## -*- mode: shell-script; -*- 
##
## To be able to make changes to the part of configuration created
## from this configlet you need to copy this file to the directory
## fwbuilder/configlets/bsd/ in your home directory and modify it.
## Double "##" comments are removed during processing but single "#"
## comments are be retained and appear in the generated script. Empty
## lines are removed as well.  
##
## Configlets support simple macro language with these constructs:
## {{$var}} is variable expansion
## {{if var}} is conditional operator.
##
## These are commands built-in policy installer runs on the firewall if
## installation is performed using regular user account for authentication
##
##  Variables:
##
##  {{$fwbprompt}} -- "magic" prompt that installer uses to detect when it is logged in
##  {{$fwdir}}     -- directory on the firewall
##  {{$fwscript}}  -- script name on the firewall
##  {{$rbtimeout}} -- rollback timeout
##
##  {{$firewall_name}} -- the name of the firewall object
##
##  See #1368 for the explanation of the need for the "sleep2; echo" commands
##
##  Note: all commands should be on one line to avoid unnecessary linefeeds.
##  These linefeeds are sent to the server side (to the firewall) and end up
##  on the input of sudo and other commands. This creates difficult to catch
##  race condition which breaks installation process.

{{if shell_script_format}}
echo '{{$fwbprompt}}';
chmod +x {{$fwdir}}/{{$fwscript}};
sudo -S {{$fwdir}}/{{$fwscript}} && ( echo 'Policy activated'; sleep 2; echo)
{{endif}}

{{if rc_conf_format}}
echo '{{$fwbprompt}}';
sudo -S /etc/rc.d/pf reload && ( echo 'Policy activated'; sleep 2; echo)
{{endif}}


