#!/bin/sh
# This shell script makes use of the htpasswd utility normally
# installed by the apache web server rpm.
DEST=/etc/sysconfig/ha/conf

if [ -z "$1" ]; then
	echo -n "New Password: "
	old_IFS=$IFS
	IFS=
	read -rs
	password=$REPLY 
	echo -en "\nVerify: "
	read -rs
	verify=$REPLY
	IFS=$old_IFS
	echo
	if [ "$password" != "$verify" ]; then
		echo "Passwords do not match." 1>&2
		exit 1
	fi
else
	#warn user
	echo "Warning: sensitive information entered on command line." 1>&2
	password=$1
fi

# Two possibilities,.. the file exists and the file doesn't exist

if [ -f $DEST/piranha.passwd ]; then
	/usr/bin/htpasswd -b $DEST/piranha.passwd piranha "$password"
fi

if [ ! -f $DEST/piranha.passwd ]; then
	/usr/bin/htpasswd -c -b $DEST/piranha.passwd piranha "$password"
fi

# Paranoia, unfortunately the web server itself must be able to read the file

chmod 600 $DEST/piranha.passwd
chown piranha.piranha $DEST/piranha.passwd
