#!/bin/sh
#ident	"@(#)dtadmin:userad/scripts/make-owner	1.24.1.3"
#	Copyright (c) 1990, 1991, 1992, 1993, 1994 Novell, Inc. All Rights Reserved.
#	Copyright (c) 1993 Novell, Inc. All Rights Reserved.
#	  All Rights Reserved

#	THIS IS UNPUBLISHED PROPRIETARY SOURCE CODE OF Novell Inc.
#	The copyright notice above does not evidence any
#	actual or intended publication of such source code.

#
#	initial dtadmin owner setup, should be done by foundation set install.
#	FIX: check args against /etc/passwd

Add_Owner_To_Pkg() {

	MAILID=$1
	FILE=$2
	# Bail out if arguments not valid...
	[ ! -f ${FILE} ] && return
	[ "${MAILID}" = "" ] && return
	[ "${MAILID}" = "root" ] && return # root always configured

	# look for construct mail=<list of logins separated by spaces>
	# And then look for user ID $MAILID within that list
	# Either the pattern " <ID> " is in $2 or the pattern
	# " <ID>$" (where $ is end of line) is in the file.
	GREP1=`/sbin/grep "^mail=" ${FILE} | /sbin/grep " ${MAILID} "`
	GREP2=`/sbin/grep "^mail=" ${FILE} | /sbin/grep " ${MAILID}$"`
	if [ "${GREP1}" = "" -a "${GREP2}" = "" ]
	then
		# add the user to the list
		FNAME=/tmp/.mailtoid$$
		/usr/bin/sed \/\^mail\/s/\$\/" ${MAILID}"\/ < ${FILE} > ${FNAME}
		/sbin/cp ${FNAME} ${FILE}
		/sbin/rm -f ${FNAME} 1>/dev/null 2>&1
	fi
	# otherwise user was already in the list
}

Rm_Owner_From_Pkg() {
	MAILID=$1
	FILE=$2
	# Bail out if arguments not valid...
	[ ! -f ${FILE} ] && return
	[ "${MAILID}" = "" ] && return
	[ "${MAILID}" = "root" ] && return # don't remove root as recipient

	# look for construct mail=<list of logins separated by spaces>
	# And then look for user ID $MAILID within that list
	# Either the pattern " <ID> " is in $2 or the pattern
	# "<ID>$" (where $ is end of line) is in the file.
	GREP1=`/sbin/grep "^mail=" ${FILE} | /sbin/grep " ${MAILID} "`
	GREP2=`/sbin/grep "^mail=" ${FILE} | /sbin/grep " ${MAILID}$"`
	FNAME=/tmp/.mailtoid$$
	if [ "${GREP1}" != "" ] 
	then
		# remove user from list via sed 
		/usr/bin/sed \/\^mail\/s/" ${MAILID} "\/\ \/ < ${FILE} > ${FNAME}
		/sbin/cp ${FNAME} ${FILE}
		/sbin/rm -f ${FNAME} 1>/dev/null 2>&1
	else
		if [ "${GREP2}" != "" ]
		then
			# remove user from list via sed 
			/usr/bin/sed \/\^mail\/s/" ${MAILID}\$"\/\/ < ${FILE} > ${FNAME}
			/sbin/cp ${FNAME} ${FILE}
			/sbin/rm -f ${FNAME} 1>/dev/null 2>&1
		fi
	fi
	# otherwise user was not in the list
}

XDIR=${XWINHOME:-/usr/X}
Prefix="UX:`/usr/bin/basename $0`"
ProgramName=`/usr/bin/basename $0`
. $XDIR/adm/dtuser.msgs
RFLAG=0

if [ "$1" = "" -o "$1" = "-?" ]
then
        MSG=`$GETTXT $TXT_MakeOwner`
        printf "$MSG\n" $ProgramName $ProgramName $ProgramName >& 2
	exit 1
else
	if [ "$1" = "-r" ]
	then
		RFLAG=1
		shift 1
	fi
	OWN=$1
	PREV=$2
	PRIVTABLE=$XDIR/desktop/LoginMgr/PrivTable
	PERMISSIONS_DIR=$XDIR/desktop/LoginMgr/Users
#
#	this script will fail unless executed by root or by an account
#	that has already been granted privileges to execute adminuser
#	(specifically, the account set up by root as the system owner
#	at the time of foundation set installation.)
#
	if /sbin/tfadmin -t adminuser 2>/dev/null
	then	ADMIN="/sbin/tfadmin adminuser"
	else	ADMIN=/usr/bin/adminuser
	fi
fi

if [ $1 != "-" ]
then
	for pkgfile in /var/sadm/install/admin/*
	do
		Add_Owner_To_Pkg ${OWN} ${pkgfile}
	done
	$ADMIN -n $OWN >/dev/null 2>&1
	
	$ADMIN -a adminuser:/usr/bin/adminuser:allprivs $OWN >/dev/null 2>&1
	$ADMIN -a tfadmin:/sbin/tfadmin:allprivs $OWN >/dev/null 2>&1
	$ADMIN -a date:/usr/bin/date:sysops:macwrite:dacwrite $OWN >/dev/null 2>&1
	$ADMIN -a useradd:/usr/sbin/useradd:owner:audit:compat:dacread:dacwrite:filesys:macread:macwrite:multidir:setplevel:setuid:fsysrange:setflevel $OWN >/dev/null 2>&1
	$ADMIN -a userdel:/usr/sbin/userdel:compat:dacread:dacwrite:filesys:macread:macwrite:setflevel: $OWN >/dev/null 2>&1
	$ADMIN -a usermod:/usr/sbin/usermod:owner:audit:compat:dacread:dacwrite:filesys:macread:macwrite:multidir:setplevel:setuid:fsysrange:setflevel $OWN >/dev/null 2>&1
	$ADMIN -a passwd:/usr/bin/passwd:macread:audit:setflevel:dev:macwrite:dacread:dacwrite:sysops:owner $OWN >/dev/null 2>&1
	$ADMIN -a groupadd:/usr/sbin/groupadd:macread:dacread:macwrite:audit:setflevel:dacwrite $OWN >/dev/null 2>&1
	$ADMIN -a groupdel:/usr/sbin/groupdel:macread:dacread:dacwrite:macwrite:setflevel $OWN >/dev/null 2>&1
	$ADMIN -a groupmod:/usr/sbin/groupmod:macread:dacread:audit:dacwrite:macwrite:setflevel $OWN >/dev/null 2>&1
	$ADMIN -a LoginMgr:$XDIR/bin/LoginMgr:allprivs $OWN >/dev/null 2>&1
	$ADMIN -a MediaMgr:$XDIR/bin/MediaMgr:dacread:dacwrite:macread:macwrite:compat $OWN >/dev/null 2>&1
	$ADMIN -a dtbackup:$XDIR/adm/dtbackup.sh:dacread:macread:dacwrite:macwrite:compat $OWN >/dev/null 2>&1
	$ADMIN -a dashboard:$XDIR/bin/dashboard:dacread:dacwrite:macread:macwrite:compat $OWN >/dev/null 2>&1
	$ADMIN -a privrestore:$XDIR/adm/privrestore:allprivs $OWN >/dev/null 2>&1
	# cpio needs allpriv in SUM environment to reset uid, gid
	$ADMIN -a cpio:/usr/bin/cpio:allprivs $OWN >/dev/null 2>&1
	if [ $RFLAG != 1 ]
	then
		echo owner > $PERMISSIONS_DIR/$OWN
		for CMD in `/usr/bin/cut -f2 $PRIVTABLE`
		do
			$ADMIN -a $CMD $OWN >/dev/null 2>&1
		done
		/usr/bin/cut -f1 $PRIVTABLE >> $PERMISSIONS_DIR/$OWN
		chmod 444 $PERMISSIONS_DIR/$OWN
	fi

        # Add supplemental group to owner.
        /usr/sbin/usermod -G dtadmin $OWN 2> /dev/null 
fi

#	remove previous owner
#
if [ "$PREV" != "" ]
then	
	/usr/bin/sed -e "/^owner$/d" $PERMISSIONS_DIR/$PREV > /tmp/owner$$
	/usr/bin/mv /tmp/owner$$ $PERMISSIONS_DIR/$PREV

	for pkgfile in /var/sadm/install/admin/*
	do
		Rm_Owner_From_Pkg ${PREV} ${pkgfile}
	done
	$ADMIN -r   tfadmin $PREV >/dev/null 2>&1
	$ADMIN -r      date $PREV >/dev/null 2>&1
	$ADMIN -r   useradd $PREV >/dev/null 2>&1
	$ADMIN -r   userdel $PREV >/dev/null 2>&1
	$ADMIN -r   usermod $PREV >/dev/null 2>&1
	$ADMIN -r    passwd $PREV >/dev/null 2>&1
	$ADMIN -r  groupadd $PREV >/dev/null 2>&1
	$ADMIN -r  groupdel $PREV >/dev/null 2>&1
	$ADMIN -r  groupmod $PREV >/dev/null 2>&1
	$ADMIN -r  LoginMgr $PREV >/dev/null 2>&1
	$ADMIN -r  MediaMgr $PREV >/dev/null 2>&1
	$ADMIN -r  dtbackup $PREV >/dev/null 2>&1
	$ADMIN -r  dashboard $PREV >/dev/null 2>&1
	$ADMIN -r  privrestore $PREV >/dev/null 2>&1
	$ADMIN -r      cpio $PREV >/dev/null 2>&1
# adminuser must be removed last since it's needed to remove all others
	$ADMIN -r adminuser $PREV >/dev/null 2>&1
         
        # Remove supplemental group from owner.
        /usr/sbin/usermod -G ""  $PREV 2> /dev/null
fi

exit 0
