#!/bin/bash
echo "---------------------------------------------------------------------------"
echo ""
echo ""
echo "This script will enable you to use the University at Buffalo's "
echo "Red Hat Enterprise Network (RHEN) Proxy Server to retrieve updates"
echo "distributed via the Red Hat Network. "
echo ""
echo "Contact ublinux-support@buffalo.edu if you have any problems or questions"
echo ""
echo "---------------------------------------------------------------------------" 


# got net? 
wget http://redhat.buffalo.edu/pub/citlinuxkey.pub.asc -O /tmp/citlinuxkey.pub.asc > /dev/null 2>&1 
if ! test -r /tmp/citlinuxkey.pub.asc ; then 
	echo ""
	echo "Error: Unable to contact the RHEN Proxy Server."
	echo ""
	echo "Please check your network connection and re-run the script."
	echo ""
	exit 1
fi

# got root? 
if ! test -r /proc/kmsg ; then
    echo ""
    echo "Error: This script must be run with superuser privileges."
    echo ""
    echo "Refer to http://www.cit.buffalo.edu/linux/superuser.html for"
    echo "instructions on using superuser privileges."
    echo ""
    exit 1
fi

echo -n "RHEN Proxy Enabler script started at " >> /root/RHEN-Proxy-Enabler.log
date >> /root/RHEN-Proxy-Enabler.log

# Configure clients to talk to redhat.buffalo.edu:
echo "perl -pi -e 's/xmlrpc\.rhn\.redhat\.com/redhat\.buffalo\.edu/g' /etc/sysconfig/rhn/up2date" >> /root/RHEN-Proxy-Enabler.log

perl -pi -e 's/xmlrpc\.rhn\.redhat\.com/redhat\.buffalo\.edu/g' /etc/sysconfig/rhn/up2date 2>> /root/RHEN-Proxy-Enabler.log
echo "" >> /root/RHEN-Proxy-Enabler.log

# Install the SSL certificate:
# Replaced for new cert.  Now this script should always work.
#echo "rpm -Uvh http://redhat.buffalo.edu/pub/rhns-ca-cert-2.0-1.noarch.rpm" >> /root/RHEN-Proxy-Enabler.log
#rpm -Uvh http://redhat.buffalo.edu/pub/rhns-ca-cert-2.0-1.noarch.rpm 2>> /root/RHEN-Proxy-Enabler.log 2>> /root/RHEN-Proxy-Enabler.log
echo "cp /usr/share/rhn/RHNS-CORP-CA-CERT{,-orig}" >> /root/RHEN-Proxy-Enabler.log
cp /usr/share/rhn/RHNS-CORP-CA-CERT{,-orig} 2>> /root/RHEN-Proxy-Enabler.log 2>> /root/RHEN-Proxy-Enabler.log
echo "" >> /root/RHEN-Proxy-Enabler.log

echo "wget -O /usr/share/rhn/RHNS-CORP-CA-CERT http://redhat.buffalo.edu/pub/RHNS-CORP-CA-CERT" >> /root/RHEN-Proxy-Enabler.log
wget -O /usr/share/rhn/RHNS-CORP-CA-CERT http://redhat.buffalo.edu/pub/RHNS-CORP-CA-CERT  2>> /root/RHEN-Proxy-Enabler.log 2>> /root/RHEN-Proxy-Enabler.log
echo "" >> /root/RHEN-Proxy-Enabler.log


# Tell the client to use the SSL cert: 
echo "perl -p -i -e 's/^sslCA/#sslCA/g;' /etc/sysconfig/rhn/up2date" >> /root/RHEN-Proxy-Enabler.log
perl -p -i -e 's/^sslCA/#sslCA/g;' /etc/sysconfig/rhn/up2date 2>> /root/RHEN-Proxy-Enabler.log
echo "sslCACert=/usr/share/rhn/RHNS-CORP-CA-CERT" >> /etc/sysconfig/rhn/up2date
echo "" >> /root/RHEN-Proxy-Enabler.log

# Install the public GPG key. UBLinux systems will already have this,
# installing it a second time shouldn't hurt anything.
# Note that the key was downloaded as part of testing for a network connection

echo "rpm --import /tmp/citlinuxkey.pub.asc" >> /root/RHEN-Proxy-Enabler.log
rpm --import /tmp/citlinuxkey.pub.asc 2>> /root/RHEN-Proxy-Enabler.log
echo "" >> /root/RHEN-Proxy-Enabler.log

# Clean up the key: 
echo "rm /tmp/citlinuxkey.pub.asc" >> /root/RHEN-Proxy-Enabler.log
rm /tmp/citlinuxkey.pub.asc 2>> /root/RHEN-Proxy-Enabler.log
echo "" >> /root/RHEN-Proxy-Enabler.log

# Entitle the machine using an activation key
# Eventually we want to sanity check the key, but this isn't working right 
#   if [[ $1 == "[0123456789abcdef].*" ]] ; then 
if [ -n $1 ] ; then
# should we put a "--force" here?
/usr/sbin/rhnreg_ks --activationkey=$1  

echo -n "RHEN Proxy Enabler script finished at " >> /root/RHEN-Proxy-Enabler.log
date >> /root/RHEN-Proxy-Enabler.log 

echo ""
echo "RHEN Proxy Enabler script finished. "
echo ""
echo "Log file located in /root/RHEN-Proxy-Enabler.log"
echo ""

else
echo -n "RHEN Proxy Enabler script finished at " >> /root/RHEN-Proxy-Enabler.log
date >> /root/RHEN-Proxy-Enabler.log 

echo ""
echo "RHEN Proxy Enabler script finished. "
echo ""
echo "Note that you must manually entitle your system to use the Red Hat Network"
echo ""
echo "Log file located in /root/RHEN-Proxy-Enabler.log"
echo ""
fi

exit