#!/bin/bash -ex
#
# Finally, set password for main user's principal
# Aborting this operation is harmless. Just re-invoke cpw.
#
# kadmin.local doesn't report errors properly, so we have to
# check manually
# 
USER=$1
sudo rm -f /tmp/kadmin.out
sudo kadmin.local -p root/admin -q "cpw $USER@HCOOP.NET" \
  2>&1 | tee /tmp/kadmin.out
cat /tmp/kadmin.out | grep '\(is too short while changing\|does not contain enough\)' && \
     (echo == sending complaint to $USER@hcoop.net ====================================================;\
      echo 'please change it' |\
        mail -a 'From: Adam Megacz <megacz@hcoop.net>' \
             -c admins@hcoop.net \
             -s "your ~/.mire-password is too short or not complex enough" $USER@hcoop.net) || \
      true
cat /tmp/kadmin.out | grep '\(Password for .* changed\|Cannot reuse password while changing password\)'
sudo rm -f /tmp/kadmin.out