#!/bin/ksh
################################################################################
#
# Copyright (c) 2002-2003 Sun Microsystems, Inc. All rights reserved
#
# @(#)config.ksh	1.86 03/08/13
#
################################################################################

calledname=$0; export calledname
progname=`basename $0`

cwd=`pwd`
BINDIR=`dirname $0`
cd $BINDIR
BINDIR=`pwd`
export BINDIR
PATH=${BINDIR}:/usr/bin:$PATH

# This was changed due to the ESM 1.2 wrapper config script.
# The "3" indicated that the user has select the q (quit) 
# option in ckyorn or ckstr.  
# Old code: trap 'stty echo; exit 3' 1 2 3 15
trap 'stty echo; exit 0' 1 2 3 15

# Setup the application property prefixes
#
GREROOT=$BINDIR/..
cd $GREROOT
GREROOT=`pwd`
export GREROOT

cd $cwd

# Code to handle running SSCS in ESM 1.2 or DME 1.2
# ESM 1.2 is the default environment.
#---------------------------------------
# return 1 if esm package for 1.x version is found
#---------------------------------------
function check_esm
{
    esm=SUNWstm
    maxmajor=1

    ESM_PKG_FLAG=0
    /bin/pkginfo -q $esm
    if [ $? -eq 0 ]; then
        ver=`/bin/pkgparam SUNWstm VERSION  | cut -d',' -f1`
        major=`echo $ver | cut -d'.' -f1`
        if [ $major -eq $maxmajor ]; then
            ESM_PKG_FLAG=1
        fi
    fi
    return $ESM_PKG_FLAG
}

#
# method to get config info
#
function getConfigInfo {
	title=$1
	echo "-----------------------"
	echo " $title "
	echo "-----------------------"
	display_current
}

#
# method to check if esm lib exist
# before using generic_log_title
#
function log_title {
    if [ $ESM_PKG_FLAG -eq 1 ]; then
        if [ -d $ESM_LIB_DIR ]; then
            ESM_LOG=$1
	    ESM_SILENT=1
            generic_log_title "$2" "$3" "$4"
        fi
    fi
}

check_esm
if [ $ESM_PKG_FLAG -eq 1 ]; then
    sadename=SSDE
    sadeport=8088
    sadedesc='Sun StorEdge(tm) Diagnostic Expert'
    BASE_DIR=`pkgparam SUNWstm BASEDIR`
    ESM_LIB_DIR=$BASE_DIR/SUNWstm/lib
    if [ -d $ESM_LIB_DIR ]; then
        . $ESM_LIB_DIR/esm_global.ksh
        . $ESM_LIB_DIR/esm_pkgs.ksh
        . $ESM_LIB_DIR/esm_lib.ksh
        LOGFILE=$ESM_CS_LOG
    fi
else
    sadename=SADE
    sadeport=7654
    sadedesc='Sun Automated Diagnostic Environment'
    LOGFILE=/var/sadm/install/logs/SUNWdm.log
fi

APP_NAME=sscs
SERVICE_PREFIX=$APP_NAME.service
ETC_SERVICES=${GREROOT}/etc/services

# Set the name of the message object file to be used for i18n
#
TEXTDOMAIN=SUNW_SMS_inst
TEXTDOMAINDIR=${GREROOT}/lib/locale
export TEXTDOMAIN
export TEXTDOMAINDIR

if [ ! -d /usr/bin ] ; then
    msg=`gettext $TEXTDOMAIN 'ERROR: /usr is not mounted.'`
    echo $calledname: $msg >&2
    exit 1
fi

if [ -x /usr/bin/id ] ; then
    eval `/usr/bin/id | /usr/bin/sed 's/[^a-z0-9=].*//'`
    if [ "${uid:=0}" -ne 0 ]
    then
	msg=`gettext $TEXTDOMAIN 'ERROR: Only root can run'`
	echo $calledname: $msg $progname >&2
	exit 2
    fi
else
    msg=`gettext $TEXTDOMAIN 'ERROR: can't check used id.'`
    echo $calledname: $msg >&2
    exit 2
fi

YES=`gettext $TEXTDOMAIN 'y'`
NO=`gettext $TEXTDOMAIN 'n'`
eval YES_OR_NO="\"`gettext $TEXTDOMAIN 'Please, enter ${YES} or ${NO}.'`\""

MYPID=$$

#  Generate the local system's fully qualified hostname
#
h_name=`hostname`
[ -z "$h_name" ] && h_name=`uname -n`
if [ -f /etc/resolv.conf ] ; then
    h_dom=`grep '^domain' /etc/resolv.conf 2> /dev/null | cut -f2 -d' '`
    if [ -z "$h_dom" ] ; then
	h_dom=`grep '^search' /etc/resolv.conf 2> /dev/null | cut -f2 -d' '`
    fi
    [ -n "${h_dom}" ] && h_dom=".${h_dom}"
    h_name=${h_name}${h_dom}
fi

WIDTH=70        # Default line size used by fmtout.

#---------------------------------------
# Arguments: 
#  none
#---------------------------------------
display_menu () {
    sdpmn_intro="\n
Sun StorEdge Configuration Service (SSCS) Configuration:"
    sdpmn_menu="
          (1) Configure all
          (2) CIMOM (Common Information Model Object Manager)
          (3) Web Link to $sadedesc
          (4) Web Link to 9900 Series Device Management Utility
          (5) Add, Edit, Delete SSCS Administrators
          (6) Web Server
          (7) CLI Servers
          (8) Update files on Sun StorEdge T3 and T3+ storage arrays
          (p) Print the Current Configuration
          (q) Quit\n
Your Choice: "

    echo $sdpmn_intro > /dev/stderr
    echo "${sdpmn_menu}\c" > /dev/stderr
    read choice
    [ "$choice" = "" ] && choice=1
    echo $choice
}

display_current () {
    NOTDEF="not defined"

    echo ""
    echo ""
    echo "Currently configured parameters:"
    echo ""

    # CIMOM Configuration Information
	values=`read_file ${ETC_SERVICES}/cimwbem.properties \
				$SERVICE_PREFIX.cimom.username \
				$SERVICE_PREFIX.cimom.hostname`
	if [ $? -eq 0 -a "$values" != "" ] ; then
	    set $values
	    username=$1
	    hostname=$2
    else        
        values=`read_xml_file ${ETC_SERVICES}/cimwbem.xml \
				username \
				hostname`
        if [ $? -eq 0 -a "$values" != "" ] ; then
            set $values
            username=$1
            hostname=$2
        else
            username=$NOTDEF
            hostname=$NOTDEF
        fi
    fi
    echo "CIMOM parameters"
    echo "    cim username:  $username"
    echo "    cim hostname:  $hostname"
    echo " "

   # CIMOM SSDE/SADE Configuration Information
    url=`read_file ${ETC_SERVICES}/storade.properties \
    			$SERVICE_PREFIX.storade.url`
    if [ "$url" = "" ] ; then   
        url=`read_xml_file ${ETC_SERVICES}/storade.xml url`
        if [ "$url" = "" ] ; then   
            url=$NOTDEF
        fi
    fi
    echo "$sadedesc parameters"
    echo "    URL:  $url"
    echo " "
    
    # CIMOM 9900 Configuration Information
    url=`read_file ${ETC_SERVICES}/s9900.properties \
    			$SERVICE_PREFIX.s9900.url`
    if [ "$url" = "" ] ; then   
        url=`read_xml_file ${ETC_SERVICES}/s9900.xml url`
        if [ "$url" = "" ] ; then   
            url=$NOTDEF
        fi
    fi
    echo "9900 Series Device Management parameters"
    echo "    URL:  $url"
    echo " "
    
    # Web Server Configuration Information
    values=`read_file ${ETC_SERVICES}/web.properties \
    			$SERVICE_PREFIX.web.hostname \
    			$SERVICE_PREFIX.web.port \
    			$SERVICE_PREFIX.web.secure.port \
    			$SERVICE_PREFIX.web.secure.enabled \
    			$SERVICE_PREFIX.web.secure.keystore.file`
    if [ $? -eq 0 -a "$values" != "" ] ; then
        set $values
        hostname=${1}
        port=$2
        s_port=$3
        s_enabled=$4
        keystore=${5:-"<not assigned>"}
    else
        values=`read_xml_file ${ETC_SERVICES}/web.xml \
    			hostname \
    			port \
    			secure.port \
    			secure.enabled \
    			secure.keystore.file`
        if [ $? -eq 0 -a "$values" != "" ] ; then
            set $values
            hostname=${1}
            port=$2
            s_port=$3
            s_enabled=$4
            keystore=${5:-"<not assigned>"}
        else
            hostname=$NOTDEF
            port=$NOTDEF
            s_port=$NOTDEF
            s_enabled=$NOTDEF
            keystore=$NOTDEF
        fi
    fi
    echo "Web Server parameters:"
    echo "    hostname:      $hostname"
    echo "    HTTP port:     $port"
    echo "    HTTPS port:    $s_port"
    echo "    HTTPS enabled: $s_enabled"
    echo "    keystore:      $keystore"
    echo " "
    
    # CLI Configuration Information

    echo "CLI parameters:"
    
    propname=$SERVICE_PREFIX.inetd.daemon.telnet.net.port
    values=`read_file $ETC_SERVICES/inetd/telnet.properties $propname`
    if [ $? -eq 0 -a "$values" != "" ] ; then
        set $values
        port=$1
    else
        propname=net.port
        values=`read_xml_file $ETC_SERVICES/inetd/telnet.xml $propname`
        if [ $? -eq 0 -a "$values" != "" ] ; then
            set $values
            port=$1
        else
            port=$NOTDEF
        fi
    fi
    
    echo "    Telnet port:             $port"
    
    propname=$SERVICE_PREFIX.inetd.daemon.shell.net.port
    values=`read_file $ETC_SERVICES/inetd/shell.properties $propname`
    if [ $? -eq 0 -a "$values" != "" ] ; then
        set $values
        port=$1
    else
        propname=net.port
        values=`read_xml_file $ETC_SERVICES/inetd/shell.xml $propname`
        if [ $? -eq 0 -a "$values" != "" ] ; then
            set $values
            port=$1
        else
            port=$NOTDEF
        fi
    fi
    
    echo "    Secure Shell (SSH) port: $port"
    echo " "
    # Admin Users Information
    ausers=`read_file ${GREROOT}/etc/sscs.properties $APP_NAME.users`
    if [ $? -ne 0 -o "$ausers" = "" ] ; then
        ausers=`read_xml_file ${GREROOT}/etc/sscs.xml users`
        if [ $? -ne 0 -o "$ausers" = "" ] ; then
            ausers=$NOTDEF
        fi
    fi
    
    echo "SSCS administrators:"
    echo "    Names: $ausers"
    echo " "
}

#
# Function to output in a format similar to the ck* Solaris tools. It should
# be used for output that spans multiple lines.
#
fmtout () {
    STRING="$1"
    LENGTH=$2
    INDENT=$3
    echo $STRING | fold -bs -w $LENGTH | \
    while read LINE
    do
        echo "${INDENT}${LINE}"
    done
}

#  Function to test the value passed and exit if non-zero
#
check () {
    retstat=$1

    if [ $retstat -eq 3 ]
    then
        retstat=0
	getConfigInfo "New configuration" >> $LOGFILE
	log_title $LOGFILE "SSCS" "" "End of configuration"
        kill -HUP $MYPID
	# This was changed due to the ESM 1.2 wrapper config script.
    # The "3" indicated that the user has select the q (quit) 
    # option in ckyorn or ckstr.  
    # kill -HUP $MYPID
    # "Old code:  exit $retstat"
    
        exit 0
    fi
}

#  Function to prepare a property file for writing
#
#  Input Arguments:	$1	basename of the property file
#			$2	directory on which property file
#				will be residing
#
#  Return Value: 	propfile	fully qualified name of the file
#
setup_propfile () {

    propfile=${2:-${ETC_SERVICES}}/$1

    # first, ensure the entire directory tree is present...
    #
    dname=`dirname ${propfile}`
    [ -d ${dname} ] || mkdir -p ${dname}

    # second, backup any existing file, just in case...
    if [ -f ${propfile} ]; then
	bname=`basename ${propfile}`
	backfile=${dname}/.${bname}

	/bin/cp -f ${propfile} ${backfile}
    fi

    echo ${propfile}
}

#  Function to prepare a property file for writing
#
#  Input Arguments:	$1	basename of the property file
#			$2	directory on which property file
#			$3	to be used for the created file
#				will be residing
#
#  Return Value: 	propfile	fully qualified name of the file
#
edit_propfile () {
    propfile=$1
    propdesc=$2
    umask=$3
    shift 3

    sav_umask=`umask`
    umask $umask

    if [ -f ${propfile} ]; then

	# update each property that was provided
	#
	for property in $@ ; do
	    propname=`echo $property |sed -e 's/=.*//'`
	    propvalu=`echo $property |sed -e "s/$propname=//"`

	    ed ${propfile} >/dev/null 2>/dev/null << !EOF!
/$propname=
s;=.*\$;=$propvalu;
w
q
!EOF!
	    # iff ed fails, the property must not have been in the file
	    #
	    if [ $? -ne 0 ]; then
	        echo $property >> ${propfile} 
	    fi
	done

    else

	# write a brand new file
	#
	cat > ${propfile} <<!EOF!
# $propdesc Properties
#    Generated by: $calledname
#    Generated on: `date`
#
!EOF!

	# append each property that was provided
	#
	for property in $@ ; do
	    echo $property >> ${propfile} 
	done
    fi

    umask $sav_umask
    changed=1
}


#  Function to prompt for a port number for a specific protocol
#
#  Input Arguments:	$1	protocol name
#			$2	default port
#			$3	current port
#
#  Return Value: the port that the user selected
#
get_port () {

    ### Determine the port address...

    proto=$1
    port=$2; ans=
    cport=$3
    default=${cport:-${port}}
    until [ "$ans" = ${NO} ]
    do
	default="$port"
	[ "$cport" = "" ] && cport="<not set>"

	eval prompt="\"`gettext $TEXTDOMAIN 'Enter the ${proto} port number '\
'for the server to listen on (Current: ${cport}, Default: ${port})'`\""

	eval help="\"`gettext $TEXTDOMAIN 'Enter the ${proto} port number '\
'between 2 and 65535 of an available network connection for the '\
'server to attach to and listen on.  Clients will connect '\
'to this port when attaching to the server using ${proto} communications.  '\
'Entering 0 will disable listening on the port ID.'`\""

	error=`gettext $TEXTDOMAIN 'Enter a valid network port number.'`

	ans=`ckrange -W 70 \
			-l 2 \
			-u 65535 \
			-b 10 \
			-d "$default" \
			-p "$prompt" \
			-h "\n$help" \
			-e "$error"`
	check $?

	port=$ans

	default=${NO}

	eval prompt="\"`gettext $TEXTDOMAIN 'Do you want to change your '\
'${proto} port number selection - ${port} ? (Default: ${NO})'`\""

	eval help="\"`gettext $TEXTDOMAIN 'Indicate whether you want to '\
'change your ${port} port ${proto} selection'`\""


	ans=`ckyorn -W 70 \
		    -d "$default" \
		    -p "$prompt" \
		    -h "\n$help" \
		    -e "$YES_OR_NO"` 
	check $?
    done

    echo ${port}
}

#  Function to prompt the user for an arbitrary value
#
#  Input Arguments:	$1	Prompt Description
#			$2	Help Description
#			$3	Error Description
#			$4	Default value
#
#  Return Value: the value the user returned
#
get_value () {

    prompt=$1
    help=$2
    error=$3
    value=$4; ans=
    default=$value
    ans=

    until [ "$ans" = ${NO} ]
    do
	ans=`ckstr -W 70 \
		   -d "$default" \
		   -p "$prompt" \
		   -h "\n$help" \
		   -e "$error"`
	check $?

	value=${ans}

	def1=${NO}

	eval prompt1="\"`gettext $TEXTDOMAIN 'Do you want to change your '\
'selection - ${value} ? (Default: ${NO})'`\""

	eval help1="\"`gettext $TEXTDOMAIN 'Indicate whether you want to '\
'change your (${value}) selection'`\""

	ans=`ckyorn -W 70 \
		    -d "$def1" \
		    -p "$prompt1" \
		    -h "\n$help1" \
		    -e "$YES_OR_NO"` 
	check $?
    done

    echo ${value}
}

#  Function to prompt the user for a password
#
#  Input Arguments:	$1	Username associated
#			$2	(optional) password prompt
#			$3	(optional) password re-prompt
#
#  Return Value: the value the user returned
#
get_passwd () {

    username=$1
    prompt1=$2
    prompt2=$3
    ans=
    passwd=

    if [ "$prompt1" = "" ]
    then
	eval passprompt1="\"`gettext $TEXTDOMAIN 'Please enter password for $username: '`\""
    else
	passprompt1=$prompt1
    fi

    if [ "$prompt2" = "" ]
    then
	eval passprompt2="\"`gettext $TEXTDOMAIN 'Please confirm password for $username: '`\""
    else
	passprompt2=$prompt2
    fi

    ntimes=3
    while [ $ntimes -gt 0 ]
    do
	/usr/bin/echo "${passprompt1}\c" >&2
	stty -echo
	read ans
	stty echo
	echo >&2
	/usr/bin/echo "${passprompt2}\c" >&2

	stty -echo
	read ans1
	stty echo
	if [ "$ans" = "$ans1" -a "$ans" != "" ]
	then
	    passwd=$ans
	    break
	else
	    ntimes=`expr $ntimes - 1`
	fi
    done

    echo >&2
    echo ${passwd}

    if [ "$passwd" = "" ]
    then
	return 1
    else
	return 0
    fi
}

#  Function to read the file whose name has been passed
#
#  Input Arguments:	$1	name of the property file being read
#			$2	a list of string Java system property names
#
#  Return Value:	0	successfully read file
#			<0	could not read file
#
#  Output Value:	a list of the values corresponding to the names
#			of the properties read
#
read_file () {

    path=$1
    shift
    names=$*

    values=
    if [ -f $path ] ; then
	cat $path | \
	while read line ; do
	    echo $line | grep '^[ 	]*#' > /dev/null 2>&1
	    [ $? -eq 0 ] && continue

	    echo $line | grep '^[ 	]*$' > /dev/null 2>&1
	    [ $? -eq 0 ] && continue

	    i=0
	    for name in $names ; do
		val=`echo $line | sed -e "s;$name=;;" 2> /dev/null`
		if [ "$val" != "$line" ] ; then
		    values[i]=$val
		    break
		fi
		i=`expr $i + 1`
	    done
	done
    echo ${values[*]}
    else
    echo $values
    fi
}

#
# The long "val=cat..." parses <name>.xml files with property line formats of:
#        <Property name="hostname"       value="localhost"   export="true" />
#   or
#        <Property name="hostname"
#                  value="localhost"
#                  export="true" />
#
read_xml_file () {
    path=$1
    shift
    names=$*
    values=
    if [ -f $path ] ; then
        i=0
	    for name in $names ; do
           val=`/bin/awk "/\"$name\"/{tmp=substr(\\$3,8); len=length(tmp) - 1;if (len <= 0) { getline;tmp2=substr(\\$1,8); len2=length(tmp2) - 1; print substr(tmp2, 0, len2)} else {print substr(tmp, 0, len)}}" $path 2> /dev/null`
            if [ "$val" != "" ] ; then
                values[i]=$val
            fi
            i=`expr $i + 1`
	    done
        echo ${values[*]}
    else
        echo $values
    fi
}

#  Function to prompt the user whether he want to redo his previous
#  
#  Input Arguments:		$1	the title of the topic we are dealing
#				$2	general help concerning these props
#				$*	a list of value-pairs where the
#					   arg[1+i] is the property name
#					   arg[2+i] is the property value
#
#  Return Value:		0	redo the selection
#				!=0	do not reselect
#
promptForRedo () {

    title="$1"
    help="$2"
    shift; shift

    fmtout "\n$title\n" $WIDTH "    " 2>&1
    while [ $# -ne 0 ]
    do
	prop=$1
	val=$2
	shift; shift
	fmtout "\t${prop}:\t${val}" $WIDTH "\t" 2>&1
    done

    default=${NO}
    eval prompt="\"`gettext $TEXTDOMAIN 'Would you like to reconfigure '\
'those values at this time ? (Default: ${default})'`\""
    xtrahelp=`gettext $TEXTDOMAIN 'You should reconfigure the appropriate '\
'existing values that may have changed since the time of the previous '\
'configuration.'`

    ans=`ckyorn -W 70 \
		-d "$default" \
		-p "$prompt" \
		-h "$help\n$xtrahelp" \
		-e "$YES_OR_NO"` 
    check $?
    retstat=1
    [ "$ans" = "$YES" ] && retstat=0

    return $retstat
}


#
#  Function prompting for the WBEM settings
#
doWBEM () {

    username=
    cimhost=
    passwd=
    ans=

    title=`gettext $TEXTDOMAIN 'Solaris WBEM Services Configuration'`
    echo ""
    echo $title

    if [ "$cim" -eq 2 ] ; then
	ans=${YES}

    else
	default=${YES}

	eval prompt="\"`gettext $TEXTDOMAIN 'Would you like to configure the '\
'Sun StorEdge(tm) Configuration Service Console access to '\
'Solaris WBEM Services at this time ? (Default: ${default})'`\""

	help=`gettext $TEXTDOMAIN 'The Sun StorEdge(tm) Configuration Service '\
'Console requires access to Solaris WBEM Services on this host '\
'to allow it to communicate with the local CIM Object Manager (CIMOM) '\
'for accessing the CIM (Common Information Model) providers. '\
'Once the Sun StorEdge(tm) Configuration Service Console '\
'is configured, access to the local CIMOM will automatically be '\
'performed using the parameters provided.'`

	ans=`ckyorn -W 70 \
			-d "$default" \
			-p "$prompt" \
			-h "\n$help" \
			-e "$YES_OR_NO"` 
	check $?
    fi

    if [ $ans = ${YES} ] ; then

	#  Try to read the config file that may have been assigned
	#  values in a previous 'config' invocation
	#
	values=`read_file ${ETC_SERVICES}/cimwbem.properties \
				$SERVICE_PREFIX.cimom.username \
				$SERVICE_PREFIX.cimom.hostname`
	if [ $? -eq 0 -a "$values" != "" ] ; then
	    set $values
	    username=$1
	    hostname=$2
	    if [ "$username" != "" -a "$hostname" != "" ] ; then
		title=`gettext $TEXTDOMAIN 'Your previous selections '\
'for access to Solaris WBEM Services were'`
		l10nuser=`gettext $TEXTDOMAIN 'cim username'`
		l10nhost=`gettext $TEXTDOMAIN 'cim host'`
		help=`gettext $TEXTDOMAIN 'In order to access Solaris WBEM '\
'Services, the system needs to obtain from you the username to be used '\
'to access the CIMOM (CIM Object Manager) and the name of the host '\
'on which WBEM Services are running.'`
		promptForRedo "$title" "$help" \
			      "$l10nuser" "$username" \
			      "$l10nhost" "$hostname"
		[ $? -ne 0 ] && return 0
	    fi
	fi
	defhost=${hostname:-${h_name}}
	[ -z "$hostname" ] && hostname="<not set>"

	#  CIMOM Host Prompting
	#
	eval prompt="\"`gettext $TEXTDOMAIN 'Enter the hostname where '\
'the CIMOM is located (Current: ${hostname}, Default: ${h_name})'`\""

	help=`gettext $TEXTDOMAIN 'In order to be able to access Solaris '\
'WBEM Services, it is necessary to know the hostname where the '\
'CIMOM is located and to which the Sun StorEdge(tm) Configuration Service '\
'server will attach to.'`

	error=`gettext $TEXTDOMAIN 'Enter a valid hostname '\
'in which the CIMOM is expected to be running.'`

	cimhost=`get_value "$prompt" "$help" "$error" $defhost`

	#  CIMOM Username Prompting
	#
	defuser=${username:-'root'}
	[ -z "$username" ] && username="<not set>"

	eval prompt="\"`gettext $TEXTDOMAIN 'Enter the CIM Username '\
'for accessing the CIMOM (Current: $username, Default: root)'`\""

	help=`gettext $TEXTDOMAIN 'In order to be able to access Solaris '\
'WBEM Services, it is necessary to know the name of a valid username '\
'which is used for accessing the CIMOM.'`

	error=`gettext $TEXTDOMAIN 'Enter a valid username '\
'for communication to the CIMOM.'`

	username=`get_value "$prompt" "$help" "$error" $defuser`

	#  CIMOM Username Password Prompting
	#
	passwd=`get_passwd "$username"`

	if [ $? -ne 0 ] ; then
	    errmsg=`gettext $TEXTDOMAIN 'ERROR: null password passed'`
	    fmtout "$calledname: $errmsg" $WIDTH "\t" 2>&1
	fi

	passwd=`echo $passwd | sspv --piped --add -U $username -H $cimhost`

	#  CIMOM Client RMI Port
	#
	SOLARIS_REV=`uname -r`
	rmiport=8181    

	#  Output the properties
	#
	propfile=`setup_propfile cimwbem.properties`

	edit_propfile ${propfile} 'CIMOM Service' '0377' \
		"$SERVICE_PREFIX.cimom.hostname=$cimhost" \
		"$SERVICE_PREFIX.cimom.username=$username" \
		"$SERVICE_PREFIX.cimom.password=$passwd" \
		"$SERVICE_PREFIX.cimom.rmiport=$rmiport"

    fi

    return 0
}

#
#  Function prompting for the StorAde settings
#
doStorAde () {

    ans=

    eval title="\"`gettext $TEXTDOMAIN '$sadedesc Configuration'`\""
    echo ""
    echo $title

    if [ "$storade" -eq 2 ] ; then
	ans=${YES}
    else
	default=${YES}

	eval prompt="\"`gettext $TEXTDOMAIN 'Would you like to configure the '\
'Sun StorEdge(tm) Configuration Service Console access to the '\
'$sadedesc ($sadename) at this time ? '\
'(Default: ${default})'`\""

	eval help="\"`gettext $TEXTDOMAIN 'Configuring the Sun StorEdge(tm) Configuration '\
'Service Console to access the $sadedesc '\
'allows it to access the Health, Test and Diagnostics utilities. '\
'Once the Sun StorEdge(tm) Configuration Service Console '\
'is configured, access to the $sadedesc '\
'will automatically be performed using the configuration '\
'parameters provided.'`\"" 

	ans=`ckyorn -W 70 \
			-d "$default" \
			-p "$prompt" \
			-h "\n$help" \
			-e "$YES_OR_NO"` 
	check $?
    fi

    if [ $ans = ${YES} ] ; then
	#  Try to read the config file that may have been assigned
	#  values in a previous 'config' invocation
	#
	url=`read_file ${ETC_SERVICES}/storade.properties \
				$SERVICE_PREFIX.storade.url`
	if [ "$url" != "" ] ; then
	    title=`gettext $TEXTDOMAIN 'Your previous selections '\
'for access to Sun StorEdge(tm) Automated Diagnostic Environment were'`
	    eval l10nsade="\"`gettext $TEXTDOMAIN '$sadename URL'`\""
	    eval help="\"`gettext $TEXTDOMAIN 'The $sadedesc'\
'($sadename) URL is needed in order to provide '\
'access to it from the Configuration Service web-based console. '\
'You should modify the URL any time that the location of SADE changes.'`\""
	    promptForRedo "$title" "$help" "$l10nsade" "$url"
	    [ $? -ne 0 ] && return 0
	fi
	defurl=${url:-"http://${h_name}:$sadeport"}
	[ -z "$url" ] && url="<not set>"

	eval prompt="\"`gettext $TEXTDOMAIN 'Enter the URL for the '\
'location of the $sadedesc '\
'(Current: $url, Default: http://${h_name}:$sadeport)'`\""

	eval help="\"`gettext $TEXTDOMAIN 'Enter the URL where the '\
'$sadedesc are located.'`\""

	error=`gettext $TEXTDOMAIN 'Enter a valid URL in which the '\
'$sadedesc webserver is expected to be running.'`

	url=`get_value "$prompt" "$help" "$error" $defurl`

	#  Output the properties
	#
	propfile=`setup_propfile storade.properties`

	edit_propfile ${propfile} 'SSDE/SADE Service' '0377' \
		"$SERVICE_PREFIX.storade.url=$url"

    fi

    return 0
}


#
#  Function prompting for the S9900 settings
#
doS9900 () {

    ans=
    title=`gettext $TEXTDOMAIN 'Sun StorEdge(tm) 9900 Series Software Configuration'`
    echo ""
    echo $title

    if [ "$s9900" -eq 2 ] ; then
	ans=${YES}

    else
	default=${YES}

	eval prompt="\"`gettext $TEXTDOMAIN 'Would you like to configure the '\
'Sun StorEdge(tm) Configuration Service Console access to the '\
'Sun StorEdge(tm) 9900 Series Software at this time ? '\
'(Default: ${default})'`\""

	help=`gettext $TEXTDOMAIN 'Configuring the Sun StorEdge(tm) '\
'Configuration Service to access the Sun StorEdge(tm) 9900 Series Software '\
'allows the user to manage the 9900 Series through its console. '\
'Once the Sun StorEdge(tm) Configuration Service Console '\
'is configured, access to the Sun StorEdge(tm) 9900 Series Software '\
'will automatically be performed using the configuration parameters provided.'`
	ans=`ckyorn -W 70 \
			-d "$default" \
			-p "$prompt" \
			-h "\n$help" \
			-e "$YES_OR_NO"` 
	check $?
    fi

    if [ $ans = ${YES} ] ; then

	#  Try to read the config file that may have been assigned
	#  values in a previous 'config' invocation
	#
	url=`read_file ${ETC_SERVICES}/s9900.properties \
					$SERVICE_PREFIX.s9900.url`
	if [ "$url" != "" ] ; then
	    title=`gettext $TEXTDOMAIN 'Your previous selections '\
'for access to Sun StorEdge(tm) 9900 Series Console were'`
	    l10ns9900=`gettext $TEXTDOMAIN 'S9900 URL'`
	    help=`gettext $TEXTDOMAIN 'The Sun StorEdge(tm) '\
'9900 Series Software URL is needed in order to provide '\
'access to it from the Configuration Service web-based console. '\
'You should modify the URL any time that the location of 9900 Series console '\
'changes.'`
	    promptForRedo "$title" "$help" "$l10ns9900" "$url"
	    [ $? -ne 0 ] && return 0
	fi
	defurl=${url:-"http://${h_name}:2001"}
	[ -z "$url" ] && url="<not set>"

	eval prompt="\"`gettext $TEXTDOMAIN 'Enter the URL for the '\
'location of the Sun StorEdge(tm) 9900 Series Software '\
'(Current: $url, Default: http://${h_name}:2001)'`\""

	help=`gettext $TEXTDOMAIN 'Enter the URL where the '\
'Sun StorEdge(tm) 9900 Series Storware are located.'`

	error=`gettext $TEXTDOMAIN 'Enter a valid URL in which the '\
'Sun StorEdge(tm) 9900 Series Software webserver is expected to '\
'be running.'`

	url=`get_value "$prompt" "$help" "$error" $defurl`

	#  Output the properties
	#
	propfile=`setup_propfile s9900.properties`

	edit_propfile ${propfile} 'S9900 Service' '0377' \
		"$SERVICE_PREFIX.s9900.url=$url"

    fi

    return 0
}

#
#  Function to prompt the user for the keystore, or generate it
#
#  Input Arguments:	$1	keystore password
#
#  Return Value: the name of the file with the keystore
#
get_keystore () {

    current=${1:-'<not set>'}
    default=$ETC_SERVICES/web/.keystore

    eval prompt="\"`gettext $TEXTDOMAIN 'Please enter the path that contains '\
'the secure webserver SSL keystore (Current: $current, Default: $default)'`\""

    help=`gettext $TEXTDOMAIN 'A keystore is necessary to support the '\
'public key infrastructure used by the secure (https) webserver. '\
'If your server already has an SSL keystore, possibly certified by '\
'an organization like Verisign, Thawte, etc., you can use that keystore. '\
'Otherwise, the keystore will be generated using the Java keytool '\
'utility.'`

    keyfile=`get_value "$prompt" "$help" "$error" $default`
    check $?

    echo ${keyfile}
    return 0
}

#
#  Function to generate the certificate
#
cert_gen () {

    kstore=$1
    keypass=$2
    hostname=$3

    if [ ! -f ${BINDIR}/../../jre/bin/keytool ] ; then
	errmsg=`gettext $TEXTDOMAIN 'ERROR: key generation tool cannot '\
'be found'`
	fmtout "$calledname: $errmsg" $WIDTH "\t" 2>&1
	return 1
    fi

    extrahelp=`gettext $TEXTDOMAIN 'Refer to RFC2253 '\
'(UTF-8 String Representation of Distinguished Names) for more information '\
'about this certificate object identifier.'`

    dname=
    expdate=

    if [ -f $keystore ] ; then
	listout=`${BINDIR}/../../jre/bin/keytool -list -v \
			    -alias tomcat -storepass $keypass \
			    -keystore $kstore 2> /dev/null`
	retstat=$?
	if [ $retstat -gt 1 ] ; then
	    listout=`echo "$listout" | sed -e 's/java.io.IOException: //'`
	    fmtout "$calledname: $listout" $WIDTH "\t" 2>&1
	    return 1
	fi
		
	if [ $retstat -eq 0 ] ; then
	    dname=`echo "$listout" | fgrep Owner 2> /dev/null \
				 | sed -e 's/Owner: //' 2> /dev/null`
	    expdate="\n"`echo "$listout" | fgrep 'Valid from:' 2> /dev/null`
	fi

	if [ $retstat -eq 0 ] ; then
	    prompt=`gettext $TEXTDOMAIN 'The following is the certificate '\
'registration currently configured. Do you want to regenerate it'`
	    help=`gettext $TEXTDOMAIN 'You should regenerate the '\
'certificate in cases such as when the domain name for the host has changed '\
'(the CN field), the organizational description (the O and OU fields) '\
'has changed, the locality (the L, ST, C fields) has changed, '\
'the certificate has expired, or any other reason at your own discretion.'`
	    ans=`ckyorn -W 70 \
			-d "$NO" \
			-p "$prompt - \n$dname$expdate" \
			-h "$help\n$extrahelp" \
			-e "$YES_OR_NO"`
	    check $?

	    [ "$ans" = ${NO} ] && return 0

	    prompt=`gettext $TEXTDOMAIN 'Do you want to preserve the '\
'configured values for the secure webserver certificate'` 
	    eval curr="\"`gettext $TEXTDOMAIN '(Default: ${YES})'`\""
	    help=`gettext $TEXTDOMAIN 'You should reuse the values '\
'when you want to preserve the certificate information, but you just '\
'wish to extend the expiration date.'`
	    ans=`ckyorn -W 70 \
			-d "$YES" \
			-p "$prompt $curr" \
			-h "$help" \
			-e "$YES_OR_NO"` 
	    check $? 

	    [ "$ans" = ${NO} ] && dname=

	    # remove the existing certificate prior to replacing it
	    #
	    ${BINDIR}/../../jre/bin/keytool -delete \
			    -alias tomcat -storepass $keypass \
			    -keystore $kstore 2> /dev/null
	fi
    fi

    if [ "$dname" = "" ] ; then
	done=

	unknown=`gettext $TEXTDOMAIN 'Unknown'`

	CNprompt=`gettext $TEXTDOMAIN 'What is the website host fully '\
'qualified DNS domain name ?'`
	CNhelp=`gettext $TEXTDOMAIN 'This is the CN (common name) attribute '\
'associated with the certificate that is being generated. The CN for the '\
'secure web server is expected to be the fully qualified DNS '\
'(Domain Name Service) name for the host on which the '\
'Sun StorEdge(tm) Configuration Service secure webserver will run. '\
'The name must be unique within the network that will be accessing the '\
'webserver. If another webserver is identified by the same name, you may '\
'not be able to access it because of conflicts in the identification of '\
'the security certificate presented.'`
	CNerror=`gettext $TEXTDOMAIN 'You must provide a valid DNS name.'`
	CN=$unknown

	OUprompt=`gettext $TEXTDOMAIN 'What is the name of your '\
'organizational unit ?'`
	OUhelp=`gettext $TEXTDOMAIN 'This is the OU (organizational unit) '\
'associated with the certificate that is being generated. The OU for the '\
'secure webserver is expected to reflect the organizational hierarchy '\
'of the unit that the Configuration Service belongs to. '\
'The organizational unit is expected to be part of a higher-level '\
'organization. Examples for organizational units include but are not '\
'limited to divisions, departments, etc. within a company.'`
	OU=$unknown

	Oprompt=`gettext $TEXTDOMAIN 'What is the name of your organization ?'`
	Ohelp=`gettext $TEXTDOMAIN 'This is the O (organization) '\
'associated with the certificate that is being generated. The O for the '\
'secure webserver is expected to reflect the organization to which the '\
'OU (organizational unit) belongs to. '\
'Examples for organizations include but are not '\
'limited to companies, enterprises, etc.'`
	O=$unknown

	Lprompt=`gettext $TEXTDOMAIN 'What is the name of your City or '\
'Locality ?'`
	Lhelp=`gettext $TEXTDOMAIN 'This is the L (locality) '\
'associated with the certificate that is being generated. The L for the '\
'secure webserver is expected to reflect the locality (city, town, etc.) '\
'in which the webserver is located.'`
	L=$unknown

	STprompt=`gettext $TEXTDOMAIN 'What is the name of your State or '\
'Province ?'`
	SThelp=`gettext $TEXTDOMAIN 'This is the ST (state) '\
'associated with the certificate that is being generated. If applicable, '\
'you should enter here the name of the state, province, prefecture, etc. '\
'in which the webserver is located.'`
	ST=$unknown

	Cprompt=`gettext $TEXTDOMAIN 'What is the two-letter country code for '\
'this unit ?'`
	Chelp=`gettext $TEXTDOMAIN 'This is the C (country) '\
'official ISO country code associated with the country in which the '\
'webserver is located.'`
	C=$unknown

	ans=${NO}
	while [ "${ans}" != "${YES}" ]
	do
	    eval curr="\"`gettext $TEXTDOMAIN '(Current: $CN, '\
'Default: $hostname)'`\""
	    CN=`ckstr -d "$hostname" -p "$CNprompt $curr" \
		      -h "$CNhelp\n$extrahelp" -e "$CNerror"`
	    check $?

	    eval curr="\"`gettext $TEXTDOMAIN '(Current: $OU)'`\""
	    OU=`ckstr -d "$OU" -p "$OUprompt $curr" -r'.*' -h "$OUhelp\n$extrahelp"`
	    check $?

	    eval curr="\"`gettext $TEXTDOMAIN '(Current: $O)'`\""
	    O=`ckstr -d "$O" -p "$Oprompt $curr" -r'.*' -h "$Ohelp\n$extrahelp"`
	    check $?

	    eval curr="\"`gettext $TEXTDOMAIN '(Current: $L)'`\""
	    L=`ckstr -d "$L" -p "$Lprompt $curr" -r'.*' -h "$Lhelp\n$extrahelp"`
	    check $?

	    eval curr="\"`gettext $TEXTDOMAIN '(Current: $ST)'`\""
	    ST=`ckstr -d "$ST" -p "$STprompt $curr" -r'.*' -h "$SThelp\n$extrahelp"`
	    check $?

	    eval curr="\"`gettext $TEXTDOMAIN '(Current: $C)'`\""
 	    C=`ckstr -d "$C" -p "$Cprompt $curr" -h "$Chelp\n$extrahelp"`
	    check $?

	    dname="CN=$CN, OU=$OU, O=$O, L=$L, ST=$ST, C=$C"
	    eval pro="\"`gettext $TEXTDOMAIN 'Is <$dname> correct'`\""
	    eval curr="\"`gettext $TEXTDOMAIN '(Default: ${NO})'`\""
	    ans=`ckyorn -W 70 \
			-d "$NO" \
			-p "$pro $curr" \
			-h "$help\n$extrahelp" \
			-e "$YES_OR_NO"` 
	    check $?
	done
    fi

    ${BINDIR}/../../jre/bin/keytool -genkey -alias tomcat -keyalg RSA \
				  -keystore $kstore -keypass $keypass \
				  -dname "$dname" -storepass $keypass
    [ $? -ne 0 ] && return 2

    ${BINDIR}/../../jre/bin/keytool -list \
		-keystore $kstore -storepass "$keypass" > /dev/null 2>&1
    if [ $? -ne 0 ]
    then
	errmsg=`gettext $TEXTDOMAIN 'ERROR: invalid keystore password'`
	fmtout "$calledname: $errmsg" $WIDTH "\t" 2>&1
	return 1
    fi
    echo $keypass
    return 0
}

#
#  Function to prompt the user for the keystore password, must match
#  the password used prior to generate the keystore
#
#  Input Arguments:	presumed original keystore password
#			default hostname
#
#  Return Value:	echo validated password
#			0	valid password
#			1	invalid password
#
get_keypass () {

    kstore=$1
    hostname=$2

    prompt1=`gettext $TEXTDOMAIN 'Please enter SSL (https) keystore password: '`
    prompt2=`gettext $TEXTDOMAIN 'Please confirm SSL (https) keystore password: '`

    keypass=`get_passwd "keystore" "$prompt1" "$prompt2"`

    if [ $? -ne 0 ]
    then
	errmsg=`gettext $TEXTDOMAIN 'ERROR: null password passed'`
	fmtout "$calledname: $errmsg" $WIDTH "\t" 2>&1
    fi

    keypass=`cert_gen $kstore $keypass "$hostname"`
    retstat=$?

    [ $retstat -eq 0 -a "$keypass" != "" ] && echo ${keypass}
    return $retstat
}

#
#  Function prompting for the webserver port settings
#
doWebServer () {

    ans=

    title=`gettext $TEXTDOMAIN 'Web Server Configuration'`
    echo ""
    echo $title

    if [ "$web" -eq 2 ] ; then
	ans=${YES}

    else
	default=${YES}

	eval prompt="\"`gettext $TEXTDOMAIN 'Would you like to configure the '\
'Sun StorEdge(tm) Configuration Service Console Web Server at this time ? '\
'(Default: ${default})'`\""

	help=`gettext $TEXTDOMAIN 'Configuring the Sun StorEdge(tm) Configuration Service '\
'Web Server on this host will allow it to act as a Web Server for '\
'the Management Console and any Management Services that support '\
'browser functionality. '\
'Once the Sun StorEdge(tm) Configuration Service Console Web Server '\
'is configured, startup and shutdown of the Web Server will automatically be '\
'performed at system startup or system shutdown time.'`

	ans=`ckyorn -W 70 \
			-d "$default" \
			-p "$prompt" \
			-h "\n$help" \
			-e "$YES_OR_NO"` 
	check $?
    fi

    if [ $ans = ${YES} ]
    then
	port=
	hostname=

	#  Try to read the config file that may have been assigned
	#  values in a previous 'config' invocation
	#
	values=`read_file ${ETC_SERVICES}/web.properties \
				$SERVICE_PREFIX.web.hostname \
				$SERVICE_PREFIX.web.port \
				$SERVICE_PREFIX.web.secure.port \
				$SERVICE_PREFIX.web.secure.enabled \
				$SERVICE_PREFIX.web.secure.keystore.file \
				$SERVICE_PREFIX.web.secure.keystore.pass`
	if [ $? -eq 0 -a "$values" != "" ] ; then
	    set $values
	    hostname=${1}
	    port=$2
	    s_port=$3
	    s_enabled=$4
	    keystore=${5:-"<not assigned>"}
	    keypass=$6

	    title=`gettext $TEXTDOMAIN 'Your previous selections '\
'for configuration of the Configuration Service Web Server were'`
	    l10nhostname=`gettext $TEXTDOMAIN 'hostname'`
	    l10nport=`gettext $TEXTDOMAIN 'http port'`
	    l10nsport=`gettext $TEXTDOMAIN 'https port'`
	    l10nkeystore=`gettext $TEXTDOMAIN 'keystore file'`
	    help=`gettext $TEXTDOMAIN 'You should modify your selection of '\
'the hostname when the DNS name of the host has changed.'\
'You should modify your selection of the http and https (secure) ports '\
'as necessary in order to prevent conflicts with other applications that '\
'may be configured to listen on those ports.                       '\
'You should modify the keystore selection if any of the attributes '\
'related to the secure webserver certificate have changed. These include:\n'\
'                                                            '\
'a. the DNS name of the host.                                '\
'b. the Organizational information                           '\
'c. the Geographical Locality of the webserver.'`
	    promptForRedo "$title" "$help" \
			  "$l10nhostname" "$hostname" \
			  "$l10nport" "$port" \
			  "$l10nsport" "$s_port" \
			  "$l10nkeystore" "$keystore"
	    [ $? -ne 0 ] && return 0
	fi
	defhost=${hostname:-${h_name}}
	[ -z "$hostname" ] && hostname="<not set>"

	#  Web Server Host Prompting
	#
	eval prompt="\"`gettext $TEXTDOMAIN 'Enter the fully qualified '\
'DNS domain name for the host that will be associated with the webserver '\
'(Current: ${hostname}, Default: ${h_name})'`\""

	help=`gettext $TEXTDOMAIN 'In order for web browsers to be able to '\
'access the Sun StorEdge(tm) Configuration Service webserver, '\
'the fully qualified DNS domain name is necessary.'`

	error=`gettext $TEXTDOMAIN 'Enter a valid fully qualified DNS '\
'domain name for the host in which the Configuration Service is being '\
'installed.'`

	hostname=`get_value "$prompt" "$help" "$error" "$defhost"`

	port=`get_port http 8080 $port`
	s_port=`get_port https 9443 $s_port`

	#  Output the properties
	#
	propfile=`setup_propfile web.properties`

	edit_propfile ${propfile} 'Web Service' '0377' \
		"$SERVICE_PREFIX.web.hostname=$hostname" \
		"$SERVICE_PREFIX.web.port=$port" \
		"$SERVICE_PREFIX.web.secure.port=$s_port"


	# Prompt the user for input related to the SSL keystore
	#
	if [ "$s_enabled" != "" -a "$keystore" != "" -a "$keypass" != "" ]
	then
	    eval prompt="\"`gettext $TEXTDOMAIN 'You have previously '\
'configured the secure (SSL) webserver and set the keystore file at: '\
'$keystore. Do you wish to reconfigure it ? (Default: ${NO})'`\""

	    help=`gettext $TEXTDOMAIN 'It is recommended that you '\
'regenerate the webserver SSL (secure sockets layer) certificate if '\
'the current certificate has expired in order to prevent users from '\
'encountering warning messages about the certificate expiration date and '\
'time. You should also reconfigure the certificate if any of the registration '\
'details (such as the domain name of the host, the organization details, '\
'the locality of the installation) has changed, You may also decide to '\
'regenerate the certificate at your own discretion. '\
'It is recommended that you answer positively in all these cases.'`

	    ans=`ckyorn -W 70 \
			-d "${NO}" \
			-p "$prompt" \
			-h "\n$help" \
			-e "$YES_OR_NO"` 
	    check $?
	else
	    ans=${YES}
	fi

	[ $ans != ${YES} ]		&& return 0

	keystore=`get_keystore $keystore`
	if [ $? -eq 0 ]
	then
	    keypass=`get_keypass $keystore "$hostname"`
	    [ $? -ne 0 ] 		&& return 1
	    [ "$keypass" = "" ] 	&& return 0
	    keypass=`echo $keypass | sspv --piped --add -U keystore`
	    s_enabled=true
	fi

	edit_propfile ${propfile} 'Web Service' '0377' \
	    "$SERVICE_PREFIX.web.secure.enabled=$s_enabled" \
	    "$SERVICE_PREFIX.web.secure.keystore.file=$keystore" \
	    "$SERVICE_PREFIX.web.secure.keystore.pass=$keypass"
    fi

    return 0
}

#
#  Function prompting for the designation of storage administration users
#
doUsers () {

    ans=

    title=`gettext $TEXTDOMAIN 'Administrator Configuration'`
    echo ""
    echo $title

    if [ "$users" -eq 2 ] ; then
	ans=${YES}
    else
	default=${YES}

	eval prompt="\"`gettext $TEXTDOMAIN 'Would you like to configure the '\
'login names of storage administration users for the Sun StorEdge(tm) '\
'Configuration Service at this time ? (Default: ${default})'`\""

	help=`gettext $TEXTDOMAIN 'The Sun StorEdge(tm) Configuration '\
'Service provides the storage administrator with access to the storage '\
'management functionality via a number of public interfaces, including '\
'http/https web-based management and telnet/ssh cli-based management. '\
'The Configuration Service authenticates users against the Solaris security '\
'infrastructure that is present on the management station. '\
'Obviously, not all users that can log-in to the host serving as the '\
'management station are intended to be storage administrators. It is '\
'therefore necessary to designate the login names of those users that will '\
'have storage administration privileges. This is because '\
'of the security sensitivity of the tasks that are involved in storage '\
'administration. During runtime and upon user login, the Configuration '\
'Service will verify that the login-name presented is found on the list '\
'of designated valid storage administration user names.'`

	ans=`ckyorn -W 70 \
		    -d "$default" \
		    -p "$prompt" \
		    -h "\n$help" \
		    -e "$YES_OR_NO"`
	check $?
    fi 

    users=root

    if [ $ans = ${YES} ] ; then

	#  Try to read the config file that may have been assigned
	#  values in a previous 'config' invocation
	#
	users=`read_file ${GREROOT}/etc/sscs.properties $APP_NAME.users`
	if [ $? -eq 0 -a "$users" != "" ] ; then
	    title=`gettext $TEXTDOMAIN 'Your previous selections '\
'for designated storage administration users were'`
	    l10nusers=`gettext $TEXTDOMAIN 'users'`
	    help=`gettext $TEXTDOMAIN 'You should modify your selection of '\
'designated storage users whenever you want to add (remove) users to (from) '\
'the list.'`
	    promptForRedo "$title" "$help" "$l10nusers" "$users"
	    [ $? -ne 0 ] && return 0
	else
	    users=root
	fi

	help1=`gettext $TEXTDOMAIN 'Due to the sensitivity of the '\
'operations that a storage administration can perform, users accessing '\
'the Sun StorEdge(tm) Configuration Service using the web interface '\
'or the command line interface, need to be identified by the service as valid '\
'storage administration users. You should enter the name of a valid user.'`

	prompt1=`gettext $TEXTDOMAIN 'Please enter the login name '\
'of a user designated to access the system in a storage administrator role.'`

	eval prompt2="\"`gettext $TEXTDOMAIN 'Would you like to (a)dd '\
'users to the list; (r)eset the list and start over; (s)ave the existing '\
'list and continue (a|r|s) ? (Default: s)'`\""
	opterr=`gettext $TEXTDOMAIN 'You must enter one of '\
'(a)dd, (r)eset, or (s)ave'`

	until [ "$ans" = "$NO" ]
	do
	    eval info="\"`gettext $TEXTDOMAIN 'The current list of '\
'designated storage administration users is: $users.'`\""
	    fmtout "$info" $WIDTH "\t" 2>&1

	    ans=`ckstr -W 70 \
			-d "s" \
			-r a -r r -r s \
			-p "$prompt2" \
			-h "\n$help" \
			-e "$opterr"`
	    check $?

	    case $ans in
		a)	;;
		r)	users=root
			;;
		s)	break
			;;
	    esac	

	    user=`get_value "$prompt1" "$help1" ""`
	    idstr=`/usr/bin/id $user 2> /dev/null`

	    if [ $? -ne 0 ] ; then
		msg=`gettext $TEXTDOMAIN 'ERROR: user does not exist:'`
		fmtout "$calledname: $msg \"$user\"" $WIDTH "\t" 2>&1

		eval prompt3="\"`gettext $TEXTDOMAIN 'Would you like to '\
'create the $user login name as a storage administration user ? '\
'(Default: ${YES})'`\""

		help3=`gettext $TEXTDOMAIN 'If you select to create the '\
'login name, a user will be created in the system that will have the '\
'Sun StorEdge(tm) Management Shell - sesh(1M) - defined as his login '\
'shell, /dev/null will be designated as his home directory. On login through '\
'any of the CLI interfaces (telnet, ssh), the created user will be limited '\
'to access the functionality exposed through the shell. If you want to '\
'grant the user regular login privileges, you must create the user using '\
'the regular useradd(1M) utility. Removal of create users needs to be done '\
'by the systems administrator using the userdel(1M) utility.'`

		ans1=`ckyorn -W 70 \
			-d "$YES" \
			-p "$prompt3" \
			-h "\n$help3" \
			-e "$YES_OR_NO"`
		check $?
   		if [ $ans1 = ${YES} ] ; then
		    if /usr/sbin/useradd -c "Storage Management User - $user" \
			    -d $GREROOT/home \
			    -s ${BINDIR}/sesh ${user} ; then
			users="${users},${user}"

			#  Prompt to create a password for the user
			#
			/usr/bin/passwd ${user}
		    else
			eval errmsg="\"`gettext $TEXTDOMAIN 'ERROR: '\
'error creating login user ${user}'`\""
			fmtout "$calledname: $errmsg" $WIDTH "\t" 2>&1
		    fi
		fi
	    else
		if [ -z $user ] ; then
		    msg=`gettext $TEXTDOMAIN 'ERROR: invalid null name:'`
		    fmtout "$calledname: $msg"  $WIDTH "\t" 2>&1
		else
		    users="${users},${user}"
		fi
	    fi
	done

	#  Now, generate the user properties file
	#
	propfile=`setup_propfile sscs.properties ${GREROOT}/etc`

	edit_propfile ${propfile} 'Valid Storage Administration Users' '0377' \
		"$APP_NAME.users=$users"

    fi
    return 0
}

#
#  Function prompting for the cli server port settings
#
doCliServer () {

    ans=

    title=`gettext $TEXTDOMAIN 'Command Line Interface Configuration'`
    echo ""
    echo $title

    if [ "$cli" -eq 2 ] ; then
	ans=${YES}
    else
	default=${YES}

	eval prompt="\"`gettext $TEXTDOMAIN 'Would you like to configure '\
'the Sun StorEdge(tm) Configuration Service Console CLI Server at this time ? '\
'(Default: ${default})'`\""

	help=`gettext $TEXTDOMAIN 'Configuring the Sun StorEdge(tm) '\
'Configuration Service Console CLI (Command Line Interface) Server '\
'on this station will allow it to act as a CLI Server for the Management '\
'Console and any Services that support CLI functionality. '\
'Once the Sun StorEdge(tm) Configuration Service Console CLI Server is '\
'configured, startup and shutdown of the Server will automatically be '\
'performed at system startup or system shutdown time.'`

	ans=`ckyorn -W 70 \
		    -d "$default" \
		    -p "$prompt" \
		    -h "\n$help" \
		    -e "$YES_OR_NO"`
	check $?
    fi

    if [ $ans = ${YES} ]
    then
	#  Try to read the config file that may have been assigned
	#  values in a previous 'config' invocation
	#
	doTelnet=1
	propname=$SERVICE_PREFIX.inetd.daemon.telnet.net.port
	port=
	values=`read_file $ETC_SERVICES/inetd/telnet.properties $propname`
	if [ $? -eq 0 -a "$values" != "" ] ; then
	    set $values
	    port=$1
	    title=`gettext $TEXTDOMAIN 'Your previous selections '\
'for configuration of the CLI Service Telnet Daemon were'`
	    l10ntport=`gettext $TEXTDOMAIN 'telnet port'`
	    doTelnet=2

	    help=`gettext $TEXTDOMAIN 'You should modify your selection of '\
'the Configuration Service telnet port as necessary in order to prevent '\
'conflicts with other applications that may be configured to listen on '\
'that port.'`
	    promptForRedo "$title" "$help" "$l10ntport" "$port"
	    [ $? -ne 0 ] && doTelnet=0
	fi

	if [ $doTelnet -gt 0 ]; then
	    port=`get_port telnet 8023 $port`

	    #  Output the properties
	    #
	    propfile=`setup_propfile telnet.properties ${ETC_SERVICES}/inetd`

	    edit_propfile $propfile 'Telnet Daemon' '0333' \
		"$propname=$port"
	fi


	#  Try to read the config file that may have been assigned
	#  values in a previous 'config' invocation
	#
	doShell=1
	port=
	propname=$SERVICE_PREFIX.inetd.daemon.shell.net.port
	values=`read_file $ETC_SERVICES/inetd/shell.properties $propname`
	if [ $? -eq 0 -a "$values" != "" ] ; then
	    set $values
	    port=$1
	    title=`gettext $TEXTDOMAIN 'Your previous selections '\
'for configuration of the CLI Service Secure Shell Proxy were'`
	    l10nsport=`gettext $TEXTDOMAIN 'ssh proxy port'`
	    doShell=2

	    help=`gettext $TEXTDOMAIN 'You should modify your selection of '\
'the Configuration Service ssh proxy port as necessary in order to prevent '\
'conflicts with other applications that may be configured to listen on '\
'that port.'`
	    promptForRedo "$title" "$help" "$l10nsport" "$port"
	    [ $? -ne 0 ] && doShell=0
	fi

	if [ $doShell -gt 0 ]; then
	    port=`get_port 'ssh proxy' 8514 $port`

	    #  Output the properties
	    #
	    propfile=`setup_propfile shell.properties ${ETC_SERVICES}/inetd`

	    edit_propfile $propfile 'Secure Shell Proxy' '0333' \
		"$propname=$port"
	fi
    fi

    return 0
}

#
#  Function that runs the update_html_file script for T3 and T3+ storage arrays
#
doUpdateT3HTML () {

    title=`gettext $TEXTDOMAIN 'Update T3 HTML files'`
    echo ""
    echo $title


    $BINDIR/update_html_files

    return 0
}

#  function to restart the passed daemon
#
#  Input Arguments:	$1		daemon name (expected to exist as
#					a /etc/init.d/$1 script)
#			$2		regexp to check for with pgrep
#			$3		formal name of daemon started
#			$4		optionally, if present force a kill
#					if absent, and verified already
#					running, leave running
#
do_restart () {
    
    retstat=0
    msg=
    start=
    if [ -f /etc/init.d/$1 ] ; then
	PID=`pgrep -u 0 -f -- $2`
	if [ $? -eq 0 ] ; then
	    if [ "$4" = "" ] ; then
		msg=`gettext $TEXTDOMAIN 'INFO: service is already running'`
	    else
		/etc/init.d/$1 stop
		start=1
	    fi
	else
	    start=1
	fi
	if [ "$start" != "" ] ; then
	    /etc/init.d/$1 start
	    retstat=0
	    for nap in 2 2 4 8 ; do
		sleep $nap
		PID=`pgrep -u 0 -f -- $2`
		retstat=$?
		if [ $retstat -eq 0 ] ; then
		    msg=`gettext $TEXTDOMAIN 'INFO: service has been started'`
		    break	# for-loop
		fi
	    done
	    if [ $retstat -ne 0 ] ; then
		msg=`gettext $TEXTDOMAIN 'INFO: could not determine that service started, please check the console'`
	    fi
	fi
    else
	eval msg="\"`gettext $TEXTDOMAIN 'ERROR: /etc/init.d/$1 cannot be found'`\""
    fi
    echo $progname: $msg: $3 >&2
}

# Note: 1/28/03, this function is NO LONGER NEEDED after we install our own copy of cim/wbem
#  Function to obtain the PID of the Solaris WBEM Services on Solaris 5.9
#
get_sol59_pid () {

    PIDS=`/usr/bin/pgrep -u 0 -f -- '-Djava.security.policy=/usr/sadm/' 2> /dev/null`
    retstat=$?
    if [ $retstat -ne 0 ] ; then
	PIDS=`/usr/bin/pgrep -u 0 -f -- '/usr/sadm/lib/wbem/cimomboot' 2> /dev/null`
	retstat=$?
    fi
    if [ $retstat -eq 0 ] ; then
	for i in 1 2 3 4 5 6 7 8 ; do
	    for pid in $PIDS ; do
		pfiles $pid 2> /dev/null | \
		grep 'sockname: AF_INET 0.0.0.0  port: 5987' > /dev/null 2>&1
		if [ $? -eq 0 ] ; then
		    echo $pid
		    return 0
		fi
	    done
	    [ "$1" != "" ] && break
	    sleep 4
	done
    fi
    echo ''
    return 1
}

# Note: 1/28/03, this function is NO LONGER NEEDED after we install our own copy of cim/wbem
#  Function to perform wbem services restart on Solaris 5.9
#
do_sol59_wbem () {

    pid=`get_sol59_pid no`
    if [ "$pid" = "" ] ; then
	/etc/init.d/init.wbem stop > /dev/null 2>&1
	/etc/init.d/init.wbem start
	pid=`get_sol59_pid`
    else
	msg=`gettext $TEXTDOMAIN 'INFO: service is already running'`
    fi
    if [ "$pid" = "" ] ; then
	msg=`gettext $TEXTDOMAIN 'INFO: could not determine that service started, please check the console'`
    else
	msg=`gettext $TEXTDOMAIN 'INFO: service has been started'`
    fi
    echo $progname: $msg: Solaris WBEM Services >&2
}

#  function to restart the Configuration Service
#
restart () {

    SOLARIS_REV=`uname -r`

    if [ "$SOLARIS_REV" = "5.8" ]; then
        # on s8, start prngd only if it's installed from SSCS 
	if pkginfo -q SMCprngd
	then
	    pkgparam SMCprngd BASEDIR | /bin/grep SUNWdm  > /dev/null 2>&1
	    [ $? -eq 0 ] && do_restart prngd prngd "Pseudo-Random Number Generator"
	else
	    echo "INFO: SMCprngd is not found. Unable to start prngd."
	fi

        # on s8, start sshd only if it's installed from SSCS 
	if pkginfo -q SMCossh3 
	then
	    pkgparam SMCossh3 BASEDIR | /bin/grep SUNWdm  > /dev/null 2>&1
	    [ $? -eq 0 ] && do_restart sshd sshd "Secure Shell"
	else
	    echo "INFO: SMCossh3 is not found. Unable to start sshd."
	fi
    else
        if [ "$SOLARIS_REV" = "5.9" ]; then
            do_restart sshd sshd "Secure Shell"
        fi
    fi

    do_restart sscs.wbem "-Dapp.name=wbem" "WBEM Services" restart

    do_restart sscs "-Dapp.name=sscs" "Configuration Service" restart
}

#  Function prompting for starting the Configuration Service
#
doStart () {

    default=${YES}

    eval prompt="\"`gettext $TEXTDOMAIN 'Configuration of the various '\
'components of the Sun StorEdge(tm) Configuration Service has been done. '\
'Would you like to start the Configuration Service at this time ? '\
'(Default: $default)'`\""

    help=`gettext $TEXTDOMAIN 'If you answer yes, the configuration program '\
'will initiate the execution of the Sun StorEdge(tm) Configuration Service '\
'using the configuration parameters that have been entered. If the '\
'service is running, it will be shutdown and restarted to operate using '\
'the requested parameters.'`

    ans=`ckyorn -W 70 \
		    -d "$default" \
		    -p "$prompt" \
		    -h "\n$help" \
		    -e "$YES_OR_NO"`
    check $?

    if [ $ans = ${YES} ]
    then
	restart
	return $?
    fi

    return 0
}

#  Display the usage for the main program
#
usage () {

    echo $progname: "INFO: usage: config \[options\]

    where options are:

  -a        perform configuration of all components
  -b        configure the CIM/WBEM service
  -c        configure the CLI service
  -h        display the usage message
  -p        print the current configuration
  -s        configure the $sadename
  -S        configure the Sun StorEdge\(tm\) 9900 Disk Array Manager
  -t        update files on Sun StorEdge T3 and T3+ storage arrays
  -u        configure the designated storage administration users
  -w        configure the Web service
"

}

set_env () {
    lopt=$1
    case $lopt in
	a|1)  cim=1
	    cli=1
	    users=1
	    web=1
	    storade=1
	    s9900=1
        t3html=1
        start=1
	    all=1
	    ;;
	b|2)  cim=2
	    all=0
        start=1
	    ;;
	c|7)  cli=2
	    all=0
        start=1
	    ;;
	h)  usage
	    exit 0
	    ;;
	s|3)  storade=2
	    all=0
        start=1
	    ;;
	S|4)  s9900=2
	    all=0
        start=1
	    ;;
	w|6)  web=2
	    all=0
        start=1
	    ;;
	u|5)  users=2
	    all=0
        start=1
	    ;;
	t|8)  t3html=2
	    all=0
        # Updating T3 HTML files does not require restarting Config Svc 1.2
        start=0
	    ;;
    p)  print=1
	    all=0
        ;;
    q)  update=0
        ;;
	*)  if [ $menu -eq 0 ]; then
            usage
            exit 1
        else
            echo " "
            echo "Error: $lopt is an invalid selection. "
            echo " "
        fi
	    ;;
    esac
}

reset_state () {
	all=0
	cim=0
	cli=0
	web=0
	storade=0
	s9900=0
	users=0
    print=0
    t3html=0
}

#  Main function for the script
#
main () {
    start=0
    changed=0
    reset_state
    update=1
    menu=0

 	while getopts abchmstupwS opt
	do
        set_env $opt
	done
    # Display the menu only if no command line arguments are set.
    sum=`expr $all + $cim + $cli + $web + $storade + $s9900 + $t3html + $users + $print`

    while [ $update -eq 1 ]; do
        if [ $sum -eq 0 ]; then
            menu=1
            retval=`display_menu`
            set_env $retval
        else
            update=0
        fi

        #  Display current configuration
        #
        [ $print -ne 0 ]    && display_current
    
        #  set up WBEM access
        #
        [ $cim -ne 0 ]    && doWBEM
    
        #  set up Remote Link to StorAde
        #
        [ $storade -ne 0 ]    && doStorAde
    
        #  set up Remote Link to 9900 Series Software 
        #
        [ $s9900 -ne 0 ]  && doS9900
    
        #  designate storage administration users
        #
        [ $users -ne 0 ] && doUsers
    
        #  configure the webserver
        #
        [ $web -ne 0 ]    && doWebServer
    
        #  configure CLI server
        #
        [ $cli -ne 0 ]     && doCliServer

        #  Update html files on t3 and t3+ arrays
        #
        [ $t3html -ne 0 ]     && doUpdateT3HTML

        reset_state
    done
    #  Prompt user to restart SSCS
    #
    [ $start -ne 0 -a $changed -ne 0 ] && doStart
   
    return 0
}

log_title "$LOGFILE" "SSCS" "" "Start of configuration"
getConfigInfo "Original configuration" >> $LOGFILE

#  invoke main
main $@

getConfigInfo "New configuration" >> $LOGFILE
log_title $LOGFILE "SSCS" "" "End of configuration"

exit $?
