#!/bin/sh
# /etc/init.d/x11-common: set up the X server and ICE socket directories
### BEGIN INIT INFO
# Provides:          x11-common
# Required-Start:    $remote_fs
# Required-Stop:     $remote_fs
# Default-Start:     S
# Default-Stop:
# Short-Description: set up the X server and ICE socket directories
### END INIT INFO

set -e

setvar PATH = "/usr/bin:/usr/sbin:/bin:/sbin"
setvar SOCKET_DIR = '.X11-unix'
setvar ICE_DIR = '.ICE-unix'

source /lib/lsb/init-functions
if test -f /etc/default/rcS {
  source /etc/default/rcS
}

proc do_restorecon {
  # Restore file security context (SELinux).
  if which restorecon >/dev/null 2>&1 {
    restorecon $1
  }
}

# create a directory in /tmp.
# assumes /tmp has a sticky bit set (or is only writeable by root)
proc set_up_dir {
  setvar DIR = ""/tmp/$1""

  if test $VERBOSE != no {
    log_progress_msg $DIR
  }
  # if $DIR exists and isn't a directory, move it aside
  if test -e $DIR && ! test -d $DIR || test -h $DIR {
    mv $DIR $(mktemp -d $DIR.XXXXXX)
  }

  setvar error = '0'
  while : {
    if test $error -ne 0  {
      # an error means the file-system is readonly or an attacker
      # is doing evil things, distinguish by creating a temporary file,
      # but give up after a while.
      if test $error -gt 5 {
        log_failure_msg "failed to set up $DIR"
        return 1
      }
      setvar fn = "$(mktemp /tmp/testwriteable.XXXXXXXXXX)" || return 1
      rm $fn
    }
    mkdir -p -m 01777 $DIR || do { rm $DIR || setvar error = $((error + 1)) ; continue ; }
    case{
      "0 0 1777 directory" {
        # everything as it is supposed to be
        break
        }
      "0 0 "*" directory" {
        # as it is owned by root, cannot be replaced with a symlink:
        chmod 01777 $DIR
        break
        }
      *" directory" {
        # if the chown succeeds, the next step can change it savely
        chown -h root:root $DIR || setvar error = $((error + 1))
        continue
        }
      * {
        log_failure_msg "failed to set up $DIR"
        return 1
        }
    }
  }
  do_restorecon $DIR

  return 0
}

proc do_status {
    if test -d "/tmp/$ICE_DIR" && test -d "/tmp/$SOCKET_DIR" {
      return 0
    } else {
      return 4
    }
}

case (1) {
  start {
    if test $VERBOSE != no {
      log_begin_msg "Setting up X socket directories..."
    }
    set_up_dir $SOCKET_DIR
    set_up_dir $ICE_DIR
    if test $VERBOSE != no {
      log_end_msg 0
    }
  }

  restart|reload|force-reload {
    /etc/init.d/x11-common start
  }

  stop {
   :
  }

  status {
    do_status
  }
  * {
    log_success_msg "Usage: /etc/init.d/x11-common {start|stop|status|restart|reload|force-reload}"
    exit 1
    }
}

exit 0

# vim:set ai et sts=2 sw=2 tw=0: