#!/bin/sh

# This CGI script calls (via sudo) the script that enables
# password based SSH logins.  It then spawns a process which
# sleeps for a set time and calls the same script to
# re-disable password based SSH logins.
#
# This file should be chmod'ed 0555 (for security)


# The full path to the lockfile produced by the enabling program
LOCKFILE=/tmp/enablePasswordSSHLogin.lock

# time to sleep
SLEEP_TIME=6m

/bin/echo "Content-type: text/html"
/bin/echo ""
/bin/echo "<HTML><HEAD>"
/bin/echo "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0; URL=/localAdmin\">"
/bin/echo "</HEAD></HTML>"

if [ -e ${LOCKFILE} ]; then
	# already enabled
	exit 0
fi

# Call enable script to enable password logins. 
# (redirect output to avoid cluttering web-page)
/usr/bin/sudo /var/www/whipAdmin/localAdmin/sshPasswordLogin/rootscript/setPasswordLoginEnabledDisabled.sh enable >/dev/null

# Sleep and then re-disable it.
# (we need to use /dev/null as stdin and stdout otherwise the program won't 
# return as the original stdin/stdout won't be closed...)
/bin/sh -c "/bin/sleep ${SLEEP_TIME}; /usr/bin/sudo /var/www/whipAdmin/localAdmin/sshPasswordLogin/rootscript/setPasswordLoginEnabledDisabled.sh disable" < /dev/null > /dev/null 2>&1 &