#!/bin/bash

default_sec_password_file=/etc/condor-ce/passwords.d/POOL

prog=${0##*/}

fail () {
    echo "$prog:" "$@" >&2
    exit 1
}


[[ `id -u` -eq 0 ]] || fail "Permission denied.  This must be run as root."


sec_password_file=
if command -v condor_ce_config_val >/dev/null; then
    sec_password_file=`condor_ce_config_val SEC_PASSWORD_FILE 2>/dev/null`
fi
if [[ -z $sec_password_file ]]; then
    echo "$prog: SEC_PASSWORD_FILE not set in htcondor-ce config; using default location."
    sec_password_file=$default_sec_password_file
fi
if [[ -e $sec_password_file ]]; then
    fail "'$sec_password_file' already exists!  Delete the file before creating a new one."
fi

sec_password_dir=`dirname "$sec_password_file"`
if [[ ! -e $sec_password_dir ]]; then
    mkdir -p "$sec_password_dir" ||
        fail "Couldn't create directory '$sec_password_dir'."
    chmod 0700 "$sec_password_dir" ||
        fail "Couldn't chown directory '$sec_password_dir'."
fi

(
    umask 377 && \
    dd status=none if=/dev/urandom of="$sec_password_file" bs=64 count=1
) || fail "Couldn't create '$sec_password_file'."

echo "$prog: Created new pool password file at '$sec_password_file'."


# vim:et:sw=4:sts=4:ts=8
