#!/bin/sh
LOG=/root/asl-uninstall.log
DATE=$(date +%Y%m%d-%H:%M)


if [ -f /etc/asl/config ]; then
	source /etc/asl/config
fi


echo "`date -u`: Uninstall initiated" >> $LOG
if [ -d /usr/local/directadmin ] ; then
  	TYPE=directadmin
elif [  -d /usr/local/cpanel ]; then
  TYPE=cpanel
else
  TYPE=normal
fi
echo "`date -u`: Environment $TYPE detected " >> $LOG


echo
echo "  WARNING: This utility will remove ASL entirely from the system."
echo "  Are you sure this is what you want to do?"
read -p "  Type CONTINUE if you are sure you want to do this. (CONTINUE/STOP): " INPUT



echo "`date -u`: User selected $INPUT  " >>  $LOG

if [ "$INPUT" != "CONTINUE" ]; then
  echo
  echo "  Exiting..."
  echo
  echo "`date -u`: User did not agree to uninstall  " >>  $LOG
  echo "`date -u`: uninstaller exiting " >>  $LOG
  exit
else
	echo "`date -u`: User selected $INPUT  " >>  $LOG
fi



# Normal
service asl-firewall stop >> $LOG
service crond stop >> $LOG
service psmon stop >> $LOG
if [ -f /var/ossec/bin/ossec-control ]; then
	/var/ossec/bin/ossec-control stop >> $LOG
fi
service clamd stop >> $LOG

COMMON_LIST="roadsend-php-libs"
FULL_LIST="mod_security mod_sed asl mod_evasive ossec-hids psmon rkhunter skdet unhide paxtest clamd clamav-db clamav asl-web gradm asl-web tortixd asl-php* aum aqueduct* asl-stream* tortix-release asl-php* rblcheck bigloo-libs chkrootkit inotify-tools"
EXCLUDED="^psa-*|^GeoIP|^geoipupdate|sqlite|yum|libmnl"
UPDATED_LIST="$(/usr/bin/yum list installed |egrep -v $EXCLUDED | grep asl-4.0 | awk '{ print $1}'
)"

echo "`date -u`: starting yum remove  " >>  $LOG

/usr/bin/yum remove $FULL_LIST $COMMON_LIST $UPDATED_LIST

if [ $? -ge 1 ]; then
	echo "There was an error in yum, should the uninstall continue?"
	read -p "  Type CONTINUE if you want to continue the uninstall. (CONTINUE/STOP): " INPUT2
	if [ "$INPUT2" != "CONTINUE" ]; then
  		echo
  		echo "  Exiting..."
  		echo
  		echo "`date -u`: User stopped after yum error  " >>  $LOG
  		echo "`date -u`: uninstaller exiting " >>  $LOG
  		exit
	else
		echo "`date -u`: User selected $INPUT2  " >>  $LOG
	fi

fi
echo "`date -u`: yum remove complete (exit $?) " >>  $LOG


# Cpanel
if [ -f /scripts/posteasyapache ]; then
  rm -f /scripts/posteasyapache
fi
if [ -f /scripts/preeasyapache ]; then
  rm -f /scripts/preeasyapache
fi


#
killall -9 psmon >/dev/null 2>&1
if [ -f /var/lock/subsys/psmon ]; then
  rm -f /var/lock/subsys/psmon
fi


# Remove users
userdel tortix | tee -a $LOG
userdel asl-web | tee -a $LOG

# Sometimes there's an error here saying the group no longer exists, so check it first
if grep -q ^tortix: /etc/passwd ; then
	groupdel tortix | tee -a $LOG
fi

# Recurse through modsecurity directory and subdirectories (it would previously catch "advanced" as a directory so we need -r to remove it)
if [ -d /etc/httpd/modsecurity.d/ ]; then
  rm -rf /etc/httpd/modsecurity.d/*
fi

if [ ! -f /var/asl/bin/asl ]; then
	echo "Clearing the /var/asl tree. This could take a few minutes, please be patient"
	echo -n "	Removing /var/asl :"
	rm -rf /var/asl
	echo "Complete"
	echo "`date -u` removed /var/asl" >> $LOG
else
	echo "Error: /var/asl/bin/asl was still detected, not removing /var/asl"
fi


service crond start >> $LOG

if [ "$TYPE" == "cpanel" ]; then
	if [ -f /etc/httpd/modsecurity.d/00_mod_security.conf ]; then
  		rm -f /etc/httpd/modsecurity.d/00_mod_security.conf
	fi

	if [ -f /etc/apache2/conf.d/zz_mod_security.conf ]; then
		rm -f /etc/apache2/conf.d/zz_mod_security.conf
	fi
  	touch /usr/local/apache/conf/modsec2.conf
	touch /usr/local/apache/modsecurity.d/tortix_waf.conf
	echo "`date -u` removed /etc/httpd/modsecurity.d/00_mod_security.conf" >> $LOG
  	service httpd restart >> $LOG

fi

# Drop database
if [ $OSSEC_DATABASE ]; then
	/usr/bin/mysqladmin drop $OSSEC_DATABASE | tee -a $LOG
fi

# clear geodb
if [ -d /usr/share/xt_geoip/ ]; then
	rm -rf /usr/share/xt_geoip/
fi

rm -rf /etc/asl
rm -rf /var/ossec
rm -f /etc/yum.repos.d/asl.repo
rm -f /etc/yum.repos.d/tortix-common.repo >> $LOG

# final kernel check
if ! rpm -qa |grep ^kernel- ; then
	echo
	echo "WARNING****WARNING****WARNING"
	echo
	echo "No kernels were detected after uninstallation. This could mean that your system is now"
	echo "unbootable"
	echo
	echo "If this is anything other than an openvz or virtuozzo system you need to fix this."
	echo "WARNING****WARNING****WARNING"
	echo
	echo
	echo "`date -u` WARNING: no kernels detected" >> $LOG
fi
echo "`date -u`: uninstall complete" >> $LOG