#!/bin/bash

. /usr/share/groovix/global.conf

#remove all user temp files 

# $FILE could be a FILE or DIRECTORY

#we're running single user mode so wipe everything out for all non-root users
FINDARGS=""

find /tmp/ /var/tmp/ /var/lock/ /var/crash/ /var/metrics/ /var/spool/cups-pdf $FINDARGS | while read FILE ; do
	THISUSERID=`stat --printf "%u\n" "$FILE"`
	THISUSERNAME=`getent passwd $THISUSERID| cut -f 1 -d:`
	#remove if owned by a non-privleged user (with user id >= 1000)
	if [ -n "$THISUSERID" ] && [ $THISUSERID -ge 1000 ] ; then
		echo removing "$FILE" owned by id $THISUSERID name $THISUSERNAME with rm -rf
		rm -rf "$FILE"
	else
		echo not removing "$FILE" owned by id $THISUSERID name $THISUSERNAME
	fi
done

#get rid of other places where normal users can write
# let's remove /var/spool/cups-pdf/ANONYMOUS too - shouldn't need it anyways
	rm -rf /var/spool/cups-pdf/ANONYMOUS/*

#get rid of /tmp/pstopdf files owned by lp 
rm -f /tmp/pstopdf*

#in 2017 /media/* dirs get created, owned by root
rmdir /media/*


#######################################################
# clean up /home
#######################################################

if [ "$GX_REFORMAT_HOME" = "true" ] ; then
#reformat /home to be as clean as possible
	echo "the GX_REFORMAT_HOME option is not implemented yet"
else
#do dir by dir

#process dirty dirs, saving or deleting as necessary
shopt -s nullglob
for T in /var/lib/groovix/session-info/*.dirty-home ; do
        echo found dirty home marker $T
        TUSER=$(basename $T | cut -f 1 -d.)
	THOME=$(getent passwd $TUSER | cut -f 6 -d:)
	THDNAME=$(basename $THOME)
	echo processing user $TUSER dirty home dir $THOME
	
	LASTUSER=$(cat /var/lib/groovix/session-info/current-user)
	LASTHOME=$(cat /var/lib/groovix/session-info/current-home)
	LASTHDNAME=$(basename $LASTHOME)


	DORESET=true

	# PRESERVE HOME IF CRASHED
	#this should only be enabed when using authentication and distinct user names 
	# so only the original user can recover their environment in case of a crash
	# SHOULD WE EXPAND THIS TO COVER FORCED LOGOUTS DUE TO TIME EXPIRATION, ETC?
	if [ "$GX_PRESERVE_HOME_IF_CRASHED" = "true" ]  ; then
		#only want to preserve home if previous session got past acceptable use stage, but ended abnormally
		if [ -e /var/lib/groovix/session-info/post-accept-use ] && [ ! -e /var/lib/groovix/session-info/$LASTUSER.session-ended-normally ] ; then
			if [ "$TUSER" = "$LASTUSER" ] && [ "$THOME" = "$LASTHOME" ] ; then
				#last session used this home dir, preserve it
				DORESET=false
				echo "last session did NOT end normally, not removing home dir $THOME"
				#add to exclude list
				CRASHEXCLUDE=$THDNAME
			fi
		fi
	fi

	if [ "$LASTUSER" == "gvadmin" ]  ; then
		DORESET=false
		echo last user was gvadmin, NOT removing home dir $LASTHOME
	fi

	if [ "$GX_BACKUP_HOME" = "true" ] ; then
		#save old copies for rescue or debug
		SAVEDIR=/var/lib/groovix/backuphome
		DIRSIZE=`du -sk $THOME`
		#multiply DIRSIZE by 4 to make sure we have plenty of disk space left 
		let DIRSIZE*=4
		FREESIZE=`df $SAVEDIR | grep -v Filesystem | awk '{print $4}'`
		if [ $FREESIZE -gt $DIRSIZE ] ; then
			mkdir -p $SAVEDIR/$THDNAME/
			chmod 700 $SAVEDIR
			chmod 700 $SAVEDIR/$THDNAME/
			rm -rf $SAVEDIR/$THDNAME/2
			mv  $SAVEDIR/$THDNAME/1  $SAVEDIR/$THDNAME/2
			rsync -a $THOME/ $SAVEDIR/$THDNAME/1/
			chmod -R g-r,g-w,g-x,o-r,o-w,o-x  $SAVEDIR/$THDNAME/1
			chown -R root.root $SAVEDIR
		else
			echo not enough free space in $SAVEDIR to backup $THOME
		fi
	fi


	#not necessary any more because we just do an rsync --delete, but is rm more reliable or quicker than rsync?
	if [ "$DORESET" = "false" ] ; then
		echo not removing home dir /home/$THDNAME
	else
		echo removing home dir /home/$THDNAME
		rm -rf /home/$THDNAME
	fi


done #end dir by dir do


fi  #end REFORMAT else

#put pre-built home dirs in place
# --delete and --exclude options added to deal with preserved home dir in case of crash
# --delete not really necessary since we already deleted any dirty dirs, but doesn't hurt
echo rsync -a --delete --exclude=/gvadmin --exclude=/$CRASHEXCLUDE /var/lib/groovix/home/ /home/
rsync -a --delete --exclude=/gvadmin --exclude=/$CRASHEXCLUDE /var/lib/groovix/home/ /home/
chmod 755 /home/
