#!/usr/bin/env python

# Using a Python script to run sudo to run a Python script is a bit
# silly, but it lets us use rpki.autoconf to locate sudo, lets us
# avoid needing a custom setuid wrapper, lets us avoid another pass
# through the adventures of shell quoting and tokenization, and
# generally is just a lot simpler to implement correctly.
#
# OK, it's probably a few milliseconds slower.  Big deal.

if __name__ == "__main__":

    import os
    import pwd
    import sys
    import rpki.autoconf

    argv = [sys.executable, os.path.abspath(sys.argv[0])]
    argv.extend(sys.argv[1:])

    already_ran_sudo = os.getenv("SUDO_COMMAND") == " ".join(argv)

    try:
        uid = pwd.getpwnam(rpki.autoconf.RPKI_USER).pw_uid
    except:
        uid = None

    euid = os.geteuid()

    if already_ran_sudo or uid is None or uid == euid or euid == 0:

        if not already_ran_sudo:
            for name in ("SUDO_COMMAND", "SUDO_GID", "SUDO_UID", "SUDO_USER"):
                if name in os.environ:
                    del os.environ[name]

        import rpki.rpkic
        rpki.rpkic.main()

    else:

        try:
            argv.insert(0, rpki.autoconf.SUDO)
            os.execv(argv[0], argv)
            sys.exit("rpkic startup failure, no exception so don't know why, sorry")

        except Exception as e:
            sys.exit("Couldn't exec sudo python rpkic: {!s}".format(e))