#! /bin/sh




. $(dirname $0)/version_comparator
. $(dirname $0)/timedwait_pid

KAV_DAEMON_PLIST="/Library/LaunchDaemons/com.kaspersky.kav.kavd.plist"
KAV_DAEMON_PLIST_DIR="/Library/LaunchDaemons/"
KAV_AGENT_PLIST="/Library/LaunchAgents/com.kaspersky.kav.agent.plist"
KAV_APP_PLIST="/Library/LaunchAgents/com.kaspersky.kav.app.plist"
KAV_AGENT_PLIST_DIR="/Library/LaunchAgents/"
KL_SUPPORT_DIR="/Library/Application Support/Kaspersky Lab"
KAV_SUPPORT_DIR="$KL_SUPPORT_DIR"/KAV
KAV_BASES_ARCHIVE_DIR="$KL_SUPPORT_DIR"/KAV_BASES_ARCHIVE
KAV_BIN_DIR="$KAV_SUPPORT_DIR"/Binaries
KAV_DATA_DIR="${KAV_SUPPORT_DIR}"/Data
KAV_CUSTOM_DIR="$KAV_SUPPORT_DIR"/Custom
KAV_KICKSTART_DIR_AGENT="$KAV_SUPPORT_DIR"/kickstart_agent
KAV_KICKSTART_DIR_APP="$KAV_SUPPORT_DIR"/kickstart_app
KAV_APP_DIR="$KAV_SUPPORT_DIR"/Applications
KAVAGENTAPP_BUNDLE_DIR="$KAV_APP_DIR/Kaspersky Anti-Virus Agent.app"
KAVAPP_BUNDLE_DIR="/Applications/Kaspersky Anti-Virus For Mac.app"
KAVAPP_INFO_PLIST="$KAVAPP_BUNDLE_DIR/Contents/Info.plist"
APPEX_BUNDLE_DIR="$KAVAPP_BUNDLE_DIR/Contents/PlugIns/KasperskySecurity.appex"
KAVD_BUNDLE_DIR="$KAVAPP_BUNDLE_DIR/Contents/MacOS/kavd.app"
UCP_SUPPORT_DIR="$KL_SUPPORT_DIR/UCP"
CONFIG_XML="$KAV_BIN_DIR"/config.xml
SCRIPT_DIR=$(dirname "$0")
TEMP_INSTALLER_DIR="/tmp/klinstaller"
GDPR_CONFIG_FILE="${TEMP_INSTALLER_DIR}/klgdprconfig"
CLANG_ASAN_LIB_FILE="${KAV_BIN_DIR}/libclang_rt.asan_osx_dynamic.dylib"

update_cfg_with_rc()
{
    "$SCRIPT_DIR"/update_cfg.pl "$CONFIG_XML" "$1" "$2"
        [ $? != 0 ] && return 1
    return 0
}

update_cfg()
{
    "$SCRIPT_DIR"/update_cfg.pl "$CONFIG_XML" "$1" "$2"
    if [ $? != 0 ]
    then
        echo "Failed to update product configuration ($1)"
        exit 1
    fi
}

log()
{
    echo "$@"
}

install_native_messaging_manifest()
{
    local MANIFEST_DIR="$1"
    local BROWSER_TYPE="$2"

    if [ ! -f "${CLANG_ASAN_LIB_FILE}" ]
    then
        pushd "${KAV_BIN_DIR}"

        echo "Uninstall previous manifest for ${BROWSER_TYPE}"
        ./plugins-setup --uninstall --browser=${BROWSER_TYPE}
        echo "Attempt uninstall manifest for ${BROWSER_TYPE} finished with rc: ${?}"

        echo "Create ${MANIFEST_DIR}"
        mkdir -v -p "${MANIFEST_DIR}"
            [ $? != 0 ] && echo "Failed to create ${MANIFEST_DIR}" && return 1

        echo "Create ${BROWSER_TYPE} native messaging manifest"
        ./plugins-setup --install --browser=${BROWSER_TYPE}
            [ $? != 0 ] && echo "Failed to create ${BROWSER_TYPE} native messaging manifest" && return 1
        popd
    else
        echo "Skip plugins setup for ${BROWSER_TYPE}"
    fi

    return 0
}

install_native_messaging_manifests()
{
    install_native_messaging_manifest "/Library/Google/Chrome/NativeMessagingHosts" chrome
        [ $? != 0 ] && return 1
    install_native_messaging_manifest "/Library/Application Support/Mozilla/NativeMessagingHosts" firefox
        [ $? != 0 ] && return 1
    return 0
}

get_environment_value()
{
    /usr/bin/xmllint --xpath "//propertiesmap/key[@name=\"environment\"]/tSTRING[@name=\"$2\"]/text()" "$1"
}


readIniKey()
{
    INI_PATH="$1"
    INI_KEY="$2"
    KEYVALUE=$(iconv -f UTF-16LE -t UTF-8 "$INI_PATH" | sed -ne "s|^$INI_KEY *= *\(.*\) *$|\1|p" | tr -d '\r')
    [ "$KEYVALUE" != "" ] && echo "readIniKey: '$INI_KEY' = '$KEYVALUE'"
}

munchCustomIni()
{
    UCP_INIPATH="$1"
    if [ -e "$UCP_INIPATH" ]
    then



        for UCPKEY in "KasperskyId"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="settings.def:Kaspersky_ID"
                VALUE="${KEYVALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done

        for UCPKEY in "UserId"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="settings.def:UserId"
                VALUE="${KEYVALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done

        for UCPKEY in "oneTimeRegistrationSharedSecret" "OneTimeRegistrationSharedSecret"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="settings.def:OneTimeRegistrationSharedSecret"
                VALUE="${KEYVALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} failed"
            fi
        done

        for UCPKEY in "ShowActiveTrialOption"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="settings.def:ShowActiveTrialOption"
                VALUE="${KEYVALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done

        for UCPKEY in "TrialActivationCode"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="environment:TrialActCode"
                VALUE="${KEYVALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} failed"
            fi
        done

        for UCPKEY in "StartupScenario"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="settings.def:StartupScenario"
                VALUE="${KEYVALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done

        for UCPKEY in "ProductTier"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="settings.def:ProductTier"
                VALUE="${KEYVALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done

        for UCPKEY in "IsMaster"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="settings.def:Ins_UcpAccountType"
                if [ "${KEYVALUE}" == "Yes" ]; then
                    VALUE="1"
                else
                    VALUE="0"
                fi
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done

        for UCPKEY in "CommercialActivationCode"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="settings.def:Ins_ActivationCode"
                VALUE="${KEYVALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} failed"
            fi
        done

        for UCPKEY in "WebVisitorID"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="environment:WebVisitorId"
                VALUE="${KEYVALUE}"
                echo "notice: ${KEY} -> ${VALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done



        for UCPKEY in KPCRegion ProductRegion RegionSelectionEnabled
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="environment:${UCPKEY}"
                VALUE="${KEYVALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done

        SecureServerRootFolderUsed=false
       for KEY in "SecureServerRootFolder"
       do
           KEYVALUE=$(iconv -f UTF-16LE -t UTF-8 "$UCP_INIPATH" | sed -ne "s|^$KEY *= *\(.*\) *$|\1|p" | tr -d '\r')
           if [ "$KEYVALUE" != "" ]
           then
                echo "SecureServerRootFolder used"
                SecureServerRootFolderUsed=true
                AUTOUPDATE_URL=$(get_environment_value "$CONFIG_XML" "AutoUpdateIndexUrl")
                AUTOUPDATE_URL_PATH=$(/usr/bin/perl -e "use URI; print(URI->new(\"${AUTOUPDATE_URL}\")->path);")
                update_cfg_with_rc "environment:AutoUpdateIndexUrl" "$KEYVALUE/$AUTOUPDATE_URL_PATH"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
           fi
       done

       if [ "$SecureServerRootFolderUsed" != true ]
       then
           for KEY in "ServerRootFolder"
           do
            KEYVALUE=$(iconv -f UTF-16LE -t UTF-8 "$UCP_INIPATH" | sed -ne "s|^$KEY *= *\(.*\) *$|\1|p" | tr -d '\r')
            if [ "$KEYVALUE" != "" ]
            then
                echo "ServerRootFolder used"
                AUTOUPDATE_URL=$(get_environment_value "$CONFIG_XML" "AutoUpdateIndexUrl")
                AUTOUPDATE_URL_PATH=$(/usr/bin/perl -e "use URI; print(URI->new(\"${AUTOUPDATE_URL}\")->path);")
                update_cfg_with_rc "environment:AutoUpdateIndexUrl" "$KEYVALUE/$AUTOUPDATE_URL_PATH"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
               fi
           done
       fi


        for UCPKEY in environment:AutoUpdateIndexUrl profiles.AutoUpdate:installed profiles.AutoUpdate:enabled profiles.AutoUpdate.settings.def:Automatic
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="${UCPKEY}"
                VALUE="${KEYVALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done

        for UCPKEY in "PPCSid"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="environment:Ppcsid"
                VALUE="${KEYVALUE}"
                echo "notice: ${KEY} -> ${VALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done

        for UCPKEY in "StartupScenario"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="settings.def:StartupScenario"
                VALUE="${KEYVALUE}"
                echo "notice: ${KEY} -> ${VALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done

        for UCPKEY in "ProductTier"
        do
            readIniKey "$UCP_INIPATH" "$UCPKEY"
            if [ "$KEYVALUE" != "" ]
            then
                KEY="settings.def:ProductTier"
                VALUE="${KEYVALUE}"
                echo "notice: ${KEY} -> ${VALUE}"
                update_cfg_with_rc "${KEY}" "${VALUE}"
                    [ $? != 0 ] && echo "WARNING: setting ${KEY} to ${VALUE} failed"
            fi
        done
    else
        echo "No $UCP_INIPATH found."
    fi
}


patchApplicationCategorizerSettings()
{

    local DB="$1"

    local KEYID="2169572295"

    sqlite3 "$DB" "delete from storage where instr(keylob, 'app_ctrl.application_categorizer.ApplicationCategorizer/settings') > 0"
    if [ $? != 0 ]
    then
        echo "Failed to change Application Categorizer settings in  \"$DB\""
        return 1
    else
        echo "Application Categorizer settings successfully changed in \"$DB\""
    fi

    return 0
}


selectUCPPortal()
{

    local UCP_INIPATH="$1"

    local DB="$2"

    local KEYID="391966804"

    if [ -f "$DB" ]
    then
        if [ -f "$UCP_INIPATH" ]
        then

            local newvalue=$(sqlite3 "$DB" "select valuelob from storage where keyhash=$KEYID")

            if [ -z "$newvalue" ]
            then
               echo "Can't read old data for keyhash $KEYID from $DB"
               return 1
            fi

            for KEY in "DisUrl" "DevInventoryUrl" "PortalUrl" "UisRealm" "WebPortalRealm"
            do
                KEYVALUE=$(cat "$UCP_INIPATH" | sed -Ene 's/^"?'"$KEY"'"? *= *"?([^"]*)"?/\1/p' | tr -d '\r')

                if [ "$KEYVALUE" != "" ]
                then
                    eval "$KEY=\$KEYVALUE"


                    mKEYVALUE=$(echo $KEYVALUE | sed 's/\//\\\//g')


                      newvalue=$(echo "$newvalue" | sed "s/$KEY=\"[^\"]*\"/$KEY=\"$mKEYVALUE\"/g")
                else
                    echo "No key'$KEY' exist in $UCP_INIPATH."
                fi
            done

            echo $newvalue


            sqlite3 "$DB" "update storage set valuelob='$newvalue' where keyhash=$KEYID"
            if [ $? != 0 ]
            then
                echo "Failed to change UCP settings in  \"$DB\""
                return 1
            else
                echo "UCP portal settings successfully changed in \"$DB\""
            fi
        else
           echo "No setting file $UCP_INIPATH was found."
        fi
    else
      echo "No setting database file $DB was found."
    fi
}

setup_core()
{

    echo ""
    echo "Changing owner of \"$KL_SUPPORT_DIR\" folder..."
    chown root:admin "$KL_SUPPORT_DIR"
    if [ $? != 0 ]
    then
        echo "Failed to change owner of the folder \"$KL_SUPPORT_DIR\""
        return 1
    else
        echo "Owner of the folder \"$KL_SUPPORT_DIR\" changed successfully"
    fi


    echo ""
    echo "Changing owner of \"$KAV_SUPPORT_DIR\" folder..."
    chown -R root:admin "$KAV_SUPPORT_DIR"
    if [ $? != 0 ]
    then
        echo "Failed to change owner of the folder \"$KAV_SUPPORT_DIR\""
        return 1
    else
        echo "Owner of the folder \"$KAV_SUPPORT_DIR\" changed successfully"
    fi

    echo ""
    echo "Changing access rights to \"$KAV_DATA_DIR/data.kvdb\" file..."
    chmod g-rwx,o-rwx "$KAV_DATA_DIR/data.kvdb"
    if [ $? != 0 ]
    then
        echo "Failed to change access rights to \"$KAV_DATA_DIR/data.kvdb\""
        return 1
    else
        echo "Access rights to \"$KAV_DATA_DIR/data.kvdb\" changed successfully"
    fi

    echo ""
    echo "Changing access rights to \"$KAV_DATA_DIR/settings.kvdb\" file..."
    chmod g-rwx,o-rwx "$KAV_DATA_DIR/settings.kvdb"
    if [ $? != 0 ]
    then
        echo "Failed to change access rights to \"$KAV_DATA_DIR/settings.kvdb\""
        return 1
    else
        echo "Access rights to \"$KAV_DATA_DIR/settings.kvdb\" changed successfully"
    fi


    echo ""
    echo "Changing owner of \"$KAV_DAEMON_PLIST\" file..."
    chown root:wheel "$KAV_DAEMON_PLIST"
    chown root:wheel "$KAV_DAEMON_PLIST_DIR"
    chmod 755 "$KAV_DAEMON_PLIST_DIR"
    if [ $? != 0 ]
    then
        echo "Failed to change owner of the file \"$KAV_DAEMON_PLIST\""
        return 1
    else
        echo "Owner of the file \"$KAV_DAEMON_PLIST\" changed successfully"
    fi


    echo ""
    echo "Changing owner of \"$KAV_AGENT_PLIST\" file..."
    chown root:wheel "$KAV_AGENT_PLIST"
    chown root:wheel "$KAV_AGENT_PLIST_DIR"
    chmod 755 "$KAV_AGENT_PLIST_DIR"
    if [ $? != 0 ]
    then
        echo "Failed to change owner of the file \"$KAV_AGENT_PLIST\""
        return 1
    else
        echo "Owner of the file \"$KAV_AGENT_PLIST\" changed successfully"
    fi


    echo ""
    echo "Changing owner of \"$KAV_APP_PLIST\" file..."
    chown root:wheel "$KAV_APP_PLIST"
    if [ $? != 0 ]
    then
        echo "Failed to change owner of the file \"$KAV_APP_PLIST\""
        return 1
    else
        echo "Owner of the file \"$KAV_APP_PLIST\" changed successfully"
    fi



    echo ""
    echo "Changing owner of \"$KAVAPP_BUNDLE_DIR\"..."
    chown -R root:admin "$KAVAPP_BUNDLE_DIR"
    if [ $? != 0 ]
    then
        echo "Failed to change owner of \"$KAVAPP_BUNDLE_DIR\""
        return 1
    else
        echo "Owner of \"$KAVAPP_BUNDLE_DIR\" changed successfully"
    fi


    echo ""
    echo "Lock \"$KAVAPP_BUNDLE_DIR\"..."
    chflags -v uchg "$KAVAPP_BUNDLE_DIR"
    if [ $? != 0 ]
    then
        echo "Failed to change flags of \"$KAVAPP_BUNDLE_DIR\""
        return 1
    else
        echo "Flags of \"$KAVAPP_BUNDLE_DIR\" changed successfully"
    fi


    echo ""
    echo "Changing access rights to \"$KAVAPP_INFO_PLIST\"..."
    chmod 664 "$KAVAPP_INFO_PLIST"
    if [ $? != 0 ]
    then
        echo "Failed to change access rights to \"$KAVAPP_INFO_PLIST\""
        return 1
    else
        echo "Access rights to \"$KAVAPP_INFO_PLIST\" changed successfully"
    fi

    mkdir -p "$KAV_KICKSTART_DIR_AGENT"
    if [ $? != 0 ]
    then
        echo "Failed to create gui kickstart folder"
        return 1
    fi
    chmod 0777 "$KAV_KICKSTART_DIR_AGENT"
    if [ $? != 0 ]
    then
        echo "Failed to change access rights to gui kickstart folder"
        return 1
    fi

    mkdir -p "$KAV_KICKSTART_DIR_APP"
    if [ $? != 0 ]
    then
        echo "Failed to create app kickstart folder"
        return 1
    fi
    chmod 0777 "$KAV_KICKSTART_DIR_APP"
    if [ $? != 0 ]
    then
        echo "Failed to change access rights to app kickstart folder"
        return 1
    fi


    KAVSER_BUNDLE_DIR="/Library/Services/KAVService.service"

    echo ""
    echo "Changing owner of \"$KAVSER_BUNDLE_DIR\"..."
    chown -R root:wheel "$KAVSER_BUNDLE_DIR"
    if [ $? != 0 ]
    then
        echo "Failed to change owner of \"$KAVSER_BUNDLE_DIR\""
        return 1
    else
        echo "Owner of \"$KAVSER_BUNDLE_DIR\" changed successfully"
    fi


    echo ""
    echo "Enable service"

    ls -1 /Users | while read _USER; do
        PBSPLIST_PATH="/Users/$_USER/Library/Preferences/pbs.plist"
        if [ -e "$PBSPLIST_PATH" ]
        then
            /usr/libexec/PlistBuddy -c "Add ':NSServicesStatus:com.kaspersky.kav.service - Virus Scan - virusScan:enabled_context_menu' bool" "$PBSPLIST_PATH"
            /usr/libexec/PlistBuddy -c "Set ':NSServicesStatus:com.kaspersky.kav.service - Virus Scan - virusScan:enabled_context_menu' true" "$PBSPLIST_PATH"
            /usr/libexec/PlistBuddy -c "Add ':NSServicesStatus:com.kaspersky.kav.service - Virus Scan - virusScan:enabled_services_menu' bool" "$PBSPLIST_PATH"
            /usr/libexec/PlistBuddy -c "Set ':NSServicesStatus:com.kaspersky.kav.service - Virus Scan - virusScan:enabled_services_menu' true" "$PBSPLIST_PATH"


            for LOC in en 
            do
                sudo -u "$_USER" /System/Library/CoreServices/pbs "$LOC" > /dev/null
            done
        fi
    done


    INSTFROM=$(dirname "$PACKAGE_PATH")


    echo "Searching for a key file in the package \"$INSTFROM\""
    for KEY in $(ls -a "$INSTFROM" | grep "\.key$")
    do
        if [ -f "$INSTFROM"/"$KEY" ]
        then
            cp -v "$INSTFROM"/"$KEY" "$KAV_SUPPORT_DIR"/
        fi
    done


    KL_INSTALLER_STARTUP_DIR_FILE="/tmp/wks/wks_installer_pwd"
    if [ -e "$KL_INSTALLER_STARTUP_DIR_FILE" ]
    then
        echo "Reading pwd from $KL_INSTALLER_STARTUP_DIR_FILE"
        KL_INSTALLER_STARTUP_DIR=$(cat "$KL_INSTALLER_STARTUP_DIR_FILE");
    else
        echo "No $KL_INSTALLER_STARTUP_DIR_FILE found "
    fi

    if [ "$KL_INSTALLER_STARTUP_DIR" != "" ]
    then
        echo "Searching for a key file in the directory \"$KL_INSTALLER_STARTUP_DIR\""
        for KEY in $(ls -a "$KL_INSTALLER_STARTUP_DIR" | grep "\.key$")
        do
            if [ -f "$KL_INSTALLER_STARTUP_DIR"/"$KEY" ]
            then
                cp -v "$KL_INSTALLER_STARTUP_DIR"/"$KEY" "$KAV_SUPPORT_DIR"/
            fi
        done
    fi


    echo "Searching for .config.xml in the package \"$INSTFROM\""
    if [ -f "$INSTFROM"/.config.xml ]
    then
        cp -v -f "$INSTFROM"/.config.xml "$KAV_BIN_DIR"/config.xml
    fi


    echo "Searching for .custom.ini in the package \"$INSTFROM\""
    NEW_VERSION_IS_CUSTOMIZED=0
    if [ -f "$INSTFROM"/.custom.ini -o -f "/tmp/kldownloader-custom.ini" ]
    then
        NEW_VERSION_IS_CUSTOMIZED=1

        [ -d "$KAV_CUSTOM_DIR" ] || mkdir -p "$KAV_CUSTOM_DIR"
        if [ $? != 0 ]
        then
            echo "Failed to create custom folder"
            return 1
        fi

            if [ -f "/tmp/kldownloader-custom.ini" ]
            then
                /bin/mv -v -f "/tmp/kldownloader-custom.ini" "$KAV_CUSTOM_DIR"/custom.ini
            else
                /bin/cp -v -f "$INSTFROM"/.custom.ini "$KAV_CUSTOM_DIR"/custom.ini
            fi
            if [ $? != 0 ]
            then

                return 1
            fi
    else
        echo "- .custom.ini is not present, skipping"
    fi


    echo "Upgrade custom.ini"
    NEW_PRODUCT_VERSION=$(get_environment_value "$CONFIG_XML" "ProductVersion")
    NEW_PRODUCT_VERSION_MAIN=$(echo "$NEW_PRODUCT_VERSION" | sed -n 's/\([0-9]\)\..*/\1/p')
    NEW_PRODUCT_TYPE=$(get_environment_value "$CONFIG_XML" "ProductType")
    echo "New product: version - ${NEW_PRODUCT_VERSION}, main version - ${NEW_PRODUCT_VERSION_MAIN}, type - ${NEW_PRODUCT_TYPE}"

    "$SCRIPT_DIR"/upgrade_custom_ini "$KAV_CUSTOM_DIR"/custom.ini "$NEW_PRODUCT_VERSION"
    [ $? -ne 0 ] && return 1


    if [ -d "$TEMP_INSTALLER_DIR/kldownloader-ipmdefault" ]
    then
        echo "Found: $TEMP_INSTALLER_DIR/kldownloader-ipmdefault"

        if [ "$(ls $TEMP_INSTALLER_DIR/kldownloader-ipmdefault)" ]
        then
            [ -d "$KAV_CUSTOM_DIR" ] || mkdir -p "$KAV_CUSTOM_DIR"
            if [ $? != 0 ]
            then
                echo "Failed to create custom folder"
                return 1
            fi


            /bin/rm -rf "${KAV_CUSTOM_DIR}/ipmdefault"
            if [ -d  "${KAV_CUSTOM_DIR}/ipmdefault" ]
            then
                echo "- error: could not remove Data/ipm/default, aborting"
                return 1
            fi
            /bin/cp -v -r -f "$TEMP_INSTALLER_DIR/kldownloader-ipmdefault/" "${KAV_CUSTOM_DIR}/ipmdefault"
            [ $? != 0 ] && return 1
        else
            echo "$TEMP_INSTALLER_DIR/kldownloader-ipmdefault is empty, ignore"
        fi
    fi


    if [ "$KL_INSTALLER_STARTUP_DIR" != "" ]
    then
        echo "Searching for config.xml in the package \"$KL_INSTALLER_STARTUP_DIR\""
        if [ -f "$KL_INSTALLER_STARTUP_DIR"/config.xml ]
        then
            cp -v -f "$KL_INSTALLER_STARTUP_DIR"/config.xml "$KAV_BIN_DIR"/
        fi
    fi






    OSVER=`sw_vers -productVersion | awk -F"." '{printf "%d.%d\n", $1, $2}'`
    OSVERMINOR=`echo "$OSVER" | sed 's/\([^.]*\).\([^.]*\).*/\2/'`

    update_cfg "environment:InstallDate" "`/bin/date +%s`"


    update_cfg "Timestamps:LastPatchDeployment" "`/bin/date +%s`"

    UCP_REGISTRED_UID=$(stat -f '%u' /dev/console)
    update_cfg "environment:UcpRegistredUID" "$UCP_REGISTRED_UID"



    PREV_PRODUCT_VERSION=$(get_environment_value "${KAV_SUPPORT_DIR}/previous_config.xml" "ProductVersion")
    PREV_PRODUCT_VERSION_MAIN=$(echo "$PREV_PRODUCT_VERSION" | sed -n 's/\([0-9]\)\..*/\1/p')
    PREV_PRODUCT_TYPE=$(echo $(get_environment_value "${KAV_SUPPORT_DIR}/previous_config.xml" "ProductType"))
    echo "Previous product: version - ${PREV_PRODUCT_VERSION}, type - ${PREV_PRODUCT_TYPE}"

    if [ -f "${KAV_SUPPORT_DIR}"/current_settings.cfg ]
    then
        echo "Removing previous config file"
        /bin/rm -fv "${KAV_SUPPORT_DIR}/previous_config.xml"

        echo "Removing previous settings files"
        /bin/rm -fv "${KAV_SUPPORT_DIR}/previous_settings.kvdb"*

        echo "Removing previous data files"
        /bin/rm -fv "${KAV_SUPPORT_DIR}/previous_data.kvdb"*
    else
        echo "File ${KAV_SUPPORT_DIR}/current_settings.cfg is absent"
    fi


    if [ -f "${KAV_SUPPORT_DIR}/previous_blregistry.xml" ]
    then
        if [ "$PREV_PRODUCT_VERSION_MAIN" -ge "16" ]; then
            echo "Move whole blregistry.xml"
            mv -v -f "${KAV_SUPPORT_DIR}/previous_blregistry.xml" "${KAV_SUPPORT_DIR}"/Data/blregistry.xml
        fi
    else
        echo "no old blregistry.xml, skip"
    fi


    if [ -f "${KAV_SUPPORT_DIR}/previous_data.kvdb" ]
    then
        /usr/bin/sqlite3 "${KAV_SUPPORT_DIR}/Data/data.kvdb" <<END_SQL
            ATTACH DATABASE "${KAV_SUPPORT_DIR}/previous_data.kvdb" AS prevdb;
            DELETE FROM storage
                WHERE keylob IN (SELECT keylob FROM prevdb.storage WHERE instr(keylob, 'UCP-agent') > 0);
            INSERT INTO storage (keyhash, keylob, valuelob)
                SELECT keyhash, keylob, valuelob FROM prevdb.storage WHERE instr(keylob, 'UCP-agent') > 0;
END_SQL

        echo "For 18+ migrate scan tasks schedules:"
        /usr/bin/sqlite3 "${KAV_SUPPORT_DIR}/Data/data.kvdb" <<END_SQL
            ATTACH DATABASE "${KAV_SUPPORT_DIR}/previous_data.kvdb" AS prevdb;
            DELETE FROM storage
                WHERE keylob IN (SELECT keylob FROM prevdb.storage WHERE instr(keylob, 'Scan_Startup') > 0);
            INSERT INTO storage (keyhash, keylob, valuelob)
                SELECT keyhash, keylob, valuelob FROM prevdb.storage WHERE instr(keylob, 'Scan_Startup') > 0;
END_SQL
        /usr/bin/sqlite3 "${KAV_SUPPORT_DIR}/Data/data.kvdb" <<END_SQL
            ATTACH DATABASE "${KAV_SUPPORT_DIR}/previous_data.kvdb" AS prevdb;
            DELETE FROM storage
                WHERE keylob IN (SELECT keylob FROM prevdb.storage WHERE instr(keylob, 'Scan_My_Computer') > 0);
            INSERT INTO storage (keyhash, keylob, valuelob)
                SELECT keyhash, keylob, valuelob FROM prevdb.storage WHERE instr(keylob, 'Scan_My_Computer') > 0;
END_SQL

        echo "Removing previous data files"
        /bin/rm -fv "${KAV_SUPPORT_DIR}/previous_data.kvdb"*
    fi


    if [ -f "${KAV_SUPPORT_DIR}/previous_settings.kvdb" ]
    then



        /usr/bin/sqlite3 "${KAV_SUPPORT_DIR}/Data/settings.kvdb" <<END_SQL
            ATTACH DATABASE "${KAV_SUPPORT_DIR}/previous_settings.kvdb" AS prevdb;
            DELETE FROM storage
                WHERE keylob IN (SELECT keylob FROM prevdb.storage WHERE keylob LIKE '%/settings' AND keylob NOT LIKE 'cf.response_provider.ResponseProvider/settings');
            INSERT INTO storage (keyhash, keylob, valuelob)
                SELECT keyhash, keylob, valuelob FROM prevdb.storage WHERE keylob LIKE '%/settings' AND keylob NOT LIKE 'cf.response_provider.ResponseProvider/settings';
END_SQL

        echo "Removing previous settings files"
        /bin/rm -fv "${KAV_SUPPORT_DIR}/previous_settings.kvdb"*
    fi

    if [ -f "${KAV_SUPPORT_DIR}/previous_reports.db" ]
    then
        echo "Using previous reports file"
        /bin/mv -v -f "${KAV_SUPPORT_DIR}/previous_reports.db" "${KAV_SUPPORT_DIR}/Data/reports.db"
    fi










    KAV_CUSTOM_FILE="$KAV_CUSTOM_DIR"/custom.ini
    if [ -e "$KAV_CUSTOM_FILE" ]
    then
        INI_CONTENT=$(cat "$KAV_CUSTOM_FILE" | tr -d '\r')
        for INI_LINE in $INI_CONTENT
        do
            INI_KEY=$(echo $INI_LINE | sed -ne 's|=.*||p' | sed -ne 's|^"\(.*\)"$|\1|p')
            if [ "$INI_KEY" == "CustomVersion" ]
            then
                export INI_VER=$(echo "$INI_LINE" | sed -ne 's|^[^=]*=||p' | sed -ne 's|^"\(.*\)"$|\1|p')
            fi
            if [ "$INI_KEY" == "ProductType" ]
            then
                export INI_PRODUCT_TYPE=$(echo "$INI_LINE" | sed -ne 's|^[^=]*=||p' | sed -ne 's|^"\(.*\)"$|\1|p')
            fi
        done


        HANDLE_CUSTOM_INI=1
        if [ "$INI_PRODUCT_TYPE" == "" ]
        then
            if [ "$NEW_VERSION_IS_CUSTOMIZED" == "1" ]
            then
                echo "postinstall: custom.ini arrived with Downloader and should be marked with ProductType saas"
                echo "\n\"ProductType\"=\"$NEW_PRODUCT_TYPE\"" >> "$KAV_CUSTOM_FILE"
                INI_PRODUCT_TYPE="$NEW_PRODUCT_TYPE"
            else
                echo "\n\"ProductType\"=\"kis\"" >> "$KAV_CUSTOM_FILE"
                INI_PRODUCT_TYPE="kis"
            fi
        fi
        if [ "$NEW_PRODUCT_TYPE" != "$INI_PRODUCT_TYPE" ]
        then
            echo "postinstall: custom.ini has no ProductType and did not arrive with Downaloder, saas does not need old customization and ipmdefault"
            HANDLE_CUSTOM_INI=0
            rm -rvf "${KAV_CUSTOM_DIR}/ipmdefault"
            rm -vf "$KAV_CUSTOM_FILE"
        fi

        echo "postinstall: HANDLE_CUSTOM_INI = $HANDLE_CUSTOM_INI"
        if [ "$HANDLE_CUSTOM_INI" == "1" ]
        then
            echo Ver $INI_VER
            for INI_LINE in $INI_CONTENT
            do
                INI_KEY=$(echo $INI_LINE | sed -ne 's|=.*||p' | sed -ne 's|^"\(.*\)"$|\1|p')
                if [ "$INI_KEY" != "CustomVersion" -a "$INI_KEY" != "ProductType" ]
                then
                    INI_VALUE=$(echo $INI_LINE | sed -ne 's|^.[^=]*=||p' | sed -ne 's|^"\(.*\)"$|\1|p')
                    if [ "$INI_VALUE" != "" ]
                    then
                        echo Update config.xml $INI_KEY to $INI_VALUE
                        if [ "${INI_KEY:0:1}" == "/" ]
                        then

                            "${SCRIPT_DIR}/configutil" set "${CONFIG_XML}" "${INI_KEY}" "${INI_VALUE}"
                        elif [[ "${INI_KEY}" == *:* ]]
                        then
                            update_cfg $INI_KEY $INI_VALUE
                        fi
                    else
                        echo "No value for custom.ini key '$INI_KEY' exist."
                    fi
                fi
            done

            selectUCPPortal "${KAV_CUSTOM_FILE}" "${KAV_SUPPORT_DIR}/Data/settings.kvdb"
        fi
    else
        echo "postinstall: No custom.ini to upgrade config.xml was found."
    fi



    if [ "$PREV_PRODUCT_VERSION_MAIN" -le "23" ] && [ -f "${KAV_SUPPORT_DIR}/Data/Report/report.rpt" ]
    then
        echo "Data/Report/report.rpt exist"
        /bin/rm -vf "${KAV_SUPPORT_DIR}/Data/Report/report.rpt"

    else
        echo "Data/Report/report.rpt doesn't exist"
    fi




    DYNAMIC_INI_FILE_PATH="/tmp/kldownloader-dynamic.ini"
    if [ -f "$DYNAMIC_INI_FILE_PATH" ]; then
        UcpUseTestUrlsValue=$(iconv -f UTF-16LE -t UTF-8 "$DYNAMIC_INI_FILE_PATH" | sed -Ene 's/^"?'"UcpUseTestUrls"'"? *= *"?([^"]*)"?/\1/p' | tr -d '\r')
        NEW_UCP_SETTINS_TMP_INI="/tmp/ucp_test_urls.ini"
        echo "UcpUseTestUrlsValue = $UcpUseTestUrlsValue"
        if [ "$UcpUseTestUrlsValue" == "0" ]; then
            echo "postinstall: set prod ucp urls"
            update_cfg "environment:UcpUseTestUrls" "0"
        elif [ "$UcpUseTestUrlsValue" == "1" ]; then
            echo "postinstall: set beta1 ucp urls"
            update_cfg "environment:UcpUseTestUrls" "1"
        elif [ "$UcpUseTestUrlsValue" == "2" ]; then
            echo "postinstall: set beta2 ucp urls"
            update_cfg "environment:UcpUseTestUrls" "2"
            echo "postinstall: updating LicActivationUrlV2 with test url"
            update_cfg "environment:LicActivationUrlV2" "https://activation-v2-test.kaspersky.com/activationservice/activationservice.svc"
                [ $? != 0 ] && echo "postinstall: update LicActivationUrlV2 failed"
        else
            echo "postinstall: unknown UcpUseTestUrlsValue, leave default ucp urls"
        fi
    else
        echo "postinstall: no dynamic.ini, leave default ucp urls"
    fi

    munchCustomIni "/tmp/kldownloader-static.ini"
    munchCustomIni "$DYNAMIC_INI_FILE_PATH"


    if [ -d "${KAV_CUSTOM_DIR}/ipmdefault" ]
    then
        echo "Found: ${KAV_CUSTOM_DIR}/ipmdefault -- applying"

        RES=$(ls "${KAV_CUSTOM_DIR}"/ipmdefault)
        if [ "$RES" ]
        then
            /bin/cp -r -v -f "${KAV_CUSTOM_DIR}/ipmdefault/" "${KAV_SUPPORT_DIR}/Data/ipm/default/"
            if [ $? != 0 ]
            then

                return 1
            fi
        else
            echo "${KAV_CUSTOM_DIR}/ipmdefault is empty, skip"
        fi
    fi


    if [ -f "/tmp/kldownloader-install.event" ]
    then
        UUID=$(cat /tmp/kldownloader-install.event)
        rm -fv "/tmp/kldownloader-install.event"
    else
        UUID=$(uuidgen)
    fi
    update_cfg "environment:InstallationID" "$UUID"

    PCID=$(system_profiler SPHardwareDataType | awk '/Hardware UUID/ {print $3}')
    update_cfg "environment:PCID" "$PCID"
    update_cfg "environment:MachineID" "$PCID"

    TARGET=$(jot -r 1 1 262143)
    update_cfg "environment:UpdateTarget" "$TARGET"

    /usr/bin/security authorizationdb remove com.kaspersky.agent.quit >/dev/null 2>&1
    /usr/bin/security authorizationdb remove com.kaspersky.protection >/dev/null 2>&1
    /usr/bin/security authorizationdb remove com.kaspersky.licensing >/dev/null 2>&1
    /usr/bin/security authorizationdb remove com.kaspersky.preferences >/dev/null 2>&1
    /usr/bin/security authorizationdb remove com.kaspersky.parental >/dev/null 2>&1
    /usr/bin/security authorizationdb remove com.kaspersky.parental.add_url_white >/dev/null 2>&1
    RIGHTS=$(echo cat '/plist/dict/key/text()' | xmllint --shell "$SCRIPT_DIR/authorization_rights.plist" | grep -v "^/ >" | grep -v "^ \-\-\-\-\-")
    for RIGHT in $RIGHTS
    do
        echo "postinstall: setting authorizationdb $RIGHT"
        /usr/libexec/PlistBuddy -x -c "Print :$RIGHT" "$SCRIPT_DIR/authorization_rights.plist" | /usr/bin/security authorizationdb write "$RIGHT"  2>&1
        if [ $? != 0 ]
        then
            echo "Failed to install authorization rights"
            return 1
        fi
    done


    echo "reset help cache"
    ps ux | awk '/HelpViewer/ && !/awk/ {print $2}' | xargs kill -s term
    ps ux | awk '/helpd/ && !/awk/ {print $2}' | xargs kill -s term
    ls -1 /Users | while read _USER; do
        rm -f "/Users/$_USER/Library/Caches/com.apple.helpd"
        rm -f "/Users/$_USER/Library/Caches/com.apple.helpviewer"
    done

    return 0
}

wait_bl()
{


    local PROTECTION_STATE="${TEMP_INSTALLER_DIR}/protection_state"
    [ ! -f "${PROTECTION_STATE}" ] && "File ${PROTECTION_STATE} is absent" && return 1

    SHOULD_START_PROTECTION=$(awk -F' ' '{print $2}' "${PROTECTION_STATE}")
    echo "SHOULD_START_PROTECTION: ${SHOULD_START_PROTECTION}"

    if [ "$SHOULD_START_PROTECTION" == "0" ];then
        echo "Do not start Protection."
        return 0
    fi

    echo "/usr/local/bin/kav start Protection"
    ( /usr/local/bin/kav start Protection ) &
    STARTPROTECTION=$!
    timedwait_pid $STARTPROTECTION 60 1

    local wait_bl_start=`/bin/date +%s`
    while (( `/bin/date +%s` - $wait_bl_start < $1 ))
    do
        echo "wait_bl(): Start checking protection state... current is " $(/usr/local/bin/kav status Protection)
        ( /usr/local/bin/kav status Protection 2>&1 | grep -qE "enabled|running" ) &
        local pid=$!
        timedwait_pid $pid 15 1
        [ $? == 0 ] && return 0
        sleep 2
    done
    return 1
}

start_kav()
{

    echo ""
    echo "Starting new daemon..."
    launchctl load -w "$KAV_DAEMON_PLIST"
    if [ $? != 0 ]
    then
    echo "Failed to start daemon from plist \"$KAV_DAEMON_PLIST\""
    return 1
    fi


    echo "Waiting for daemon to initialize"
    sleep 1
    bl_wait_start=`/bin/date +%s`
    wait_bl 150
    echo "Waited for bl $(( `/bin/date +%s` - $bl_wait_start )) seconds"

    return 0
}

start_kav_app()
{

    local DELAYED_START_SCRIPT_DIR="/Users/$USER/Library/Application Support/Kaspersky Lab"
    local DELAYED_START_SCRIPT_PATH="$DELAYED_START_SCRIPT_DIR/delayed_start.sh"
    local USER_LAUNCH_AGENTS_PLIST_DIR="/Users/$USER/Library/LaunchAgents"
    local DELAYED_START_PLIST_PATH="$USER_LAUNCH_AGENTS_PLIST_DIR/com.kaspersky.kav.delayed_start.plist"
    local DELAYED_START_PROCESS_WAIT_NAME="Kaspersky Downloader.app/Contents/MacOS/Downloader"
    local DELAYED_START_PROCESS_WAIT_TIMEOUT="120"
    local DELAYED_START_AGENT=$KAV_AGENT_PLIST
    local DELAYED_START_APP=$KAV_APP_PLIST
    local DELAYED_START_USER_NAME="$USER"

    mkdir -v "$DELAYED_START_SCRIPT_DIR"
    cp -fv "$SCRIPT_DIR/delayed_start.sh" "$DELAYED_START_SCRIPT_PATH"

    if [ -d "$USER_LAUNCH_AGENTS_PLIST_DIR" ]; then
        echo "Directory $USER_LAUNCH_AGENTS_PLIST_DIR exists"
        rm -fv "$DELAYED_START_PLIST_PATH"
    else
        echo "Creating $USER_LAUNCH_AGENTS_PLIST_DIR directory"
        mkdir -v "$USER_LAUNCH_AGENTS_PLIST_DIR"
        GROUP=`id -gn $USER`
        chown $USER:$GROUP "$USER_LAUNCH_AGENTS_PLIST_DIR"
    fi

    cat "$SCRIPT_DIR/delayed_start.plist" |
        sed "s|DELAYED_START_SCRIPT_PATH|$DELAYED_START_SCRIPT_PATH|"  |
        sed "s|DELAYED_START_PROCESS_WAIT_NAME|$DELAYED_START_PROCESS_WAIT_NAME|" |
        sed "s|DELAYED_START_PROCESS_WAIT_TIMEOUT|$DELAYED_START_PROCESS_WAIT_TIMEOUT|" |
        sed "s|DELAYED_START_AGENT|$DELAYED_START_AGENT|" |
        sed "s|DELAYED_START_APP|$DELAYED_START_APP|" |
        sed "s|DELAYED_START_USER_NAME|$DELAYED_START_USER_NAME|" > "$DELAYED_START_PLIST_PATH"

    echo "Fix ownership"
    chown -Rfv "$USER:staff" "$DELAYED_START_SCRIPT_DIR"
    chown -fv  "$USER:staff" "$DELAYED_START_PLIST_PATH"

    echo "Register delayed_start for GUI right after the installer closes"
    sudo -u "$USER" launchctl unload "$DELAYED_START_PLIST_PATH"
    sudo -u "$USER" launchctl load "$DELAYED_START_PLIST_PATH"

    return 0
}

setup_bases()
{
    echo "Setup bases"

    local CURRENT_ARCH=$(uname -m)
    local BASES_PATH="${KAV_BASES_ARCHIVE_DIR}/${CURRENT_ARCH}/bases.tar.gz"

    if [ ! -f "$BASES_PATH" ]; then
        echo "error: No $BASES_PATH file" && return 1
    fi

    echo "Extracting $BASES_PATH to $KAV_SUPPORT_DIR"
    pushd "$KAV_SUPPORT_DIR"
        tar -xvzf "$BASES_PATH"
            [ $? != 0 ] && echo "error: failed to extract $BASES_PATH to $KAV_SUPPORT_DIR" && return 1
    popd

    rm -rfv "${KAV_BASES_ARCHIVE_DIR}"


    echo ""
    echo "Changing owner of \"$KAV_SUPPORT_DIR\" folder..."
    chown -R root:admin "$KAV_SUPPORT_DIR"
    if [ $? != 0 ]
    then
        echo "Failed to change owner of the folder \"$KAV_SUPPORT_DIR\""
        return 1
    else
        echo "Owner of the folder \"$KAV_SUPPORT_DIR\" changed successfully"
    fi

    echo "Bases successfully installed"

    return 0
}

setup_ucp()
{

    [ -d "$UCP_SUPPORT_DIR" ] || mkdir -p "$UCP_SUPPORT_DIR"
    chmod 777 "$UCP_SUPPORT_DIR"


    if [ ! -e "$UCP_SUPPORT_DIR/ucp_agent.bin" -a -e "$UCP_SUPPORT_DIR/ucp_storage.bin" ]
    then
        cp -vf "$UCP_SUPPORT_DIR/ucp_storage.bin" "$UCP_SUPPORT_DIR/ucp_agent.bin"
        if [ -f "$UCP_SUPPORT_DIR/ucp_agent.bin" ];
        then
            echo ""
            echo "Changing access rights to \"$UCP_SUPPORT_DIR/ucp_agent.bin\" file..."
            chmod g-rwx,o-rwx "$UCP_SUPPORT_DIR/ucp_agent.bin"
            if [ $? != 0 ]
            then
                echo "Failed to change access rights to \"$UCP_SUPPORT_DIR/ucp_agent.bin\""
                return 1
            else
                echo "Access rights to \"$UCP_SUPPORT_DIR/ucp_agent.bin\" changed successfully"
            fi
        else
            echo "No \"$UCP_SUPPORT_DIR/ucp_agent.bin\" file"
        fi
    fi

    return 0
}

setup_appex()
{

    echo "postinstall: setup_appex"
    pluginkit -a "$APPEX_BUNDLE_DIR"
        [ $? != 0 ] && echo "postinstall: failed to register appex"

    return 0
}

fix_user_library_permissions()
{
    echo "postinstall: fix_user_library_permissions"
    ls -1 /Users | while read _USER; do
        echo "postinstall: changing owner to $_USER for /Users/$_USER/Library/Application Support/Kaspersky Lab"
        chown -R "$_USER" "/Users/$_USER/Library/Application Support/Kaspersky Lab"
    done

    return 0
}

register_kickstart_gui_for_logged_in_users()
{
    echo "Load com.kaspersky.kav.agent.plist for each logged in user"
    echo "Load com.kaspersky.kav.app.plist for each logged in user"
    who | awk '{print $1}' | uniq | while read _USER; do
        sudo su - "$_USER" -c "launchctl load -w \"$KAV_AGENT_PLIST\""
        sudo su - "$_USER" -c "launchctl load -w \"$KAV_APP_PLIST\""
    done
}

set_eula_ksn_non_gdpr()
{
    echo "postinstall: set_ksn_non_gdpr"
    KSN_ENVPATH="/tmp/kluseksn"

    if [ -f $KSN_ENVPATH ]
    then
        KSN_VAL=$(cat "$KSN_ENVPATH" | cut -d "=" -f2)

        echo "postinstall: KSN_VAL = $KSN_VAL"
        if [ $KSN_VAL != 0 ]
        then
            PLIST_KSN_VAL="True"
        else
            PLIST_KSN_VAL="False"
        fi


        "${SCRIPT_DIR}/kl_agreement_acceptance_util" "${GDPR_CONFIG_FILE}" "Ksn" "${PLIST_KSN_VAL}"
            [ $? != 0 ] && echo "postinstall: set Ksn.accepted failed"
        "${SCRIPT_DIR}/kl_agreement_acceptance_util" "${GDPR_CONFIG_FILE}" "Marketing" "${PLIST_KSN_VAL}"
            [ $? != 0 ] && echo "postinstall: set Marketing.accepted failed"
    else
        echo "postinstall: no $KSN_ENVPATH. do not change Ksn.accepted in plist"
    fi

    echo "postinstall: set_eula_accepted"

    "${SCRIPT_DIR}/kl_agreement_acceptance_util" "${GDPR_CONFIG_FILE}" "Eula" "True"
        [ $? != 0 ] && echo "postinstall: set Eula.accepted failed" && return 1

    return 0
}

set_isgdpr()
{
    ISGPDR_ENVPATH="/tmp/klisgdpr"

    if [ -f $ISGPDR_ENVPATH ]
    then
        IS_GDPR=$(cat "$ISGPDR_ENVPATH" | cut -d "=" -f2)
        echo "postinstall: IS_GDPR = $IS_GDPR"
        update_cfg_with_rc "environment:UseGDPR" "${IS_GDPR}"
            [ $? != 0 ] && echo "WARNING: setting environment:UseGDPR to ${IS_GDPR} failed"
    else
        echo "postinstall: couldn't find $ISGPDR_ENVPATH"
    fi

    return 0
}

copy_gdprconfig()
{
    echo "postinstall: copy_gdprconfig"

    if [ -f $GDPR_CONFIG_FILE ]
    then
        GDPRCONFIG_ENVPATH=$(get_environment_value "${CONFIG_XML}" "AgreementsStatePlist")
        cp -v "$GDPR_CONFIG_FILE" "$GDPRCONFIG_ENVPATH"
        [ $? != 0 ] && echo "postinstall: creating AgreementsStatePlist failed"
    fi

    return 0
}

rollback_setup()
{
    echo
    echo "Postflight script for KAV failed. Rollbacking installation..."
    sudo sh "$KAV_BIN_DIR/UninstallScript"
    exit 1
}

set_commercial_key()
{
    KEY_FILE="/tmp/registrationkey.fs"

    if [ ! -f $KEY_FILE ]
    then
       echo "$KEY_FILE file not exists."
       return
    fi

    ACTIVATION_CODE_RAW=`cat $KEY_FILE`
    ACTIVATION_CODE="$(echo "${ACTIVATION_CODE_RAW}" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')"

    if [ ! -z $ACTIVATION_CODE ]
    then
        update_cfg "settings.def:Ins_ActivationCode" "$ACTIVATION_CODE"
    fi

    cp -fv "$CONFIG_XML" /tmp/config.xml.copy
}

set_data_field()
{
    local OPT_CHILD_NODE="$3" # optional parameter
    echo "Trying to set $1 = $2 (optional child node = '$OPT_CHILD_NODE')"

    local PRODUCT_CURRENT_VERSION=$(echo "$NEW_PRODUCT_VERSION" | sed -n 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/AVP\1\.\2\.\3/p')

    if [ ! -f "$KAV_DATA_DIR"/blregistry.xml ]
    then
        echo "Create new empty blregistry.xml"

        echo "<root><aa><Software><KasperskyLab></KasperskyLab></Software></aa></root>" > "$KAV_DATA_DIR"/blregistry.xml

        echo "Changing permisions for blregistry.xml"
        chmod 600 "$KAV_DATA_DIR"/blregistry.xml
    fi

    "$SCRIPT_DIR"/bl_data_editor.pl "${KAV_DATA_DIR}"/blregistry.xml "${PRODUCT_CURRENT_VERSION}" "$1" "$2" "$OPT_CHILD_NODE"
        [ $? != 0 ] && echo "error: failed to set $1 to $2 value for ${PRODUCT_CURRENT_VERSION} in ${KAV_DATA_DIR}/blregistry.xml" && return 1

    return 0
}

upgrade_data_attribute()
{
    local ATTRIBUTE_NAME=$1
    local OPT_CHILD_NODE="$2"

    if [ ! -f "$KAV_DATA_DIR"/blregistry.xml ]
    then
        echo "$KAV_DATA_DIR/blregistry.xml is absent"
        return 1
    fi

    local PREVIOUS_PRODUCT_VERSION=$(echo "$PREV_PRODUCT_VERSION" | sed -n 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/AVP\1\.\2\.\3/p')

    local OPT_CHILD_NODE_PATH=""
    [ ! -z "$OPT_CHILD_NODE" ] && OPT_CHILD_NODE_PATH="$OPT_CHILD_NODE/"

    local PATH_TO_ATTR="//root/aa/Software/KasperskyLab/${PREVIOUS_PRODUCT_VERSION}/data/${OPT_CHILD_NODE_PATH}@${ATTRIBUTE_NAME}"

    echo "Reading ${OPT_CHILD_NODE_PATH}${ATTRIBUTE_NAME} value from "${KAV_DATA_DIR}"/blregistry.xml for previous version=${PREVIOUS_PRODUCT_VERSION}"
    /usr/bin/xmllint --xpath "$PATH_TO_ATTR" "$KAV_DATA_DIR"/blregistry.xml
    [ $? != 0 ] && echo "${OPT_CHILD_NODE_PATH}${ATTRIBUTE_NAME} is absent for version: ${PREVIOUS_PRODUCT_VERSION}" && return 1

    local ATTRIBUTE_VALUE=$(/usr/bin/xmllint --xpath "string($PATH_TO_ATTR)" "$KAV_DATA_DIR"/blregistry.xml)
    echo "${OPT_CHILD_NODE_PATH}${ATTRIBUTE_NAME}=${ATTRIBUTE_VALUE}"
    set_data_field "${ATTRIBUTE_NAME}" "${ATTRIBUTE_VALUE}" "${OPT_CHILD_NODE}"
}

setup_blregistry()
{

    set_data_field ProductHotfix b

    set_data_field ProductHotfixNew b

    if [ ! -z "$PREV_PRODUCT_TYPE" ]; then
        echo "Saving previous product type to blregistry.xml"
        set_data_field PreviousProductType "${PREV_PRODUCT_TYPE}"
    fi


    echo "Set UseUnifiedAppId = 1 in blregistry.xml for ProductType: $NEW_PRODUCT_TYPE"
    set_data_field UseUnifiedAppId 1

    echo "Transfer isDuplicatedPasswordControlEnabledForGUI from previous product version"
    upgrade_data_attribute isDuplicatedPasswordControlEnabledForGUI

    if [ "$PREV_PRODUCT_TYPE" == "$NEW_PRODUCT_TYPE" ]; then
        echo "Transfer UcpAccountInfoProvider/Info value from previous product version"
        upgrade_data_attribute Info UcpAccountInfoProvider
    fi

    return 0
}

setup_product()
{
    echo "Starting postflight script for KAV..."

    setup_core || return 1
    setup_bases || return 1
    setup_ucp || return 1
    set_commercial_key
    fix_user_library_permissions || return 1
    set_eula_ksn_non_gdpr || return 1
    copy_gdprconfig || return 1
    set_isgdpr || return 1
    install_native_messaging_manifests || return 1
    echo "postinstall: config.xml editing  finished"


    sleep 3

    setup_blregistry || return 1

    setup_appex || return 1














    start_kav || return 1
    start_kav_app || return 1

    echo "Clean /tmp"
    if [ -f /tmp/kluseksn ]
    then
        rm -fv /tmp/kluseksn

    fi
    if [ -f /tmp/klisgdpr ]
    then
        rm -fv /tmp/klisgdpr
    fi
    if [ -f /tmp/klinstalltype ]
    then
    rm -fv /tmp/klinstalltype
    fi

    rm -rfv \
        "$KAV_APP_DIR/Kaspersky Downloader.app" \
        "$TEMP_INSTALLER_DIR"

    echo "Postflight script for KAV completed sucessfully"
    return 0
}


setup_product || rollback_setup
