package com.aoindustries.aoserv.daemon.unix.linux;

import com.aoindustries.aoserv.client.AOServConnector;
import com.aoindustries.aoserv.client.distribution.OperatingSystemVersion;
import com.aoindustries.aoserv.client.ftp.GuestUser;
import com.aoindustries.aoserv.client.linux.Group;
import com.aoindustries.aoserv.client.linux.GroupServer;
import com.aoindustries.aoserv.client.linux.LinuxId;
import com.aoindustries.aoserv.client.linux.PosixPath;
import com.aoindustries.aoserv.client.linux.Server;
import com.aoindustries.aoserv.client.linux.Shell;
import com.aoindustries.aoserv.client.linux.User;
import com.aoindustries.aoserv.client.linux.UserServer;
import com.aoindustries.aoserv.daemon.AOServDaemon;
import com.aoindustries.aoserv.daemon.AOServDaemonConfiguration;
import com.aoindustries.aoserv.daemon.backup.BackupManager;
import com.aoindustries.aoserv.daemon.email.ImapManager;
import com.aoindustries.aoserv.daemon.httpd.HttpdOperatingSystemConfiguration;
import com.aoindustries.aoserv.daemon.httpd.tomcat.VersionedTomcatCommon;
import com.aoindustries.aoserv.daemon.unix.GShadowFile;
import com.aoindustries.aoserv.daemon.unix.GroupFile;
import com.aoindustries.aoserv.daemon.unix.PasswdFile;
import com.aoindustries.aoserv.daemon.unix.ShadowFile;
import com.aoindustries.aoserv.daemon.unix.linux.PackageManager;
import com.aoindustries.aoserv.daemon.util.BuilderThread;
import com.aoindustries.aoserv.daemon.util.DaemonFileUtils;
import com.aoindustries.collections.AoCollections;
import com.aoindustries.io.stream.StreamableInput;
import com.aoindustries.io.stream.StreamableOutput;
import com.aoindustries.io.unix.Stat;
import com.aoindustries.io.unix.UnixFile;
import com.aoindustries.lang.SysExits;
import com.aoindustries.tempfiles.TempFile;
import com.aoindustries.tempfiles.TempFileContext;
import com.aoindustries.util.BufferManager;
import com.aoindustries.util.ErrorPrinter;
import com.aoindustries.util.Tuple2;
import com.aoindustries.validation.ValidationException;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.io.RandomAccessFile;
import java.nio.channels.FileChannel;
import java.nio.channels.FileLock;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.StandardOpenOption;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:com/aoindustries/aoserv/daemon/unix/linux/LinuxAccountManager.class */
public class LinuxAccountManager extends BuilderThread {
    private static final String BASHRC = ".bashrc";
    private static LinuxAccountManager linuxAccountManager;
    private static final Logger logger = Logger.getLogger(LinuxAccountManager.class.getName());
    private static final File PWD_LOCK = new File("/etc/.pwd.lock");
    private static final UnixFile SUDOERS_D = new UnixFile("/etc/sudoers.d");
    private static final File cronDirectory = new File("/var/spool/cron");
    private static final Object rebuildLock = new Object();

    public static boolean comparePassword(User.Name name, String str) throws IOException, SQLException {
        String substring;
        String str2 = (String) ShadowFile.getEncryptedPassword(name).getElement1();
        if (str2.equals("!!") || str2.length() < 2) {
            return false;
        }
        if (str2.charAt(0) == '$') {
            substring = str2.substring(0, str2.lastIndexOf(36));
            if (substring.length() < 3) {
                return false;
            }
        } else {
            substring = str2.substring(0, 2);
        }
        return str2.equals(UnixFile.crypt(str, substring));
    }

    @Override // com.aoindustries.aoserv.daemon.util.BuilderThread
    protected boolean doRebuild() {
        try {
            rebuildLinuxAccountSettings();
            return true;
        } catch (ThreadDeath e) {
            throw e;
        } catch (Throwable th) {
            logger.log(Level.SEVERE, (String) null, th);
            return false;
        }
    }

    /* JADX WARN: Finally extract failed */
    private static void rebuildLinuxAccountSettings() throws IOException, SQLException {
        Map<Group.Name, GroupFile.Entry> readGroupFile;
        Map<User.Name, PasswdFile.Entry> readPasswdFile;
        UserServer linuxServerAccount;
        File file;
        String[] list;
        AOServConnector connector = AOServDaemon.getConnector();
        Server thisServer = AOServDaemon.getThisServer();
        HttpdOperatingSystemConfiguration httpOperatingSystemConfiguration = HttpdOperatingSystemConfiguration.getHttpOperatingSystemConfiguration();
        OperatingSystemVersion operatingSystemVersion = thisServer.getHost().getOperatingSystemVersion();
        int pkey = operatingSystemVersion.getPkey();
        if (pkey != 45 && pkey != 47 && pkey != 67 && pkey != 70) {
            throw new AssertionError("Unsupported OperatingSystemVersion: " + operatingSystemVersion);
        }
        int id = thisServer.getUidMin().getId();
        int id2 = thisServer.getUidMax().getId();
        int id3 = thisServer.getGidMin().getId();
        int id4 = thisServer.getGidMax().getId();
        if (logger.isLoggable(Level.FINER)) {
            logger.finer("uidMin=" + id + ", uidMax=" + id2 + ", gidMin=" + id3 + ", gidMax=" + id4);
        }
        synchronized (rebuildLock) {
            List<UserServer> linuxServerAccounts = thisServer.getLinuxServerAccounts();
            boolean z = false;
            boolean z2 = false;
            List<GroupServer> linuxServerGroups = thisServer.getLinuxServerGroups();
            LinkedHashSet linkedHashSet = new LinkedHashSet();
            try {
                FileChannel open = FileChannel.open(PWD_LOCK.toPath(), StandardOpenOption.WRITE, StandardOpenOption.CREATE);
                try {
                    FileLock lock = open.lock();
                    try {
                        synchronized (GroupFile.groupLock) {
                            readGroupFile = GroupFile.readGroupFile();
                        }
                        boolean z3 = false;
                        for (GroupFile.Entry entry : readGroupFile.values()) {
                            Group.Name groupName = entry.getGroupName();
                            if (entry.getGid() < id3 || entry.getGid() > id4 || groupName.equals(Group.AOADMIN) || groupName.equals(Group.ACCOUNTING) || groupName.equals(Group.BILLING) || groupName.equals(Group.DISTRIBUTION) || groupName.equals(Group.INFRASTRUCTURE) || groupName.equals(Group.MANAGEMENT) || groupName.equals(Group.MONITORING) || groupName.equals(Group.RESELLER) || groupName.equals(Group.CENTOS)) {
                                boolean z4 = false;
                                Iterator it = linuxServerGroups.iterator();
                                while (true) {
                                    if (it.hasNext()) {
                                        if (((GroupServer) it.next()).getLinuxGroup().getName().equals(groupName)) {
                                            z4 = true;
                                            break;
                                        }
                                    } else {
                                        break;
                                    }
                                }
                                if (!z4) {
                                    int gid = entry.getGid();
                                    if (logger.isLoggable(Level.FINE)) {
                                        logger.fine("Adding system group: " + groupName + " #" + gid);
                                    }
                                    thisServer.addSystemGroup(groupName, gid);
                                    z3 = true;
                                }
                            }
                        }
                        if (z3) {
                            linuxServerGroups = thisServer.getLinuxServerGroups();
                        }
                        synchronized (PasswdFile.passwdLock) {
                            readPasswdFile = PasswdFile.readPasswdFile();
                        }
                        boolean z5 = false;
                        for (PasswdFile.Entry entry2 : readPasswdFile.values()) {
                            User.Name username = entry2.getUsername();
                            if (entry2.getUid() < id || entry2.getUid() > id2 || username.equals(User.AOADMIN) || username.equals(User.ACCOUNTING) || username.equals(User.BILLING) || username.equals(User.DISTRIBUTION) || username.equals(User.INFRASTRUCTURE) || username.equals(User.MANAGEMENT) || username.equals(User.MONITORING) || username.equals(User.RESELLER) || username.equals(User.CENTOS)) {
                                boolean z6 = false;
                                Iterator it2 = linuxServerAccounts.iterator();
                                while (true) {
                                    if (it2.hasNext()) {
                                        if (((UserServer) it2.next()).getLinuxAccount().getUsername().getUsername().equals(username)) {
                                            z6 = true;
                                            break;
                                        }
                                    } else {
                                        break;
                                    }
                                }
                                if (!z6) {
                                    int uid = entry2.getUid();
                                    if (logger.isLoggable(Level.FINE)) {
                                        logger.fine("Adding system user: " + username + " #" + uid);
                                    }
                                    thisServer.addSystemUser(username, uid, entry2.getGid(), entry2.getFullName(), entry2.getOfficeLocation(), entry2.getOfficePhone(), entry2.getHomePhone(), entry2.getHome(), entry2.getShell());
                                    z5 = true;
                                }
                            }
                        }
                        if (z5) {
                            linuxServerAccounts = thisServer.getLinuxServerAccounts();
                        }
                        Iterator it3 = linuxServerAccounts.iterator();
                        while (it3.hasNext()) {
                            PosixPath path = ((UserServer) it3.next()).getLinuxAccount().getShell().getPath();
                            if (path.equals(Shell.FTPONLY) || path.equals(Shell.FTPPASSWD)) {
                                z = true;
                                break;
                            }
                        }
                        if (z) {
                            PackageManager.installPackage(PackageManager.PackageName.AOSERV_FTP_SHELLS);
                        }
                        Iterator it4 = linuxServerAccounts.iterator();
                        while (true) {
                            if (it4.hasNext()) {
                                if (((UserServer) it4.next()).getLinuxAccount().getShell().getPath().equals(Shell.PASSWD)) {
                                    z2 = true;
                                    break;
                                }
                            } else {
                                break;
                            }
                        }
                        if (z2) {
                            PackageManager.installPackage(PackageManager.PackageName.AOSERV_PASSWD_SHELL);
                        }
                        int size = linuxServerAccounts.size();
                        LinkedHashSet newLinkedHashSet = AoCollections.newLinkedHashSet(size);
                        LinkedHashSet newLinkedHashSet2 = AoCollections.newLinkedHashSet(size);
                        LinkedHashSet newLinkedHashSet3 = AoCollections.newLinkedHashSet(size);
                        LinkedHashSet newLinkedHashSet4 = AoCollections.newLinkedHashSet(size);
                        LinkedHashMap newLinkedHashMap = AoCollections.newLinkedHashMap(size);
                        boolean z7 = false;
                        for (UserServer userServer : linuxServerAccounts) {
                            User linuxAccount = userServer.getLinuxAccount();
                            User.Name username_id = linuxAccount.getUsername_id();
                            if (!newLinkedHashSet.add(username_id)) {
                                throw new SQLException("Duplicate username: " + username_id);
                            }
                            if (!newLinkedHashSet2.add(username_id.toString())) {
                                throw new AssertionError();
                            }
                            newLinkedHashSet3.add(Integer.valueOf(userServer.getUid().getId()));
                            newLinkedHashSet4.add(userServer.getHome().toString());
                            GroupServer primaryLinuxServerGroup = userServer.getPrimaryLinuxServerGroup();
                            if (primaryLinuxServerGroup == null) {
                                throw new SQLException("Unable to find primary GroupServer for username=" + username_id + " on " + userServer.getServer());
                            }
                            PosixPath path2 = linuxAccount.getShell().getPath();
                            if (pkey == 67 && username_id.equals(User.CYRUS) && path2.equals(Shell.NOLOGIN) && logger.isLoggable(Level.INFO)) {
                                logger.info("Converting " + path2 + " to " + Shell.BASH + " for " + username_id);
                                path2 = Shell.BASH;
                            }
                            if (newLinkedHashMap.put(username_id, new PasswdFile.Entry(username_id, userServer.getUid().getId(), primaryLinuxServerGroup.getGid().getId(), linuxAccount.getName(), linuxAccount.getOfficeLocation(), linuxAccount.getOfficePhone(), linuxAccount.getHomePhone(), userServer.getHome(), path2)) != null) {
                                throw new SQLException("Duplicate username: " + username_id);
                            }
                            if (username_id.equals(User.ROOT)) {
                                z7 = true;
                            }
                        }
                        if (!z7) {
                            throw new SQLException(User.ROOT + " user not found");
                        }
                        int size2 = linuxServerGroups.size();
                        LinkedHashMap newLinkedHashMap2 = AoCollections.newLinkedHashMap(size2);
                        LinkedHashMap newLinkedHashMap3 = AoCollections.newLinkedHashMap(size2);
                        boolean z8 = false;
                        for (GroupServer groupServer : linuxServerGroups) {
                            Group.Name name = groupServer.getLinuxGroup().getName();
                            LinkedHashSet linkedHashSet2 = new LinkedHashSet();
                            Iterator it5 = groupServer.getAlternateLinuxServerAccounts().iterator();
                            while (it5.hasNext()) {
                                User.Name linuxAccount_username_id = ((UserServer) it5.next()).getLinuxAccount_username_id();
                                if (!linkedHashSet2.add(linuxAccount_username_id)) {
                                    throw new SQLException("Duplicate group member: " + linuxAccount_username_id);
                                }
                            }
                            if (name.equals(Group.PROFTPD_JAILED)) {
                                if (pkey == 45 || pkey == 47) {
                                    Iterator it6 = thisServer.getFTPGuestUsers().iterator();
                                    while (it6.hasNext()) {
                                        linkedHashSet2.add(((GuestUser) it6.next()).getLinuxAccount().getUsername_id());
                                    }
                                } else if (pkey != 67 && pkey != 70) {
                                    throw new AssertionError("Unsupported OperatingSystemVersion: " + operatingSystemVersion);
                                }
                            }
                            if (newLinkedHashMap2.put(name, linkedHashSet2) != null) {
                                throw new SQLException("Duplicate group name: " + name);
                            }
                            if (newLinkedHashMap3.put(name, new GroupFile.Entry(name, groupServer.getGid().getId(), linkedHashSet2)) != null) {
                                throw new SQLException("Duplicate group name: " + name);
                            }
                            if (name.equals(Group.ROOT)) {
                                z8 = true;
                            }
                        }
                        if (!z8) {
                            throw new SQLException(Group.ROOT + " group not found");
                        }
                        synchronized (PasswdFile.passwdLock) {
                            synchronized (ShadowFile.shadowLock) {
                                synchronized (GroupFile.groupLock) {
                                    synchronized (GShadowFile.gshadowLock) {
                                        byte[] buildPasswdFile = PasswdFile.buildPasswdFile(newLinkedHashMap, id, id2);
                                        byte[] buildShadowFile = ShadowFile.buildShadowFile(newLinkedHashSet);
                                        byte[] buildGroupFile = GroupFile.buildGroupFile(newLinkedHashMap3, id3, id4);
                                        byte[] buildGShadowFile = GShadowFile.buildGShadowFile(newLinkedHashMap2);
                                        PasswdFile.writePasswdFile(buildPasswdFile, linkedHashSet);
                                        ShadowFile.writeShadowFile(buildShadowFile, linkedHashSet);
                                        GroupFile.writeGroupFile(buildGroupFile, linkedHashSet);
                                        GShadowFile.writeGShadowFile(buildGShadowFile, linkedHashSet);
                                    }
                                }
                            }
                        }
                        DaemonFileUtils.restorecon(linkedHashSet);
                        linkedHashSet.clear();
                        if (lock != null) {
                            lock.close();
                        }
                        if (open != null) {
                            open.close();
                        }
                        ArrayList arrayList = new ArrayList();
                        if (pkey == 45) {
                            GroupServer linuxServerGroup = connector.getLinux().getGroup().get(Group.MAIL).getLinuxServerGroup(thisServer);
                            if (linuxServerGroup == null) {
                                throw new SQLException("Unable to find GroupServer: " + Group.MAIL + " on " + thisServer.getHostname());
                            }
                            for (UserServer userServer2 : linuxServerAccounts) {
                                User linuxAccount2 = userServer2.getLinuxAccount();
                                if (linuxAccount2.getType().isEmail()) {
                                    File file2 = new File(ImapManager.mailSpool, linuxAccount2.getUsername_id().toString());
                                    if (!file2.exists()) {
                                        UnixFile unixFile = new UnixFile(file2.getPath());
                                        if (logger.isLoggable(Level.INFO)) {
                                            logger.info("Creating inbox: \"" + unixFile + '\"');
                                        }
                                        unixFile.getSecureOutputStream(userServer2.getUid().getId(), linuxServerGroup.getGid().getId(), 432L, false, id, id3).close();
                                    }
                                }
                            }
                            String[] list2 = ImapManager.mailSpool.list();
                            if (list2 != null) {
                                for (String str : list2) {
                                    if (!newLinkedHashSet2.contains(str) && (!str.endsWith(".lock") || !newLinkedHashSet2.contains(str.substring(0, str.length() - ".lock".length())))) {
                                        File file3 = new File(ImapManager.mailSpool, str);
                                        if (logger.isLoggable(Level.INFO)) {
                                            logger.info("Scheduling for removal: " + file3);
                                        }
                                        arrayList.add(file3);
                                    }
                                }
                            }
                        } else if (pkey != 47 && pkey != 67 && pkey != 70) {
                            throw new AssertionError("Unsupported OperatingSystemVersion: " + operatingSystemVersion);
                        }
                        for (UserServer userServer3 : linuxServerAccounts) {
                            User linuxAccount3 = userServer3.getLinuxAccount();
                            String name2 = linuxAccount3.getType().getName();
                            User.Name username_id2 = linuxAccount3.getUsername_id();
                            GroupServer primaryLinuxServerGroup2 = userServer3.getPrimaryLinuxServerGroup();
                            int id5 = userServer3.getUid().getId();
                            int id6 = primaryLinuxServerGroup2.getGid().getId();
                            boolean z9 = false;
                            PosixPath home = userServer3.getHome();
                            UnixFile unixFile2 = new UnixFile(home.toString());
                            if (!unixFile2.getStat().exists()) {
                                UnixFile parent = unixFile2.getParent();
                                if (!parent.getStat().exists()) {
                                    if (logger.isLoggable(Level.INFO)) {
                                        logger.info("mkdir \"" + parent + '\"');
                                    }
                                    parent.mkdir(true, 493L);
                                }
                                PosixPath defaultHomeDirectory = UserServer.getDefaultHomeDirectory(username_id2);
                                PosixPath hashedHomeDirectory = UserServer.getHashedHomeDirectory(username_id2);
                                UnixFile unixFile3 = home.equals(defaultHomeDirectory) ? new UnixFile(hashedHomeDirectory.toString()) : home.equals(hashedHomeDirectory) ? new UnixFile(defaultHomeDirectory.toString()) : null;
                                if (unixFile3 == null || newLinkedHashSet4.contains(unixFile3.getPath()) || !unixFile3.getStat().exists()) {
                                    if (logger.isLoggable(Level.INFO)) {
                                        logger.info("mkdir \"" + unixFile2 + '\"');
                                    }
                                    unixFile2.mkdir(false, 448L);
                                    z9 = true;
                                } else {
                                    if (logger.isLoggable(Level.INFO)) {
                                        logger.info("mv \"" + unixFile3 + "\" \"" + unixFile2 + '\"');
                                    }
                                    unixFile3.renameTo(unixFile2);
                                    linkedHashSet.add(unixFile2);
                                }
                            }
                            String path3 = unixFile2.getPath();
                            boolean z10 = path3.startsWith(new StringBuilder().append(httpOperatingSystemConfiguration.getHttpdSitesDirectory().toString()).append('/').toString()) && (name2.equals("user") || name2.equals("application")) && linuxAccount3.getFTPGuestUser() == null;
                            if (z10 || path3.startsWith("/home/")) {
                                Stat stat = unixFile2.getStat();
                                boolean z11 = !z10 && (stat.getUid() == 0 || stat.getGid() == 0) && !new UnixFile(new StringBuilder().append(path3).append(".aes256.img").toString()).getStat().exists();
                                if (z11) {
                                    z9 = true;
                                }
                                if (z9 && ((name2.equals("user") || name2.equals("application")) && (list = (file = new File("/etc/skel")).list()) != null)) {
                                    for (String str2 : list) {
                                        UnixFile unixFile4 = new UnixFile(unixFile2, str2, true);
                                        if (!unixFile4.getStat().exists()) {
                                            UnixFile unixFile5 = new UnixFile(file, str2);
                                            if (logger.isLoggable(Level.INFO)) {
                                                logger.info("cp \"" + unixFile5 + "\" \"" + unixFile4 + '\"');
                                            }
                                            unixFile5.copyTo(unixFile4, false);
                                            if (logger.isLoggable(Level.INFO)) {
                                                logger.info("chown " + id5 + ':' + id6 + " \"" + unixFile4 + '\"');
                                            }
                                            unixFile4.chown(id5, id6);
                                        }
                                    }
                                }
                                if (z11) {
                                    if (logger.isLoggable(Level.INFO)) {
                                        logger.info("chown " + id5 + ':' + id6 + " \"" + unixFile2 + '\"');
                                    }
                                    unixFile2.chown(id5, id6);
                                }
                            }
                        }
                        DaemonFileUtils.restorecon(linkedHashSet);
                        linkedHashSet.clear();
                        HashSet hashSet = new HashSet();
                        for (char c = 'a'; c <= 'z'; c = (char) (c + 1)) {
                            UnixFile unixFile6 = new UnixFile("/home/" + c);
                            if (newLinkedHashSet4.contains(unixFile6.getPath())) {
                                if (logger.isLoggable(Level.FINE)) {
                                    logger.fine("hashDir is a home directory, not cleaning: " + unixFile6);
                                }
                            } else if (unixFile6.getStat().exists()) {
                                boolean z12 = false;
                                ArrayList<File> arrayList2 = new ArrayList();
                                String[] list3 = unixFile6.list();
                                if (list3 != null) {
                                    for (String str3 : list3) {
                                        UnixFile unixFile7 = new UnixFile(unixFile6, str3, true);
                                        String path4 = unixFile7.getPath();
                                        if (path4.endsWith(".aes256.img")) {
                                            path4 = path4.substring(0, path4.length() - ".aes256.img".length());
                                        }
                                        if (newLinkedHashSet4.contains(path4)) {
                                            if (logger.isLoggable(Level.FINE)) {
                                                logger.fine("hashDir has home directory: " + unixFile7);
                                            }
                                            z12 = true;
                                        } else {
                                            if (logger.isLoggable(Level.FINE)) {
                                                logger.fine("hashDir has an extra directory: " + unixFile7);
                                            }
                                            arrayList2.add(unixFile7.getFile());
                                        }
                                    }
                                }
                                if (z12) {
                                    if (logger.isLoggable(Level.FINE)) {
                                        logger.fine("hashDir still has home directories: " + unixFile6);
                                    }
                                    for (File file4 : arrayList2) {
                                        if (logger.isLoggable(Level.INFO)) {
                                            logger.info("Scheduling for removal: " + file4);
                                        }
                                        arrayList.add(file4);
                                    }
                                    hashSet.add(unixFile6.getPath());
                                } else if (logger.isLoggable(Level.FINE)) {
                                    logger.fine("hashDir does not have any home directories, will be deleted completely: " + unixFile6);
                                }
                            }
                        }
                        UnixFile unixFile8 = new UnixFile("/home");
                        String[] list4 = unixFile8.list();
                        if (list4 != null) {
                            for (String str4 : list4) {
                                UnixFile unixFile9 = new UnixFile(unixFile8, str4, true);
                                String path5 = unixFile9.getPath();
                                if (!hashSet.contains(path5)) {
                                    if (path5.endsWith(".aes256.img")) {
                                        path5 = path5.substring(0, path5.length() - ".aes256.img".length());
                                    }
                                    if (!newLinkedHashSet4.contains(path5)) {
                                        File file5 = unixFile9.getFile();
                                        if (logger.isLoggable(Level.INFO)) {
                                            logger.info("Scheduling for removal: " + file5);
                                        }
                                        arrayList.add(file5);
                                    } else if (logger.isLoggable(Level.FINE)) {
                                        logger.fine("Is a home directory: " + unixFile9);
                                    }
                                } else if (logger.isLoggable(Level.FINE)) {
                                    logger.fine("Keeping hashDir that is still used: " + unixFile9);
                                }
                            }
                        }
                        String[] list5 = cronDirectory.list();
                        if (list5 != null) {
                            for (String str5 : list5) {
                                if (!newLinkedHashSet2.contains(str5)) {
                                    File file6 = new File(cronDirectory, str5);
                                    if (logger.isLoggable(Level.INFO)) {
                                        logger.info("Scheduling for removal: " + file6);
                                    }
                                    arrayList.add(file6);
                                }
                            }
                        }
                        if (pkey == 70) {
                            LinkedHashMap linkedHashMap = new LinkedHashMap();
                            for (UserServer userServer4 : linuxServerAccounts) {
                                String sudo = userServer4.getSudo();
                                if (sudo != null) {
                                    linkedHashMap.put(userServer4.getLinuxAccount().getUsername().getUsername().toString(), sudo);
                                }
                            }
                            HashSet newHashSet = AoCollections.newHashSet(linkedHashMap.size());
                            if (!linkedHashMap.isEmpty()) {
                                PackageManager.installPackage(PackageManager.PackageName.SUDO);
                                if (!SUDOERS_D.getStat().exists()) {
                                    SUDOERS_D.mkdir(false, 488L);
                                }
                                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                                for (Map.Entry entry3 : linkedHashMap.entrySet()) {
                                    String str6 = (String) entry3.getKey();
                                    String str7 = (String) entry3.getValue();
                                    byteArrayOutputStream.reset();
                                    OutputStreamWriter outputStreamWriter = new OutputStreamWriter(byteArrayOutputStream, StandardCharsets.UTF_8);
                                    try {
                                        outputStreamWriter.write("##\n## Configured by ");
                                        outputStreamWriter.write(LinuxAccountManager.class.getName());
                                        outputStreamWriter.write("\n## \n## See ");
                                        outputStreamWriter.write(UserServer.class.getName());
                                        outputStreamWriter.write(".getSudo()\n##\n");
                                        outputStreamWriter.write(str6);
                                        outputStreamWriter.write(32);
                                        outputStreamWriter.write(str7);
                                        outputStreamWriter.write(10);
                                        outputStreamWriter.close();
                                        String str8 = (!str6.equals(User.CENTOS.toString()) || PackageManager.getInstalledPackage(PackageManager.PackageName.CLOUD_INIT) == null) ? str6 : "90-cloud-init-users";
                                        DaemonFileUtils.atomicWrite(new UnixFile(SUDOERS_D, str8, true), byteArrayOutputStream.toByteArray(), 288L, 0, 0, null, linkedHashSet);
                                        newHashSet.add(str8);
                                    } catch (Throwable th) {
                                        try {
                                            outputStreamWriter.close();
                                        } catch (Throwable th2) {
                                            th.addSuppressed(th2);
                                        }
                                        throw th;
                                    }
                                }
                            }
                            DaemonFileUtils.restorecon(linkedHashSet);
                            linkedHashSet.clear();
                            String[] list6 = SUDOERS_D.list();
                            if (list6 != null) {
                                for (String str9 : list6) {
                                    if (!newHashSet.contains(str9)) {
                                        File file7 = new File(SUDOERS_D.getFile(), str9);
                                        if (logger.isLoggable(Level.INFO)) {
                                            logger.info("Scheduling for removal: " + file7);
                                        }
                                        arrayList.add(file7);
                                    }
                                }
                            }
                        } else if (pkey != 45 && pkey != 47 && pkey != 67) {
                            throw new AssertionError("Unsupported OperatingSystemVersion: " + operatingSystemVersion);
                        }
                        for (UserServer userServer5 : linuxServerAccounts) {
                            String predisablePassword = userServer5.getPredisablePassword();
                            if (userServer5.isDisabled()) {
                                if (predisablePassword == null) {
                                    User.Name linuxAccount_username_id2 = userServer5.getLinuxAccount_username_id();
                                    if (logger.isLoggable(Level.INFO)) {
                                        logger.info("Storing predisable password for " + linuxAccount_username_id2);
                                    }
                                    userServer5.setPredisablePassword((String) getEncryptedPassword(linuxAccount_username_id2).getElement1());
                                    if (logger.isLoggable(Level.INFO)) {
                                        logger.info("Clearing password for " + linuxAccount_username_id2);
                                    }
                                    setPassword(linuxAccount_username_id2, null, false);
                                }
                            } else if (predisablePassword != null) {
                                User.Name linuxAccount_username_id3 = userServer5.getLinuxAccount_username_id();
                                if (logger.isLoggable(Level.INFO)) {
                                    logger.info("Restoring password for " + linuxAccount_username_id3);
                                }
                                setEncryptedPassword(linuxAccount_username_id3, predisablePassword, null);
                                if (logger.isLoggable(Level.INFO)) {
                                    logger.info("Clearing predisable password for " + linuxAccount_username_id3);
                                }
                                userServer5.setPredisablePassword((String) null);
                            }
                        }
                        if (AOServDaemonConfiguration.isNested()) {
                            if (logger.isLoggable(Level.FINE)) {
                                logger.fine("This server is nested, not killing processes.");
                            }
                        } else if (thisServer.getFailoverServer() == null) {
                            List nestedServers = thisServer.getNestedServers();
                            String[] list7 = new File("/proc").list();
                            if (list7 != null) {
                                for (String str10 : list7) {
                                    int length = str10.length();
                                    boolean z13 = true;
                                    for (int i = 0; i < length; i++) {
                                        char charAt = str10.charAt(i);
                                        if (charAt < '0' || charAt > '9') {
                                            z13 = false;
                                            break;
                                        }
                                    }
                                    if (z13) {
                                        try {
                                            int parseInt = Integer.parseInt(str10);
                                            LinuxProcess linuxProcess = new LinuxProcess(parseInt);
                                            int uid2 = linuxProcess.getUid();
                                            if (uid2 != 0 && (!newLinkedHashSet3.contains(Integer.valueOf(uid2)) || (linuxServerAccount = thisServer.getLinuxServerAccount(LinuxId.valueOf(uid2))) == null || linuxServerAccount.isDisabled())) {
                                                boolean z14 = false;
                                                Iterator it7 = nestedServers.iterator();
                                                while (true) {
                                                    if (!it7.hasNext()) {
                                                        break;
                                                    }
                                                    UserServer linuxServerAccount2 = ((Server) it7.next()).getLinuxServerAccount(LinuxId.valueOf(uid2));
                                                    if (linuxServerAccount2 != null && !linuxServerAccount2.isDisabled()) {
                                                        z14 = true;
                                                        break;
                                                    }
                                                }
                                                if (!z14) {
                                                    if (logger.isLoggable(Level.INFO)) {
                                                        logger.info("Killing process # " + parseInt + " running as user # " + uid2);
                                                    }
                                                    linuxProcess.killProc();
                                                }
                                            }
                                        } catch (FileNotFoundException e) {
                                            if (logger.isLoggable(Level.FINE)) {
                                                logger.log(Level.FINE, "It is normal that this is thrown if the process has already closed", (Throwable) e);
                                            }
                                        } catch (IOException | ValidationException e2) {
                                            logger.log(Level.SEVERE, "filename=" + str10, (Throwable) e2);
                                        }
                                    }
                                }
                            }
                        } else if (logger.isLoggable(Level.FINE)) {
                            logger.fine("This server is in a fail-over state, not killing processes; parent server will kill processes.");
                        }
                        try {
                            ArrayList<File> arrayList3 = new ArrayList();
                            AOServDaemon.findUnownedFiles(new File("/tmp"), newLinkedHashSet3, arrayList3, 0);
                            AOServDaemon.findUnownedFiles(new File("/var/tmp"), newLinkedHashSet3, arrayList3, 0);
                            for (File file8 : arrayList3) {
                                if (logger.isLoggable(Level.INFO)) {
                                    logger.info("Scheduling for removal: " + file8);
                                }
                                arrayList.add(file8);
                            }
                        } catch (FileNotFoundException e3) {
                            if (logger.isLoggable(Level.FINE)) {
                                logger.log(Level.FINE, "This may normally occur because of the dynamic nature of the tmp directories", (Throwable) e3);
                            }
                        }
                        BackupManager.backupAndDeleteFiles(arrayList);
                        if (AOServDaemonConfiguration.isPackageManagerUninstallEnabled()) {
                            if (!z2) {
                                PackageManager.removePackage(PackageManager.PackageName.AOSERV_PASSWD_SHELL);
                            }
                            if (!z) {
                                PackageManager.removePackage(PackageManager.PackageName.AOSERV_FTP_SHELLS);
                            }
                        }
                        DaemonFileUtils.restorecon(linkedHashSet);
                    } catch (Throwable th3) {
                        if (lock != null) {
                            try {
                                lock.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                        }
                        throw th3;
                    }
                } catch (Throwable th5) {
                    if (open != null) {
                        try {
                            open.close();
                        } catch (Throwable th6) {
                            th5.addSuppressed(th6);
                        }
                    }
                    throw th5;
                }
            } catch (Throwable th7) {
                DaemonFileUtils.restorecon(linkedHashSet);
                throw th7;
            }
        }
    }

    public static String getAutoresponderContent(PosixPath posixPath) throws IOException, SQLException {
        String str;
        UnixFile unixFile = new UnixFile(posixPath.toString());
        if (unixFile.getStat().exists()) {
            StringBuilder sb = new StringBuilder();
            Server thisServer = AOServDaemon.getThisServer();
            BufferedInputStream bufferedInputStream = new BufferedInputStream(unixFile.getSecureInputStream(thisServer.getUidMin().getId(), thisServer.getGidMin().getId()));
            while (true) {
                try {
                    int read = bufferedInputStream.read();
                    if (read == -1) {
                        break;
                    }
                    sb.append((char) read);
                } catch (Throwable th) {
                    try {
                        bufferedInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            }
            bufferedInputStream.close();
            str = sb.toString();
        } else {
            str = "";
        }
        return str;
    }

    public static String getCronTable(User.Name name) throws IOException, SQLException {
        String str;
        File file = new File(cronDirectory, name.toString());
        if (file.exists()) {
            StringBuilder sb = new StringBuilder();
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
            while (true) {
                try {
                    int read = bufferedInputStream.read();
                    if (read == -1) {
                        break;
                    }
                    sb.append((char) read);
                } catch (Throwable th) {
                    try {
                        bufferedInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            }
            bufferedInputStream.close();
            str = sb.toString();
        } else {
            str = "";
        }
        return str;
    }

    public static Tuple2<String, Integer> getEncryptedPassword(User.Name name) throws IOException, SQLException {
        return ShadowFile.getEncryptedPassword(name);
    }

    public static void setBashProfile(UserServer userServer, String str) throws IOException, SQLException {
        String trim;
        String str2 = "[ -f '" + str + "' ] && . '" + str + "'";
        String str3 = ". " + str;
        UnixFile unixFile = new UnixFile(userServer.getHome().toString(), BASHRC);
        if (unixFile.getStat().exists()) {
            Server thisServer = AOServDaemon.getThisServer();
            int id = thisServer.getUidMin().getId();
            int id2 = thisServer.getGidMin().getId();
            boolean z = false;
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(unixFile.getSecureInputStream(id, id2)));
            do {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    trim = readLine.trim();
                    if (trim.equals(str2)) {
                        break;
                    }
                } catch (Throwable th) {
                    try {
                        bufferedReader.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } while (!trim.equals(str3));
            z = true;
            bufferedReader.close();
            if (z) {
                return;
            }
            RandomAccessFile secureRandomAccessFile = unixFile.getSecureRandomAccessFile("rw", id, id2);
            try {
                secureRandomAccessFile.seek(secureRandomAccessFile.length());
                secureRandomAccessFile.seek(secureRandomAccessFile.length());
                secureRandomAccessFile.write(10);
                secureRandomAccessFile.writeBytes(str2);
                secureRandomAccessFile.write(10);
                if (secureRandomAccessFile != null) {
                    secureRandomAccessFile.close();
                }
            } catch (Throwable th3) {
                if (secureRandomAccessFile != null) {
                    try {
                        secureRandomAccessFile.close();
                    } catch (Throwable th4) {
                        th3.addSuppressed(th4);
                    }
                }
                throw th3;
            }
        }
    }

    public static void setAutoresponderContent(PosixPath posixPath, String str, int i, int i2) throws IOException, SQLException {
        Server thisServer = AOServDaemon.getThisServer();
        int id = thisServer.getUidMin().getId();
        int id2 = thisServer.getGidMin().getId();
        File file = new File(posixPath.toString());
        synchronized (rebuildLock) {
            if (str != null) {
                PrintWriter printWriter = new PrintWriter(new BufferedOutputStream(new UnixFile(file).getSecureOutputStream(i, i2, 384L, true, id, id2)));
                try {
                    printWriter.print(str);
                    printWriter.close();
                } finally {
                }
            } else if (file.exists()) {
                Files.delete(file.toPath());
            }
        }
    }

    public static void setCronTable(User.Name name, String str) throws IOException, SQLException {
        Server thisServer = AOServDaemon.getThisServer();
        int id = thisServer.getUidMin().getId();
        int id2 = thisServer.getGidMin().getId();
        File file = new File(cronDirectory, name.toString());
        synchronized (rebuildLock) {
            if (!str.isEmpty()) {
                PrintWriter printWriter = new PrintWriter(new BufferedOutputStream(new UnixFile(file).getSecureOutputStream(0, thisServer.getLinuxServerAccount(name).getPrimaryLinuxServerGroup().getGid().getId(), 384L, true, id, id2)));
                try {
                    printWriter.print(str);
                    printWriter.close();
                } finally {
                }
            } else if (file.exists()) {
                Files.delete(file.toPath());
            }
        }
    }

    public static void setEncryptedPassword(User.Name name, String str, Integer num) throws IOException, SQLException {
        Server thisServer = AOServDaemon.getThisServer();
        if (thisServer.getLinuxServerAccount(name) == null) {
            throw new SQLException("Unable to find UserServer: " + name + " on " + thisServer);
        }
        ShadowFile.setEncryptedPassword(name, str, num);
    }

    public static void setPassword(User.Name name, String str, boolean z) throws IOException, SQLException {
        UnixFile.CryptAlgorithm cryptAlgorithm;
        Server thisServer = AOServDaemon.getThisServer();
        if (thisServer.getLinuxServerAccount(name) == null) {
            throw new SQLException("Unable to find UserServer: " + name + " on " + thisServer);
        }
        OperatingSystemVersion operatingSystemVersion = thisServer.getHost().getOperatingSystemVersion();
        switch (operatingSystemVersion.getPkey()) {
            case 45:
            case 47:
            case 67:
                cryptAlgorithm = UnixFile.CryptAlgorithm.MD5;
                break;
            case 70:
                cryptAlgorithm = UnixFile.CryptAlgorithm.SHA512;
                break;
            default:
                throw new AssertionError("Unsupported OperatingSystemVersion: " + operatingSystemVersion);
        }
        ShadowFile.setPassword(name, str, cryptAlgorithm, z);
    }

    public static void start() throws IOException, SQLException {
        OperatingSystemVersion operatingSystemVersion = AOServDaemon.getThisServer().getHost().getOperatingSystemVersion();
        int pkey = operatingSystemVersion.getPkey();
        synchronized (System.out) {
            if (pkey != 64 && pkey != 63 && pkey != 69) {
                if (AOServDaemonConfiguration.isManagerEnabled(LinuxAccountManager.class) && linuxAccountManager == null) {
                    System.out.print("Starting LinuxAccountManager: ");
                    if (pkey == 45 || pkey == 47 || pkey == 67 || pkey == 70) {
                        AOServConnector connector = AOServDaemon.getConnector();
                        linuxAccountManager = new LinuxAccountManager();
                        connector.getFtp().getGuestUser().addTableListener(linuxAccountManager, 0L);
                        connector.getLinux().getUser().addTableListener(linuxAccountManager, 0L);
                        connector.getLinux().getGroupUser().addTableListener(linuxAccountManager, 0L);
                        connector.getLinux().getUserServer().addTableListener(linuxAccountManager, 0L);
                        connector.getLinux().getGroupServer().addTableListener(linuxAccountManager, 0L);
                        PackageManager.addPackageListener(linuxAccountManager);
                        System.out.println("Done");
                    } else {
                        System.out.println("Unsupported OperatingSystemVersion: " + operatingSystemVersion);
                    }
                }
            }
        }
    }

    /* JADX WARN: Finally extract failed */
    public static void tarHomeDirectory(StreamableOutput streamableOutput, User.Name name) throws IOException, SQLException {
        PosixPath home = AOServDaemon.getThisServer().getLinuxServerAccount(name).getHome();
        TempFileContext tempFileContext = new TempFileContext();
        try {
            TempFile createTempFile = tempFileContext.createTempFile("tar_home_directory_", ".tar");
            try {
                AOServDaemon.exec("/bin/tar", "-c", "-C", home.toString(), "-f", createTempFile.getFile().getPath(), VersionedTomcatCommon.BACKUP_SEPARATOR);
                FileInputStream fileInputStream = new FileInputStream(createTempFile.getFile());
                try {
                    byte[] bytes = BufferManager.getBytes();
                    while (true) {
                        try {
                            int read = fileInputStream.read(bytes, 0, 4096);
                            if (read == -1) {
                                break;
                            }
                            streamableOutput.writeByte(1);
                            streamableOutput.writeShort(read);
                            streamableOutput.write(bytes, 0, read);
                        } catch (Throwable th) {
                            BufferManager.release(bytes, false);
                            throw th;
                        }
                    }
                    BufferManager.release(bytes, false);
                    fileInputStream.close();
                    if (createTempFile != null) {
                        createTempFile.close();
                    }
                    tempFileContext.close();
                } catch (Throwable th2) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th3) {
                        th2.addSuppressed(th3);
                    }
                    throw th2;
                }
            } finally {
            }
        } catch (Throwable th4) {
            try {
                tempFileContext.close();
            } catch (Throwable th5) {
                th4.addSuppressed(th5);
            }
            throw th4;
        }
    }

    /* JADX WARN: Finally extract failed */
    public static void untarHomeDirectory(StreamableInput streamableInput, User.Name name) throws IOException, SQLException {
        byte readByte;
        Server thisServer = AOServDaemon.getThisServer();
        thisServer.getUidMin().getId();
        thisServer.getGidMin().getId();
        synchronized (rebuildLock) {
            PosixPath home = thisServer.getLinuxServerAccount(name).getHome();
            TempFileContext tempFileContext = new TempFileContext();
            try {
                TempFile createTempFile = tempFileContext.createTempFile("untar_home_directory_", ".tar");
                try {
                    FileOutputStream fileOutputStream = new FileOutputStream(createTempFile.getFile());
                    try {
                        byte[] bytes = BufferManager.getBytes();
                        while (true) {
                            try {
                                readByte = streamableInput.readByte();
                                if (readByte != 1) {
                                    break;
                                }
                                short readShort = streamableInput.readShort();
                                streamableInput.readFully(bytes, 0, readShort);
                                fileOutputStream.write(bytes, 0, readShort);
                            } catch (Throwable th) {
                                BufferManager.release(bytes, false);
                                throw th;
                            }
                        }
                        BufferManager.release(bytes, false);
                        fileOutputStream.close();
                        if (readByte != 0) {
                            if (readByte == 3) {
                                throw new IOException(streamableInput.readUTF());
                            }
                            if (readByte != 4) {
                                throw new IOException("Unknown result: " + ((int) readByte));
                            }
                            throw new SQLException(streamableInput.readUTF());
                        }
                        AOServDaemon.exec("/bin/tar", "-x", "-C", home.toString(), "-f", createTempFile.getFile().getPath());
                        if (createTempFile != null) {
                            createTempFile.close();
                        }
                        tempFileContext.close();
                    } catch (Throwable th2) {
                        try {
                            fileOutputStream.close();
                        } catch (Throwable th3) {
                            th2.addSuppressed(th3);
                        }
                        throw th2;
                    }
                } catch (Throwable th4) {
                    if (createTempFile != null) {
                        try {
                            createTempFile.close();
                        } catch (Throwable th5) {
                            th4.addSuppressed(th5);
                        }
                    }
                    throw th4;
                }
            } finally {
            }
        }
    }

    public static void waitForRebuild() {
        if (linuxAccountManager != null) {
            linuxAccountManager.waitForBuild();
        }
    }

    @Override // com.aoindustries.aoserv.daemon.util.BuilderThread
    public String getProcessTimerDescription() {
        return "Rebuild Linux Accounts";
    }

    @Override // com.aoindustries.aoserv.daemon.util.BuilderThread
    public long getProcessTimerMaximumTime() {
        return BuilderThread.DEFAULT_PROCESS_TIMER_REMINDER_INTERVAL;
    }

    public static void main(String[] strArr) {
        try {
            rebuildLinuxAccountSettings();
        } catch (ThreadDeath e) {
            throw e;
        } catch (Throwable th) {
            ErrorPrinter.printStackTraces(th, System.err);
            System.exit(SysExits.getSysExit(th));
        }
    }

    private LinuxAccountManager() {
    }
}
