#! /bin/bash
# Script to control telnet daemon parameters
# and block changes when logged in over telnet

# Block changes to telnet daemon when logged in over telnet
pid=$(who -um | awk -F " " '{print $7}')
if [ -n "$pid" ]; then
 if ps --pid $(ps --pid $pid -o ppid=) -o cmd= | grep -q telnetd
  then
    echo "Please configure telnet settings via ssh or console."
    exit 1
  fi
fi

usage() {
    echo "Usage: $0 enable <port>"
    echo "       $0 disable"
    echo "       $0 allow-root {true|false}"
    exit 1;
}

allow-root() {
    case "$1" in
    true) ;;
    false) ;;
        *)  echo "Expect true or false"
	    usage ;;
    esac

    sudo sed -i -e '/^# Pseudo-terminal (telnet)/,$d' /etc/securetty

    if [ $1 = "false" ]; then
	return
    fi

    sudo sh -c "cat >>/etc/securetty" <<EOF
# Pseudo-terminal (telnet)
pts/0
pts/1
pts/2
pts/3
pts/4
pts/5
pts/6
pts/7
pts/8
pts/9
pts/10
pts/11
pts/12
pts/13
pts/14
pts/15
pts/16
pts/17
pts/18
pts/19
EOF

}

case "$1" in
    allow-root) 
	allow-root $2
	;;

    enable)
	if [ -z "$2" ]
	then echo "Missing port number";
	    usage
	fi
	exec sudo /opt/vyatta/sbin/telnetd.init restart "$2"
	;;

    disable)
	exec sudo /opt/vyatta/sbin/telnetd.init stop
	;;

    *)  
	echo "Unknown argument $1";
	usage 
	;;
esac