#!/bin/bash

# Trap the sigint signal
# so the msec process / subprocess can not be aborted by the user...
# This will avoid trashing of config file while they are modified 
# if msec is interupted. ( thanks fg ).

trap "" sigint

if [[ -z $1 ]]; then
	echo "Usage : $0 [0-5] | snf"
	echo "Usage : $0 \"custom\""
	exit 1
fi


if [[ ${1} == custom ]]; then
	/usr/share/msec/custom.sh
	echo
	echo "You might logout of your session for some change to be activated."
	echo
	exit 0;
fi

if [[ -f /usr/share/msec/level$1.sh ]]; then
	if [[ $1 == 4 || $1 == 5 || $1 == snf ]]; then
		ln -sf /etc/security/msec/server.$1 /etc/security/msec/server
	else 
		rm -rf /etc/security/msec/server
		chkconfig --list |awk ' {print $1}' | grep -v ":" | sort -u > /etc/security/msec/server
	fi
	ln -sf /usr/share/msec/level$1.sh /usr/share/msec/current-level.sh
	/usr/share/msec/current-level.sh
	echo
	echo "You might logout of your session for some change to be activated."
	echo
	if [[ -f /etc/security/msec/perm.$1 ]]; then
		ln -sf /etc/security/msec/perm.$1 /etc/security/msec/current.perm
		/usr/share/msec/file_perm.sh /etc/security/msec/current.perm
	else
		echo "Couldn't find the default permissions for level $1."
	fi
else
    echo "Security level $1 not availlable..."
fi