#!/usr/bin/bash

# exit if not running as root. Because other user don't have privileges to start/stop firewalld.
[[ "${UID}" -eq "0" ]] || exit 0

if [[ "${PAM_USER}" =~ -exam$ ]]; then
  systemctl start firewalld.service
elif ! (users | grep -q -- "-exam"); then
   systemctl stop firewalld.service
fi