1.3.6.1.6.3.6.1.2	included

# snmp, usecAgent, usecStats
view	semi		.1.3.6.1.2.1.11		included
view	semi		.1.3.6.1.6.3.6.1.1	included
view	semi		.1.3.6.1.6.3.6.1.2	included


#
#
# user configuration
#
#	noneRV	noneWV	authRV	authWV	userName[/authKey]
#
user	$LEVEL	-	all	all	public/0x$KEY


#
#
# community configuration
#
#	  commName	readV	writeV
#
_NASE_

if [ "$LEVEL" = mini ] ; then
	echo "community public	x$LEVEL	-" >> $TMP
	echo "## uncomment for private entry:" >> $TMP
	echo "# community private	$LEVEL	$LEVEL" >> $TMP

else
	echo "community public	$LEVEL	-" >> $TMP
fi

cat <<_NASE_ >> $TMP

##
## now follows the specific section of the linux-port.
##

##
## port to use (default is 161):
##
# port:		161

##
## the entry of system.Contact and system.Location:
##
sysContact:		Not Configured
sysLocation:		Not Configured
## the system name is per default determined from the hostname:
# sysName:		chappell 

##
## trap sink address and community string. (passed to snmptrap(1) 
## utility). authentraps contains the value of snmpEnableAuthenTraps;
## (default is \`disabled').
##
trap sink:		localhost
trap community:		public
snmpEnableAuthenTraps:	disabled

##
## specify type and speed of interfaces:
## if the last char is an asterisk, any suffix will match.
## (feel free to add more)
##
interface:	lo*	24	20000000
interface:	dummy*	 1	10000000
interface:	eth*	 6	10000000
interface:	sl*	28	28800
interface:	ppp*	23	28800
interface:	isdn*	20	64000
interface:	ippp*	20	64000

## end of /etc/snmpd.conf
_NASE_


if (mv $TMP $CONF) 2>/dev/null; then
	echo "created $CONF"
else
	echo "unable to create $CONF, you must copy $TMP by hand..."
fi


echo "
*** to run the agent, the file /etc/rc.local needs these lines:

	echo "starting snmpd"
	$AGENT -f
"


exit 0
