#!/bin/bash

. /usr/share/preupgrade/common.sh
check_rpm_to "" "grep,sed,cut,cp"

#END GENERATED SECTION

############# FUNCIONS / PERFORMANCE WORKROUND ###############################
get_blacklist_file() {
  [ ! -f "$PREUPGRADE_CONFIG" ] && return 1
  local SECNAME="xccdf_preupg_rule_system_BinariesRebuild_check"
  local line=$(
    conf_get_section "$PREUPGRADE_CONFIG" "$SECNAME" \
      | grep "exclude_file"
  )

  [ -z "$line" ] && return 1 # configuration is not used
  echo "$line" | cut -d "=" -f 2-

  return 0
}

gen_blacklist() {
  local blacklist_cfg=$(get_blacklist_file)
  [ $? -ne 0 ] && return 1
  [ -z "$blacklist_cfg" ] && return 1
  [ ! -f "$blacklist_cfg" ] && {
    log_warning "The $blacklist_cfg file mentioned in the configuration file does not exist."
    return 1
  }

  sed -r 's/^(.)/^\1/' "$blacklist_cfg" > "$1"
  return 0
}

gen_executable_list() {
  local blacklist=$(mktemp .blacklistXXX --tmpdir="$PWD")
  local executable=$(mktemp .executableXXX --tmpdir="$PWD")
  echo "$executable"

  gen_blacklist "$blacklist" || {
    cp "$VALUE_EXECUTABLES" "$executable"
    return 1
  }

  log_info "The original list of executable files has been reduced."
  grep -vf "$blacklist" "$VALUE_EXECUTABLES" > "$executable"
  return 0
}


############# MAIN ###########################################################
[ ! -f "$VALUE_EXECUTABLES" ] || [ ! -r "$COMMON_DIR"  ] && {
  log_error "Generic common part of the module is missing."
  exit_error
}

safelibs=$(mktemp .safelibsXXX --tmpdir=/tmp)
cat "$COMMON_DIR"/default*_so*-kept \
    "$COMMON_DIR"/default*_so*-moved_* \
    "$COMMON_DIR"/default*_so*obsoleted \
    | cut -d ":" -f1 | sort | uniq > "$safelibs"

[ ! -r "$safelibs" ] && {
  rm -f "$safelibs"
  log_error "Generic part of the module is missing."
  exit_error
}


BINARIES="binaries"
touch $BINARIES
SCRIPTS="scripts"
touch $SCRIPTS
FOUND_BIN=0
FOUND_SCR=0

# (filtered) list of executables
EXECUTABLES=$(gen_executable_list)

# Check what binaries are not handled by our package and which needs to be
# rebuilded on the new system
while read line
do
  [ "${line:0:4}" == "/tmp" ] || [ -d "$line" ] || [ -L "$line" ] && \
    continue
  TYPE=$(file "$line")
  echo $TYPE | grep "ELF" > /dev/null 2>&1
  if [ $? -eq 0 ]; then
    #we need to use -w -F - to prevent escaping and "substring matches" issues
    grep -m1 -wF "$line" "$VALUE_RPMTRACKEDFILES" >/dev/null 2>&1 && continue
    if [ $? -ne 0 ]; then
      FOUND_BIN=1
      unsafe=0
      #todo - check for redhat signed rpm, add postupgrade to install
      #potentially changed lib
      for i in $(ldd "$line" | cut -d' ' -f1);do
        # basename - we don't want to path to library, just filename
        grep -m1 "^$(basename "$i")$" "$safelibs" >/dev/null || unsafe=1
      done
      SAFETY=""
      [ $unsafe -eq 0 ] && SAFETY="(Can be used in Red Hat Enterprise Linux 7 without rebuild)"
      echo "$line $SAFETY" >> $BINARIES
    fi
  else
    echo $TYPE | grep "script" > /dev/null 2>&1
    if [ $? -eq 0 ]; then
      #we need to use -w -F - to prevent escaping and "substring matches" issues
      grep -m1 -wF  "$line" "$VALUE_RPMTRACKEDFILES" >/dev/null 2>&1 && continue
      FOUND_SCR=1
      echo "$line" >> $SCRIPTS
    fi
  fi
done < "$EXECUTABLES"

rm -f "$safelibs"

if [ $FOUND_BIN -eq 1 -o $FOUND_SCR -eq 1 ]; then
    if [ $FOUND_BIN -eq 1 ]; then
        log_slight_risk "Some binaries untracked by RPM were discovered on the system. The binaries might need to be rebuilt after the upgrade."
        mv $BINARIES "$KICKSTART_DIR/$BINARIES"
    fi
    if [ $FOUND_SCR -eq 1 ]; then
        log_slight_risk "Some scripts untracked by RPM were discovered on the system. The scripts might not work properly after the upgrade."
        mv $SCRIPTS "$KICKSTART_DIR/$SCRIPTS"
    fi
    exit_fail
fi

exit_pass
