#!/bin/sh
#################################################################
#								#
# Copyright (c) 2009-2025 Fidelity National Information		#
# Services, Inc. and/or its subsidiaries. All rights reserved.	#
#								#
#	This source code contains the intellectual property	#
#	of its copyright holder(s), and is made available	#
#	under a license.  If you do not know the terms of	#
#	the license, please stop and do not read further.	#
#								#
#################################################################

. ./arch.gtc

# Path to the correct echo program
# depending on the list of locales configured, locale -a might be considered a binary output.
# grep needs -a option to process the output as text but -a is not supported on the non-linux servers we have.
if [ $arch = "linux" ]; then
	echo="/bin/echo -e"
	binaryopt="-a"
else
	echo=/bin/echo
	binaryopt=""
fi

# Options to ps
psopts="-ea"

# GTCM definitions
if [ -f gtcm_server ]; then
	deliver_gtcm="yes"
else
	deliver_gtcm="no"
fi

if [ -f gtcm_gnp_server ]; then
	deliver_gtcm_gnp="yes"
else
	deliver_gtcm_gnp="no"
fi

# create symbolic links if utf8 directory exists.  Ignore the "file exists" errors for the .o files
# which exist in both directories.

if [ -d utf8 ]; then
	(cd utf8; ln -s ../* . 2> /dev/null)
fi

# Native shared library extension.
ext=".so"

# Flags to build shared libraries of M routines
if [ "ibm" = $arch ] ; then ldflags="-brtl -G -bexpfull -bnoentry -b64" ; ldcmd="ld" # AIX
elif [ "linux" = $arch ] ; then ldflags="-shared -z noexecstack" ; ldcmd="ld" # Linux - all platforms
else echo "Shared libary ldflags not set for this platform"; exit 1
fi

# Binaries
binaries="mupip mumps libgtmshr$ext lke dse"

# Normal scripts - executed by anyone
nscripts="gtmbase lowerc_cp"

# Root scripts - only executed by root
rscripts="gtmstart gtmstop"
if [ $deliver_gtcm = "yes" ]; then
	rscripts="$rscripts gtcm_run gtcm_slist"
	binaries="$binaries gtcm_server"
fi

if [ $deliver_gtcm_gnp = "yes" ]; then
	binaries="$binaries gtcm_gnp_server"
fi

# Help files
hlpfiles="*help.dat *help.gld *.h"

# Other files (left here for future use)
ofiles="$hlpfiles"

# Files that need to have $gtm_dist, $echo, etc. set in them.
pathmods="gtmbase.gtc gtmstart.gtc gtmstop.gtc gtmcshrc.gtc gtmprofile.gtc gtm.gtc gtmprofile_preV54000.gtc gdedefaults.gtc"

# Files deprecated in various releases. These should explicitly removed if installation is done on an existing directory.
deprecatedfiles="geteuid semstat2 ftok"

if [ $deliver_gtcm = "yes" ]; then
	pathmods="$pathmods gtcm_run.gtc gtcm_slist.gtc"
fi

if [ "`whoami`" != "root" ] ; then
	$echo "You must run Configure as root."
	exit
fi

$echo "                     GT.M Configuration Script"
$echo "Copyright 2009-2025 Fidelity Information Services, Inc. and/or its subsidiaries."
$echo "Use of this software is restricted by the provisions of your license agreement."
$echo ""

# Native super user and group
rootuser=root
bingroup=bin
defowner=bin

# create temporary file to test for valid user and group names
touch tmp_owngrp
$echo "What user account should own the files? ($defowner) \c"
read resp
if [ "$resp" = "" ] ; then
	owner=$defowner
else
	owner=$resp
fi

chown $owner tmp_owngrp 2> /dev/null
if [ 0 != "$?" ] ; then
	$echo $owner is not a valid user name - exiting!
	rm tmp_owngrp
	exit
fi

$echo "What group should own the files? ($bingroup) \c"
read resp
if [ "$resp" != "" ] ; then
	bingroup=$resp
fi

chgrp $bingroup tmp_owngrp 2> /dev/null
if [ 0 != "$?" ] ; then
	$echo $bingroup is not a valid group name - exiting!
	rm tmp_owngrp
	exit 1
fi

$echo "Should execution of GT.M be restricted to this group? (y or n) \c"
read resp
if [ "$resp" = "Y" -o "$resp" = "y" ] ; then
	# root and bin are invalid groups to be restricted
	if [ 0 = $bingroup -o "bin" = $bingroup -o "root" = $bingroup ] ; then
		$echo GTM-E-GROUPNOTVALID - $bingroup not allowed to be a restricted group - exiting!
		exit 1
	fi
	# for all owners other than root or bin do an owner in group membership check
	if [ 0 != $owner -a "bin" != $owner -a "root" != $owner -a  `groups $owner | grep -w -c $bingroup` -eq 0 ] ; then
		$echo GTM-E-NOTINGROUP - $owner is not a member of $bingroup - exiting!
		exit 1
	fi
	group=$bingroup
fi

rm tmp_owngrp

$echo "In what directory should GT.M be installed? \c"
read gtmdist

# if gtmdist is relative then need to make it absolute

if [ `$echo $gtmdist | grep -c '^/'` -eq 0 ] ; then
    gtmdist=`pwd`/$gtmdist
fi

# ensure that canonical paths do not exceed PATH_MAX
getconf PATH_MAX $gtmdist | \
	awk '{max=$0-max;if(max<0)max+=1024;if(length(dist)>max){print dist" exceeds the maximum path length: "max;exit 1}}' \
		dist=$gtmdist max=50 || exit
$echo ""

if [ -d $gtmdist ]; then
	$echo "Directory $gtmdist exists. If you proceed with this installation then"
	$echo "some files will be over-written. Is it ok to proceed? (y or n) \c"
else
	$echo "Directory $gtmdist does not exist. Do you wish to create it as part of"
	$echo "this installation? (y or n) \c"
fi
read resp
if [ "$resp" = "Y" -o "$resp" = "y" ] ; then
	mkdir -p        $gtmdist
	chmod ug-s,-t   $gtmdist
	mkdir -p        $gtmdist/plugin/r $gtmdist/plugin/o
	chmod 0755      $gtmdist/plugin/r $gtmdist/plugin/o $gtmdist
	chown $owner    $gtmdist/plugin/r $gtmdist/plugin/o $gtmdist
	chgrp $bingroup $gtmdist/plugin/r $gtmdist/plugin/o $gtmdist
	remove_deprecated=1
else
	exit
fi

if [ ! -w $gtmdist ]; then
	$echo "Directory $gtmdist is not writeable, so exiting"
	exit
fi

server_id=42

$echo ""
$echo "Installing GT.M...."
$echo ""

is64bit_gtm=`file mumps | grep -c 64.bit`

if [ -d "utf8" ]; then
	unset icu_version
	doutf8=1
	# If package has utf8 directory, see if system has libicu and locale
	$echo "Should UTF-8 support be installed? (y or n) \c"
	read resp
	if [ "$resp" = "Y" -o "$resp" = "y" ] ; then
		if [ "linux" = $arch ]; then
			if [ -x "$(command -v pkg-config)" -a $(pkg-config --exists icu-io; echo $?) -eq 0 ]; then
				versioncmd="pkg-config --modversion icu-io"
				libcmd="pkg-config --variable=libdir icu-io"
			elif [ -x "$(command -v icu-config)" ] ; then
				versioncmd="icu-config --version"
				libcmd="icu-config --libdir"
			elif [ -x "$(command -v pkg-config)" -a $(pkg-config --exists icu; echo $?) -eq 0 ]; then
				versioncmd="pkg-config --modversion icu"
				libcmd="pkg-config --variable=libdir icu"
			fi
			if [ -n "$versioncmd" ]; then
				icu_version=`$versioncmd | awk '{ver=+$0;if(ver>5){ver=ver/10}printf("%.1f\n",ver);exit}'`
				extendlibpath=`$libcmd`
			fi
			if [ "$icu_version" != "" ] ; then
				maj=`$echo $icu_version | cut -f 1 -d "."`
				if [ "$maj" -ge "49" ] ; then
					# Assuming the input is of the form 52.1. As of ICU 49 (aka 4.9),
					# icu-config --version reports <major><minor>.<milli> and not <major>.<minor>
					majmin=$maj
				else
					# Assuming the input is of the form 4.2.1
					majmin=`$echo $icu_version | cut -d "." -f 1,2 | sed 's/\.//'`
				fi
				if [ "$majmin" -lt "36" ] ; then
					$echo "ICU version version found : $icu_version"
					$echo "Install ICU version 3.6 or above to enable UTF-8 support."
					doutf8=0
				fi
			else
				$echo "Could not find ICU version in the default location."
				doutf8=0
			fi
		else
			# AIX default ICU packages in use
			doutf8=1
		fi
		# Look for locale
		utflocale=`locale -a | grep $binaryopt -iE '\.utf.?8$' | head -n1`
		if [ "$utflocale" = "" ] ; then
			$echo "UTF-8 locale not found."
			doutf8=0
		fi
		if [ "$doutf8" -eq 0 ] ; then
			$echo "UTF-8 support was requested, but not all dependencies were satisfied."
			$echo "Please fix the above and re-run installation."
			exit 1
		fi
		if [ "$doutf8" -eq 1 -a "linux" = $arch ]; then
			# We do not recommend setting gtm_icu_version on AIX
			gtm_icu_version=$icu_version
			export gtm_icu_version
		fi
	else
		doutf8=0
	fi
else
	# If utf8 dir does not exist in package, can't install UTF-8 support
	doutf8=0
fi

# Solaris 10 bourne shell does not support ${var#word} syntax
install_dest=$gtmdist
if [ X"$gtm_destdir" != X"" ] ; then
	install_dest=`echo $install_dest | sed "s;${gtm_destdir};;"`
fi

# Modify the scripts as necessary for target configuration
cat << SEDSCRIPT > sedin$$
s|ARCH|$arch|g
s|ECHO|"$echo"|g
s|GTMDIST|${install_dest}|g
s|SERVERID|$server_id|g
SEDSCRIPT
for i in $pathmods
do
	dest=`basename $i .gtc`
	sed -f sedin$$ $i > $dest
	if [ "$doutf8" -ne 0 ]; then
		cd utf8
		if ( test -f "$dest" ) then rm $dest; fi
		ln -fs ../$dest $dest
		cd ..
	fi
done
rm sedin$$
if [ "$doutf8" -ne 0 ]; then
	if [ ! -d $gtmdist/utf8 ]; then
		mkdir -p $gtmdist/utf8 $gtmdist/plugin/o/utf8
		chmod 0755 $gtmdist/utf8 $gtmdist/plugin/o/utf8
		chown ${owner}:${bingroup} $gtmdist/utf8 $gtmdist/plugin/o/utf8
	fi
fi

# Remove deprecated files first if applicable
if [ -n "$remove_deprecated" ]; then
	$echo ""
	$echo "Checking for deprecated files in $gtmdist"
	$echo ""
	for file in $deprecatedfiles
	do
		if [ -f "$gtmdist/$file" -o -f "$gtmdist/utf8/$file" ]; then
			echo "	Removing $file"
			rm -f $gtmdist/$file $gtmdist/utf8/$file
		fi
	done
fi

# Install COPYING if it is applicable
file=COPYING
if [ -f $file ]; then
	cp -p $file $gtmdist
	if [ "$doutf8" -ne 0 ]; then
		ln -fs ../$file $gtmdist/utf8/$file
	fi
fi

# Install README.txt if it is applicable
file=README.txt
if [ -f $file ]; then
	cp -p $file $gtmdist
	if [ "$doutf8" -ne 0 ]; then
		ln -fs ../$file $gtmdist/utf8/$file
	fi
fi

# Install custom_errors_sample.txt if it is applicable
file=custom_errors_sample.txt
if [ -f $file ]; then
	cp -p $file $gtmdist
	if [ "$doutf8" -ne 0 ]; then
		ln -fs ../$file $gtmdist/utf8/$file
	fi
fi
# Install the .cshrc and .profile files
cp -p gdedefaults gtmgblstat.xc gtmprofile gtmprofile_preV54000 gtm gtmcshrc $gtmdist
chmod 0444 $gtmdist/gdedefaults
chown $owner $gtmdist/gdedefaults
chmod 0444 $gtmdist/gtmgblstat.xc
chown $owner $gtmdist/gtmgblstat.xc
chmod 0755 $gtmdist/gtmprofile
chown $owner $gtmdist/gtmprofile
chmod 0755 $gtmdist/gtmprofile_preV54000
chown $owner $gtmdist/gtmprofile_preV54000
chmod 0755 $gtmdist/gtm
chown $owner $gtmdist/gtm
chmod 0755 $gtmdist/gtmcshrc
chown $owner $gtmdist/gtmcshrc

# Install the normal scripts
for i in $nscripts
do
	cp -p $i $gtmdist
	chmod 0755 $gtmdist/$i
	chown $owner $gtmdist/$i
done

# Install the root scripts
for i in $rscripts
do
	cp -p $i $gtmdist
	chmod 0744 $gtmdist/$i
	chown $rootuser $gtmdist/$i
done

# Install the normal binaries
for i in $binaries
do
	if [ $arch = "linux" ]; then
		install -g $bingroup -o $owner -m 644 $i $gtmdist
	elif [ $arch = "ibm" ]; then
		/usr/bin/install -f $gtmdist -M 644 -O $owner -G $bingroup $i
	elif [ -x /usr/sbin/install ]; then
		/usr/sbin/install -f $gtmdist -m 644 -u $owner -g $bingroup $i $gtmdist
	else
		install -f $gtmdist -m 644 -u $owner -g $bingroup $i $gtmdist
	fi
#		strip $gtmdist/$i >/dev/null 2>&1
done

# Install other individual files
for i in  $ofiles
do
	cp -p $i $gtmdist
	chown $owner $gtmdist/$i
done

# For linux systems, attempt to execute the chcon command to allow use of the libgtmshr shared library. This
# command is required on many modern SELinux based systems but depends on the filesystem in use (requires context
# support). For that reason, we attempt the command and if it works, great. If it doesn't, oh well we tried.
if [ -f /usr/bin/chcon ]; then
	chcon -t texrel_shlib_t $gtmdist/libgtmshr$ext > /dev/null 2>&1
fi

# Create $gtmdist/plugin/gtmcrypt directory if this platform supports encryption

# Define variables to denote plugin and gtmcrypt directory names
plugin="plugin"
plugin_gtmcrypt="$plugin/gtmcrypt"

# Gtmcrypt scripts
gtmcryptscripts="gen_sym_key.sh encrypt_sign_db_key.sh gen_keypair.sh pinentry-gtm.sh"
gtmcryptscripts="$gtmcryptscripts import_and_sign_key.sh gen_sym_hash.sh show_install_config.sh"

# Gtmcrypt related M file
gtmcryptmfile="pinentry.m"

# Gtmcrypt input files
gtmcryptinfiles="gpgagent.tab.in gtmtlsfuncs.tab.in"

# Gtmcrypt source files
gtmcryptsrcfiles="Makefile README gtmcrypt_ref.c gtmcrypt_ref.h gtmcrypt_interface.h maskpass.c"
gtmcryptsrcfiles="$gtmcryptsrcfiles gtmcrypt_dbk_ref.c gtmcrypt_dbk_ref.h gtmcrypt_pk_ref.c gtmcrypt_pk_ref.h"
gtmcryptsrcfiles="$gtmcryptsrcfiles gtmcrypt_sym_ref.h gtmcrypt_sym_ref.c gtm_tls_interface.h gtm_tls_impl.h"
gtmcryptsrcfiles="$gtmcryptsrcfiles gtm_tls_impl.c gtm_tls_externalcalls.h gtmcrypt_util.c gtmcrypt_util.h"
gtmcryptsrcfiles="$gtmcryptsrcfiles $gtmcryptmfile $gtmcryptinfiles"

dogtmcrypt=0
if [ -d "$plugin_gtmcrypt" ]; then
	dogtmcrypt=1
	# Create plugin directory and gtmcrypt directory
	mkdir -p $gtmdist/plugin/gtmcrypt
	chmod 0755 $gtmdist/plugin
	chown $owner $gtmdist/plugin
	chgrp $bingroup $gtmdist/plugin
	chmod 0755 $gtmdist/plugin/gtmcrypt
	chown $owner $gtmdist/plugin/gtmcrypt/
	chgrp $bingroup $gtmdist/plugin/gtmcrypt

	# Tar the source files
	cat > $plugin_gtmcrypt/README << EOF
#
# WARNING: This file was generated by the GT.M install script at install time.
#
# Dependency information:
#  Please install a compiler toolchain and libgcrypt, libgpgme, libconfig, and
#  libssl development libraries. On Debian you can do:
#    sudo apt-get install libgcrypt11-dev libgpgme11-dev libconfig-dev libssl-dev
#
# Installation instructions:
#  You may need to edit the Makefile to add include (IFLAGS) and library paths
#  (LIBFLAGS) for your system.
#
#  The commands below to compile, install and set the file permissions on the
#  encryption plugin libraries make the following assumptions:
#    - The shell is bourne shell compatible
#    - The user is root
#    - The permissions defined for the gtm installation are appropriate for the
#      plug-in
#
#  You should be able to cut and paste the following commands
#
gtm_dist="$gtmdist"
export gtm_dist
make && make install && make clean
find \$gtm_dist/plugin -type f -exec chown ${owner}:${bingroup} {} +
EOF
	if [ "$group" != "" ] ; then
		echo "chmod -R o-rwx \$gtm_dist/plugin" >> $plugin_gtmcrypt/README
	fi
	(cd $plugin_gtmcrypt			&& \
	 chmod 0644 $gtmcryptsrcfiles		&& \
	 chmod 0755 $gtmcryptscripts 		&& \
	 chown ${owner}:${bingroup} *		&& \
	 tar -cvf $gtmdist/$plugin_gtmcrypt/source.tar $gtmcryptsrcfiles $gtmcryptscripts >/dev/null 2>&1)
	chmod 0644 $gtmdist/$plugin_gtmcrypt/source.tar
	chown ${owner}:${bingroup} $gtmdist/$plugin_gtmcrypt/source.tar
	rm $plugin_gtmcrypt/README
fi

# Install GDE, GTMHELP, and all the percent routines
cp -p *.o *.m $gtmdist

# Install a mirror image (using soft links) of $gtmdist under $gtmdist/utf8 if this platform can support "UTF-8" mode.
if [ "$doutf8" -ne 0 ]; then
	cd utf8
	for file in *
	do
		# Skip directories
		if [ -d "$file" ]; then
			continue
		fi
		# Skip gtmsecshr/dir
		if [ "$file" = "gtmsecshr" -o "$file" = "gtmsecshrdir" ]; then
			continue
		fi
		# Install .o files
		base="`basename $file .o`"
		if [ "$base" != "$file" ]; then
			cp -p "$file" $gtmdist/utf8
		else
			# Soft link everything else
			if [ -f $gtmdist/utf8/"$file" ]; then
				rm -f $gtmdist/utf8/"$file"
			fi
			if [ -f $gtmdist/"$file" ]; then
				ln -fs ../"$file" $gtmdist/utf8/"$file"
			fi
		fi
	done
	if [ "$dogtmcrypt" -ne 0 ]; then
		ln -fs ../plugin $gtmdist/utf8/plugin
	fi
	cd ..
fi

$echo ""
$echo "All of the GT.M MUMPS routines are distributed with uppercase names."
$echo "You can create lowercase copies of these routines if you wish, but"
$echo "to avoid problems with compatibility in the future, consider keeping"
$echo "only the uppercase versions of the files."
$echo ""
$echo "Do you want uppercase and lowercase versions of the MUMPS routines? (y or n) \c"
read resp
if [ "$resp" = "Y" -o "$resp" = "y" ] ; then
	$echo ""
	$echo "Creating lowercase versions of the MUMPS routines."
	(cd $gtmdist; ./lowerc_cp *.m)
	if [ "$doutf8" -ne 0 ]; then
		(cd $gtmdist/utf8; ./lowerc_cp *.m)
	fi
fi

# Change mode to executable for mumps and libgtmshr to do the compiles
chmod 755 $gtmdist/mumps $gtmdist/libgtmshr$ext

gtmroutines=$gtmdist
gtmgbldir=$gtmdist/mumps.gld
gtm_dist=$gtmdist
export gtm_dist
export gtmroutines
export gtmgbldir

$echo ""
$echo "Compiling all of the MUMPS routines. This may take a moment."
$echo ""

# Ensure we are NOT in UTF-8 mode
gtm_chset="M"
export gtm_chset
(cd $gtmdist; ./mumps -noignore *.m; $echo $?>compstat ; \
 if [ "$is64bit_gtm" -eq 1 -o "linux" != $arch ] ; then $ldcmd $ldflags -o libgtmutil$ext *.o ; fi )

# Now work on UTF-8 mode
if [ "$doutf8" -ne 0 ]; then
	# Enclose UTF-8 operations inside a subshell. This avoids changing the current M mode execution
	(
		# Ensure we ARE in UTF-8 mode
		utflocale=`locale -a | grep $binaryopt -iE 'en_us\.utf.?8$' | head -n1`
		if [ "$utflocale" = "" ]; then
			# If no locale defined, try C.UTF-8
			utflocale="C.UTF-8"
		fi
		LC_CTYPE=$utflocale
		export LC_CTYPE
		unset LC_ALL
		gtm_chset="UTF-8"
		export gtm_chset
		if [ $arch = "ibm" ]; then
			export LIBPATH=$extendlibpath
		else
			LD_LIBRARY_PATH=$extendlibpath
			export LD_LIBRARY_PATH
		fi
		(gtm_dist=$gtmdist/utf8; export gtm_dist; cd $gtm_dist; ./mumps -noignore *.m; $echo $?>>$gtmdist/compstat; \
		if [ $is64bit_gtm -eq 1 -o "linux" != $arch ] ; then $ldcmd $ldflags -o libgtmutil$ext *.o ; fi )
	)
fi

# Change mode to executable for the normal binaries
for i in $binaries
do
	chmod 755 $gtmdist/$i
done

chmod 0644 $gtmdist/*.m
chmod 0644 $gtmdist/*.o
chown $owner $gtmdist/*.m
chown $owner $gtmdist/*.o
chown $owner $gtmdist/*.txt
chgrp $bingroup $gtmdist/*.m
chgrp $bingroup $gtmdist/*.o
chgrp $bingroup $gtmdist/*.txt

if [ "$doutf8" -ne 0 ]; then
	chmod 0644 $gtmdist/utf8/*.m
	chmod 0644 $gtmdist/utf8/*.o
	chown $owner $gtmdist/utf8
	chown $owner $gtmdist/utf8/*.m
	chown $owner $gtmdist/utf8/*.o
	chown $owner $gtmdist/utf8/*.txt
	chgrp $bingroup $gtmdist/utf8/*.m
	chgrp $bingroup $gtmdist/utf8/*.o
	chgrp $bingroup $gtmdist/utf8/*.txt
fi

if [ -f $gtm_dist/libgtmutil$ext ] ; then
    gtmroutines="$gtm_dist/libgtmutil$ext $gtmdist"
else
    gtmroutines="$gtmdist"
fi
export gtmroutines

other_object_files=""
csh_script_files=""

# make database files read only
chmod 0444 $gtmdist/*.dat
chmod 0444 $gtmdist/*.gld

# $other_object_files, $csh_script_files should be removed unconditionally
savedir=`pwd`
# temporarily change to $gtmdist
cd $gtmdist
\rm -rf $other_object_files $csh_script_files lowerc_cp

if [ -d utf8 ]; then
	cd utf8
	\rm -rf $other_object_files $csh_script_files lowerc_cp
fi
# change back to original directory
cd $savedir

# Optionally remove .o files if they are in a shared library
if [ -f $gtm_dist/libgtmutil$ext ] ; then
	chown ${owner}:${bingroup} $gtm_dist/libgtmutil$ext
	chmod 755 $gtm_dist/libgtmutil$ext
	$echo ""
	$echo "Object files of M routines placed in shared library $gtm_dist/libgtmutil$ext"
	$echo "Keep original .o object files (y or n)? \c"
	read resp
	if [ "n" = "$resp" -o "N" = "$resp" ] ; then rm -f $gtm_dist/*.o $gtm_dist/utf8/*.o ; fi
	$echo ""
	if [ -f $gtm_dist/utf8/libgtmutil$ext ] ; then
		chown ${owner}:${bingroup} $gtm_dist/utf8/libgtmutil$ext
		chmod 755 $gtm_dist/utf8/libgtmutil$ext
	fi
fi

# change group ownership of all files if group restricted
# otherwise change to the default as some files were created with root group
if [ "$group" != "" ] ; then
	chgrp -R $group $gtmdist
	chmod -R o-rwx $gtmdist
else
	chgrp -R $bingroup $gtmdist
fi

# Install real gtmsecshr with special permissions in $gtmdist/gtmsecshrdir
tgtmsecshrdir=$gtmdist/gtmsecshrdir
mkdir -p $tgtmsecshrdir
chmod 700 $tgtmsecshrdir
chgrp $bingroup $tgtmsecshrdir

# Install gtmsecshr and the wrapper with special permissions
if [ $arch = "linux" ]; then
	install -m 4555 -o root -g $bingroup gtmsecshr $gtmdist
	install -m 4500 -o root -g $bingroup gtmsecshrdir/gtmsecshr $tgtmsecshrdir/gtmsecshr
elif [ $arch = "ibm" ]; then
	/usr/bin/install -f $gtmdist -M 4555 -O root -G $bingroup gtmsecshr
	/usr/bin/install -f $tgtmsecshrdir -M 4500 -O root -G $bingroup gtmsecshrdir/gtmsecshr
elif [ -x /usr/sbin/install ]; then
	/usr/sbin/install -f $gtmdist -m 4555 -u root -g $bingroup gtmsecshr $gtmdist
	/usr/sbin/install -f $tgtmsecshrdir -m 4500 -u root -g $bingroup gtmsecshrdir/gtmsecshr $tgtmsecshrdir
else
	install -f $gtmdist -m 4555 -u root -g $bingroup gtmsecshr $gtmdist
	install -f $tgtmsecshrdir -m 4500 -u root -g $bingroup gtmsecshrdir/gtmsecshr $tgtmsecshrdir
fi

strip $gtmdist/gtmsecshr > /dev/null 2>&1
strip $tgtmsecshrdir/gtmsecshr > /dev/null 2>&1

if [ -d $gtmdist/utf8 ]; then

	# Delete the gtmsecshr symlink
	if [ -f $gtmdist/utf8/gtmsecshr -o -h $gtmdist/utf8/gtmsecshr ]; then
		rm -f $gtmdist/utf8/gtmsecshr
	fi
	ln -f $gtmdist/gtmsecshr $gtmdist/utf8/gtmsecshr || \
		echo ln -f $gtmdist/gtmsecshr $gtmdist/utf8/gtmsecshr

	# Delete the gtmsecshrdir symlink
	if [ -f $gtmdist/utf8/gtmsecshrdir -o -h $gtmdist/utf8/gtmsecshrdir ]; then
		rm -f $gtmdist/utf8/gtmsecshrdir
	fi
	mkdir -p $gtmdist/utf8/gtmsecshrdir
	chmod 0500 $gtmdist/utf8/gtmsecshrdir
	ln -f $gtmdist/gtmsecshrdir/gtmsecshr $gtmdist/utf8/gtmsecshrdir/gtmsecshr || \
		echo ln -f $gtmdist/gtmsecshrdir/gtmsecshr $gtmdist/utf8/gtmsecshrdir/gtmsecshr

fi

# change group ownership of wrapper if group restricted
# also remove user privileges for wrapper if group changed
if [ "$group" != "" ] ; then
	chgrp $group $gtmdist/gtmsecshr
	$echo ""
	$echo "Removing world permissions from gtmsecshr wrapper since group restricted to \"$group\""
	chmod 4550 $gtmdist/gtmsecshr
fi

# leave nothing writeable
chmod -R a-w $gtmdist

# if we had a mumps error then remove executable bit recursively and exit
# this could include compile and/or library load errors
if [ 0 != `grep -c '[1-9]' $gtm_dist/compstat` ]; then
	$echo ""
	$echo "GT.M installation FAILED – please review error messages"
	$echo ""
	( cd $gtm_dist && find . -type f -exec chmod a-x {} + )
	exit 1
fi

rm -f $gtmdist/compstat

if [ "$gtm_icu_version" != "" ] ; then
	icumessage=" Used gtm_icu_version=$gtm_icu_version for UTF-8 installation."
fi
$echo ""
$echo "Installation completed.$icumessage"
$echo "Would you like all the temporary files removed from this directory? (y or n) \c"
read resp

if [ "$resp" = "Y" -o "$resp" = "y" ] ; then
	\rm -rf $binaries $pathmods $rscripts $nscripts $dirs configure \
		*.gtc gtm* gde* GDE*.o _*.m _*.o mumps.dat mumps.gld $other_object_files $csh_script_files lowerc_cp\
		*.hlp core *.h *.m *help.dat *help.gld COPYING README.txt
	\rm -rf GETPASS.o plugin GTMHELP.o custom_errors_sample.txt
	if [ -d utf8 ]; then
		\rm -rf utf8
	fi
fi

# Save long listing of files, including permissions and sha256 for future reference
find $gtmdist -type f \! -name install_permissions.log  -exec ls -l {} \; > $gtmdist/install_permissions.log
chmod 0444 $gtmdist/install_permissions.log
chown ${owner}:${bingroup} $gtmdist/install_permissions.log
OPENSSL=$(command -p command -v openssl)
if [ -x "$OPENSSL" ]; then
	find $gtmdist -type f \! -name install_sha256_checksum.log -exec $OPENSSL sha256 {} \; \
									> $gtmdist/install_sha256_checksum.log
	chmod 0444 $gtmdist/install_sha256_checksum.log
	chown ${owner}:${bingroup} $gtmdist/install_sha256_checksum.log
fi
