#!/bin/sh

set -ex

## This script is run by www-data using sudo. Keep that in mind!
## Make sure that malicious execution cannot hurt.
##
## This script removes the host and nfs principals for hosts removed with gosa.
## It also removes the host specific keytab file (tjener:/etc/$fqdn.keytab).


HOST="$1"

## delete host's nfs principal and keytab file;
if $(kadmin.local listprincs | grep -q $HOST) ; then
    for i in $(kadmin.local listprincs | grep $HOST) ; do
        kadmin.local delprinc $i
    done
    rm /etc/debian-edu/host-keytabs/$(ls -l /etc/debian-edu/host-keytabs | grep $HOST | awk '{print $9}')
    logger -t gosa-remove-host -p notice Krb5 principals and keytab file for host \'$HOST\' removed.
fi
#

# update services:
/usr/share/debian-edu-config/tools/gosa-sync-dns-nfs

exit 0
