#!/bin/sh
#
# Startup sshd
#
# chkconfig: 345 55 45
# description: sshd starts the deamon to allow others to ssh to this machine
#
# Changed June 29, 2001 by Troy Dawson
#   Made the script smart enough to know if it needs to run
#   kerberos 5 or kerberos 4 binary.  It then corrects the links
#   to run it.
# Changed October 9, 2001 by Troy Dawson
#   Made the killing of the old sshd process, better.
#				            

#*********************************
# Kill the currently running sshd
#*********************************
kill_sshd(){
	PIDLIST="`ps -eo user,pid,ppid,cmd | grep sshd | grep -v grep | grep root `"
	if [ ! "$PIDLIST" = "" ]; then
		echo "$PIDLIST" | {
			while read line
			do
				PARENT=`echo $line | cut -d' ' -f3`
				if [ $PARENT -eq 1 ] ; then 
					PID=`echo $line | cut -d' ' -f2`
					echo "Killing old sshd, Process ID:$PID:"
					kill $PID
				fi
			done 
			}
	fi
}

case "$1" in
        'start')
		kill_sshd
		#Ensure we are running the correct sshd
		# Do we have to worry about AFS
		if ! /sbin/chkconfig --list afs > /dev/null 2>&1 ; then
			#We arn't running afs, turn on kerberose 5 ssh
			rm -f /usr/krb5/sbin/sshd
			ln -s /usr/krb5/sbin/sshd1 /usr/krb5/sbin/sshd
		else
			#We are running afs
			if [ -f /etc/krb5.keytab ] ; then
				#We are kerberized with a host principle, use kerberos 5
				rm -f /usr/krb5/sbin/sshd
				ln -s /usr/krb5/sbin/sshd1 /usr/krb5/sbin/sshd
			else
				#We arn't kerberized and/or don't have a host priciple, use kerberos 4
				rm -f /usr/krb5/sbin/sshd
				ln -s /usr/krb5/sbin/sshd_afs /usr/krb5/sbin/sshd
			fi
		fi
		#just make sure the file is there before starting it
		if [ -a /usr/krb5/sbin/sshd ] ; then
			/usr/krb5/sbin/sshd &
		else
			exit 1
		fi
		;;
        'stop')
                kill_sshd
		kill_sshd
                ;;
esac
exit 0
