#!/bin/sh
LOG=/root/asl-uninstall.log
DATE=$(date +%Y%m%d-%H:%M)


source /etc/asl/config


echo "`date -u`: Uninstall initiated" >> $LOG
if [ -d /usr/local/directadmin ] ; then
  	TYPE=directadmin
elif [  -d /usr/local/cpanel ]; then
  TYPE=cpanel
else
  TYPE=normal
fi
echo "`date -u`: Environment $TYPE detected " >> $LOG 


echo
echo "  WARNING: This utility will remove ASL entirely from the system."

read -p "  Are you sure this is what you want to do? Type CONTINUE if you are sure you want to do this. (CONTINUE/STOP): " INPUT < /dev/tty



echo "`date -u`: User selected $INPUT  " >>  $LOG

if [ "$INPUT" != "CONTINUE" ]; then
  echo
  echo "  Exiting..."
  echo
  echo "`date -u`: User did not agree to uninstall  " >>  $LOG
  echo "`date -u`: uninstaller exiting " >>  $LOG
  exit
else
	echo "`date -u`: User selected $INPUT  " >>  $LOG
fi



# Normal
/etc/init.d/asl-firewall stop >> $LOG
/etc/init.d/crond stop >> $LOG
/etc/init.d/psmon stop >> $LOG
/etc/init.d/ossec-hids stop >> $LOG
/etc/init.d/clamd stop >> $LOG


# TODO: database drop event

COMMON_LIST="roadsend-php-libs"
FULL_LIST="mod_security mod_sed asl mod_evasive ossec-hids psmon rkhunter skdet unhide paxtest clamd clamav-db clamav asl-web gradm asl-web tortixd asl-php* aum aqueduct* asl-stream* tortix-release asl-php* rblcheck bigloo-libs chkrootkit inotify-tools"

echo "`date -u`: starting yum remove  " >>  $LOG
/usr/bin/yum remove  $FULL_LIST $COMMON_LIST 
echo "`date -u`: yum remove complete (exit $?) " >>  $LOG


# Cpanel
if [ -f /scripts/posteasyapache ]; then
  rm -f /scripts/posteasyapache
fi
if [ -f /scripts/preeasyapache ]; then
  rm -f /scripts/preeasyapache
fi


# 
killall -9 psmon >/dev/null 2>&1
if [ -f /var/lock/subsys/psmon ]; then
  rm -f /var/lock/subsys/psmon
fi


# Remove users
userdel tortix | tee -a $LOG
userdel asl-web | tee -a $LOG
groupdel tortix | tee -a $LOG

if [ -d /etc/httpd/modsecurity.d/ ]; then
  rm -f /etc/httpd/modsecurity.d/*
fi

echo "Clearing the /var/asl tree. This could take a few minutes, please be patient"
echo -n "	Removing /var/asl :"
rm -rf /var/asl
echo "Complete"
echo "`date -u` removed /var/asl" >> $LOG

/etc/init.d/crond start >> $LOG

if [ "$TYPE" == "cpanel" ]; then
  	rm -f /etc/httpd/modsecurity.d/00_mod_security.conf
  	touch /usr/local/apache/conf/modsec2.conf
	touch /usr/local/apache/modsecurity.d/tortix_waf.conf
	echo "`date -u` removed /etc/httpd/modsecurity.d/00_mod_security.conf" >> $LOG
  	/etc/init.d/httpd restart >> $LOG
  
fi

# Drop database
/usr/bin/mysqladmin drop $OSSEC_DATABASE | tee -a $LOG



rm -rf /etc/asl
rm -rf /var/ossec
rm -f /etc/yum.repos.d/asl.repo
rm -f /etc/yum.repos.d/tortix-common.repo >> $LOG

# final kernel check
if ! rpm -qa |grep ^kernel- ; then
	echo
	echo "WARNING****WARNING****WARNING"
	echo
	echo "No kernels were detected after uninstallation. This could mean that your system is now"
	echo "unbootable"
	echo 
	echo "If this is anything other than an openvz or virtuozzo system you need to fix this."
	echo "WARNING****WARNING****WARNING"
	echo
	echo
	echo "`date -u` WARNING: no kernels detected" >> $LOG
fi
echo "`date -u`: unisnstall complete" >> $LOG