#!/bin/bash

# This script creates symbolic links to permit certain scripts/programs to
# execute with root authority.  It runs during startup.
#
# Some important notes:
# 1) Only scripts/programs that really REQUIRE root authority should be listed here.
# 2) DO NOT LIST SYSTEM COMMANDS HERE.  Listing a system command such as "/bin/rm",
#    "/bin/cp" or "/bin/cat" allows them to read/write/delete any file anywhere, 
#    and that creates an UNNECESSARY SYSTEM EXPOSURE.  Instead, a shell script should
#    be created to manipulate the SPECIFIC file(s) in the manner required by the 
#    invoking task/component, and that script should be listed here.  The same concern
#    exists for system commands that don't just manipulate files, e.g., "/sbin/shutdown",
#    "/bin/mount", "/etc/init.d/*". If a task/component requires several such scripts,
#    consider bundling them into a "utility" script similar to backupRestoreUtil.

# List of scripts/programs authorized to run with root authority.
programs='
/opt/hsc/bin/pwdEntry
/opt/hsc/bin/getRemoteFiles
/opt/hsc/bin/lssysconn
/opt/hsc/bin/lsdump
/opt/hsc/bin/ftpDumpToServer
/opt/hsc/bin/copyDumpToDVD
/sbin/shutdown
/opt/hsc/bin/chmodUPD
/opt/hsc/bin/chsyscfgUPD
/opt/hsc/bin/dlslicUPD
/opt/hsc/bin/lspartitionUPD
/opt/hsc/bin/lssyscfgUPD
/opt/hsc/bin/mkdirUPD
/opt/hsc/bin/rmUPD
/opt/hsc/bin/rpmUPD
/opt/hsc/bin/findCmd
/opt/hsc/bin/moveCmd
/opt/hsc/bin/runactUPD
/opt/hsc/bin/topologyUtil
/opt/hsc/bin/createLicenseFile
/opt/hsc/bin/removeLicenseAndHalt
/opt/hsc/bin/runUpdate
/opt/hsc/bin/backuphdr
/opt/hsc/bin/restorehdr
/opt/hsc/bin/listRemoteArchive
/opt/hsc/bin/backupRestoreUtil
/opt/hsc/bin/SystemSettings
/opt/hsc/bin/KerberosSettings
/opt/hsc/bin/LdapSettings
/opt/hsc/bin/dateTimeUtil
/opt/hsc/bin/vpdCommandUtil
/opt/hsc/bin/runUpdate
/opt/hsc/bin/hmcshutdown
/usr/bin/sudo
/opt/hsc/bin/saveupCommandUtil
/opt/hsc/bin/ibm5250
/opt/hsc/bin/processWBFile
/usr/sbin/rsct/bin/ctbackup
/opt/hsc/sbin/setTimeServer
/usr/sbin/rsct/bin/rmcctrl
/opt/hsc/bin/bkprofdata
/opt/hsc/bin/chhwres
/opt/hsc/bin/chsysstate
/opt/hsc/bin/chcod
/opt/hsc/bin/getK5login
/opt/hsc/bin/putK5login
/opt/hsc/bin/rmK5login
/opt/hsc/bin/isRemoteUser
/opt/hsc/bin/getKerberosFile
/opt/hsc/bin/getLdapCACert
/opt/hsc/bin/removekrbkeyfile
/opt/hsc/bin/removeldapcacert
/var/adm/invscout/getRemoteFirmwareFile
/var/adm/invscout/getFileFromCDROM
/opt/hsc/bin/frucode
/opt/hsc/bin/lshwres
/opt/hsc/bin/tarUtil
/opt/hsc/bin/changessh
/opt/hsc/bin/manageLinux
/opt/hsc/bin/updateRemoteweb
/opt/hsc/bin/list
/opt/hsc/bin/dfcmd
/opt/hsc/bin/remove
/opt/hsc/bin/killibm5250
/opt/hsc/bin/kill_OS_install
/opt/hsc/bin/restartX
/opt/hsc/bin/chpwrmgmt
/opt/hsc/bin/sendmsg
/opt/hsc/bin/checkDumpDirAvailSpace
/opt/hsc/bin/setLangOps
/opt/hsc/bin/isManagedUser
/opt/hsc/bin/rmldapauth
/opt/hsc/bin/sessiontimeout
/opt/hsc/bin/setldapauth
/opt/hsc/bin/setupldapssh
/opt/hsc/bin/deleteOldDumpFile
/opt/hsc/bin/getNTPServers
/opt/hsc/bin/queryssh
/opt/hsc/bin/makesshkey
/opt/hsc/bin/mkauthkeys
/opt/hsc/bin/efixUtil
/opt/hsc/bin/hmccipher
/opt/hsc/bin/updateInterfaceTSO
/opt/hsc/bin/getInterfaceTSO
'

# Include the common HMC function definitions
. hmcfunctions

# Setup the links.
runAsRootKey='runAsRoot'
runAsRootDir=`queryFileLocation "$runAsRootKey"`
if [ -n "$runAsRootDir" ]; then 
   for program in $programs ; do
      if [ -x "$program" ]; then 
         ln -v -s $program $runAsRootDir
      else
         echo "program $program does not exist to be linked or is not executable"
      fi
   done
else
   echo "$runAsRootKey key not found in DDFC"
fi
