#!/bin/bash
#
# hostsentry Start the hostsentry LAD tool
#
# Author: Tim Powers <timp@redhat.com>
#
# chkconfig: 345 98 85
# description: HostSentry is a host based intrusion detection tool that \
#              performs Login Anomaly Detection (LAD). This tool allows \
#              administrators to spot strange login behavior and quickly \
#              respond to compromised accounts and unusual behavior.
# processname: hostsentry
# configfile: /etc/hostsentry/hostsentry.conf
# pidfile: /var/run/hostsentry.pid

# Source function library.
. /etc/init.d/functions

RETVAL=$?

start(){
	#are we already running?
    if [ -f /var/run/hostsentry.pid ] ; then
	pid=`cat /var/run/hostsentry.pid`
	if [ "$pid" != "" ] ; then
	    echo $"hostsentry is already running"
	    exit 0
	fi
    fi

    #start daemons.    
    echo -n $"Starting hostsentry: "
    cd /usr/lib/hostsentry
      daemon "python hostsentry.py"
      RETVAL=$?
    echo
    #have to do this since python scripts can be hard to pin down using pidof
    echo `ps aux | grep "python hostsentry" | cut --delimiter=" " -f 7` > /var/run/hostsentry.pid
    [ $RETVAL = 0 ] && touch /var/lock/subsys/hostsentry
    return $RETVAL
}

stop(){
    # Stop daemons.
    echo -n $"Shutting down hostsentry: "
    killproc hostsentry
    RETVAL=$?
    [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/hostsentry && rm -f /var/run/hostsentry.pid
    echo
}

restart(){
    stop
    start
}

condrestart(){
    if [ -f /var/lock/subsys/hostsentry ]; then
	restart
    fi
}

status(){
    if [ -f /var/run/hostsentry.pid ] ; then
        pid=`cat /var/run/hostsentry.pid | { read foo ; echo $foo ; }`
        if [ "$pid" != "" ] ; then
            echo $"hostsentry (pid $pid) is running..."
            return 0
        fi
        # See if /var/run/hostsentry.pid exists
	if [ -f /var/run/hostsentry.pid ] ; then
            if [ "$pid" != "" ] ; then
	        echo $"hostsentry dead but pid file exists"
		return 1
	    fi
        fi
    fi
        # See if /var/lock/subsys/hostsentry exists
    if [ -f /var/lock/subsys/hostsentry ]; then
	echo $"hostsentry dead but subsys locked"
        return 2
    fi

    if [ ! -f /var/run/hostsentry.pid ] && [ ! -f /var/lock/subsys/hostsentry ]; then
	echo $"hostsentry is not running"
	return 0
    fi


}


# See how we were called.
case "$1" in
    start)
	start
	;;
    stop)
	stop
	;;
    restart)
	restart
	;;
    condrestart)
	condrestart
	;;
    status)
	status
	;;
    *)
	echo $"Usage: $0 {start|stop|status|restart|condrestart}"
	exit 1
	;;
esac
