#!/bin/bash
LOG=/root/asl-uninstall.log
DATE=$(date +%Y%m%d-%H:%M)

export LANG=en_US.UTF-8

# make sure no instance of the installer is running
if [ ! -e /asl-uninstaller.lock ]; then
	touch /asl-uninstaller.lock
else
	echo "Another uninstaller is already running."
	app_exit 1
fi


function app_exit {
	EXIT_CODE=$1
	echo

	# remove lock file
	rm -f /asl-uninstaller.lock

	# exit
	exit $EXIT_CODE
}

if ! rpm -q asl ; then
	echo "ASL installation not detected"
	echo "`date -u`: ASL Installation not detected " >> $LOG 
	app_exit 1
fi

if [ -f /etc/asl/config ]; then
	source /etc/asl/config
fi


if grep -q "^assumeyes=1" "/etc/yum.conf"; then
	echo "Not supported: assumeyes=1 was detected in yum.conf, the uninstaller will not run" 
	echo "`date -u`: Not Supported: assumeyes=1 was detected in yum.conf" >> $LOG 
	app_exit 1
fi

if [ ! $SSH_TTY  ]; then
       UNINSTALL_TTY="/dev/$(ps -p$$ --no-heading | awk '{print $2}')"
else
        UNINSTALL_TTY=$SSH_TTY
fi

cd /root


echo "`date -u`: Uninstall initiated" >> $LOG
if [ -d /usr/local/directadmin ] ; then
  	TYPE=directadmin
elif [  -d /usr/local/cpanel ]; then
  TYPE=cpanel
else
  TYPE=normal
fi
echo "`date -u`: Environment $TYPE detected " >> $LOG 


echo
echo "  WARNING: This utility will remove ASL entirely from the system."

read -p "  Are you sure this is what you want to do? Type CONTINUE if you are sure you want to do this. (CONTINUE/STOP): " INPUT < $UNINSTALL_TTY



echo "`date -u`: User selected $INPUT  " >>  $LOG

if [ "$INPUT" != "CONTINUE" ]; then
  echo
  echo "  Exiting..."
  echo
  echo "`date -u`: User did not agree to uninstall  " >>  $LOG
  echo "`date -u`: uninstaller exiting " >>  $LOG
  exit
else
	echo "`date -u`: User selected $INPUT  " >>  $LOG
fi



# Normal
service asl-firewall stop >> $LOG
service crond stop >> $LOG
service psmon stop >> $LOG
service ossec-hids stop >> $LOG
service clamd stop >> $LOG

# make sure no asl processes are running
for pid in `ps auxwww | grep asl | grep -v grep | awk '{print $2}'` ; do
  kill -9 $pid
done


# TODO: database drop event

COMMON_LIST="roadsend-php-libs"
FULL_LIST="mod_security mod_sed asl mod_evasive ossec-hids psmon rkhunter skdet unhide paxtest clamd clamav-db clamav asl-web gradm asl-web tortixd asl-php* aum aqueduct* asl-stream* tortix-release asl-php* rblcheck bigloo-libs chkrootkit inotify-tools"

echo "`date -u`: starting yum remove  " >>  $LOG
/usr/bin/yum remove  $FULL_LIST $COMMON_LIST 
if [ $? -ge 1 ]; then
	echo "No packages removed, exiting"
	app_exit 1
fi
echo "`date -u`: yum remove complete (exit $?) " >>  $LOG


# Cpanel
if [ -f /scripts/posteasyapache ]; then
  rm -f /scripts/posteasyapache
fi
if [ -f /scripts/preeasyapache ]; then
  rm -f /scripts/preeasyapache
fi


# 
killall -9 psmon >/dev/null 2>&1
if [ -f /var/lock/subsys/psmon ]; then
  rm -f /var/lock/subsys/psmon
fi


# Remove users
userdel tortix | tee -a $LOG
userdel asl-web | tee -a $LOG
groupdel tortix | tee -a $LOG

if [ -d /etc/httpd/modsecurity.d/ ]; then
  rm -f /etc/httpd/modsecurity.d/*
fi

echo "Clearing the /var/asl tree. This could take a few minutes, please be patient"
echo -n "	Removing /var/asl :"
rm -rf /var/asl
echo "Complete"
echo "`date -u` removed /var/asl" >> $LOG

service crond start >> $LOG

if [ "$TYPE" == "cpanel" ]; then
	if [ -f /etc/httpd/modsecurity.d/00_mod_security.conf ]; then
  		rm -f /etc/httpd/modsecurity.d/00_mod_security.conf
	fi
  	touch /usr/local/apache/conf/modsec2.conf
	touch /usr/local/apache/modsecurity.d/tortix_waf.conf
	echo "`date -u` removed /etc/httpd/modsecurity.d/00_mod_security.conf" >> $LOG
  	service httpd restart >> $LOG
  
fi

# Drop database
if [ $OSSEC_DATABASE ]; then
	/usr/bin/mysqladmin drop $OSSEC_DATABASE | tee -a $LOG
fi



rm -rf /etc/asl
rm -rf /var/ossec
rm -f /etc/yum.repos.d/asl.repo
rm -f /etc/yum.repos.d/tortix-common.repo >> $LOG
sed -i "s/=kernel-asl/=kernel/g" /etc/sysconfig/kernel

# final kernel check
if ! rpm -qa |grep ^kernel- ; then
	echo
	echo "WARNING****WARNING****WARNING"
	echo
	echo "No kernels were detected after uninstallation. This could mean that your system is now"
	echo "unbootable"
	echo 
	echo "If this is anything other than an openvz or virtuozzo system you need to fix this."
	echo "WARNING****WARNING****WARNING"
	echo
	echo
	echo "`date -u` WARNING: no kernels detected" >> $LOG
fi
echo "`date -u`: uninstall complete" >> $LOG