#! /bin/sh

# $Copyright:	$
# Copyright (c) 1984, 1985, 1986, 1987, 1988, 1989, 1990 
# Sequent Computer Systems, Inc.   All rights reserved.
#  
# This software is furnished under a license and may be used
# only in accordance with the terms of that license and with the
# inclusion of the above copyright notice.   This software may not
# be provided or otherwise made available to, or used by, any
# other person.  No title to or ownership of the software is
# hereby transferred.

#ident	"$Header: unixadmin 1.5 89/10/11 $@(#)sadmin:admin/unixadmin	2.3.1.1"
#	General purpose hook into administrative logins used as commands,
#	so that the commands can have passwords on them.

# WARNING: THIS FILE IS NO LONGER USED
#          Due to changes within "sysadm", this file is no longer used
#	   by any sysadm routine.  This file may be removed in a
#	   future release.

set -f
PATH=${PATH:-/bin:/usr/bin}:/usr/lbin
export PATH
cmd=`basename $0`
if  grep "^${cmd}:" /etc/passwd >/dev/null
then
	# Magic here!
	# The problem is that we want the commands to (potentially) have a
	# password, so that they can be restricted if the user likes, and
	# to be within the restricted shell so that the user can not break out
	# and become super-user.  The complication is that we want the command
	# to have arguments, but /bin/su will not permit arguments to something
	# that has /bin/rsh as its login shell and /bin/su clears out the
	# environment when the - argument is used.  So we open another File
	# Descriptor and ship the arguments in via a pipe.
	#	make File Descriptor 4 the same as 0 (standard input)
	exec 4<&0
	#	echo the arguments down a pipe.  On the receiving end,
	#	connect the pipe to File Descriptor 3 and connect the original
	#	standard input, available on FD 4, to FD 0.  Lastly, close FD 4.
	#	See the .profile file (admin profile.dot) for how the arguments
	#	are read.
	echo $*  |  3<&0 0<&4 4<&- /bin/su - ${cmd}
else
	admerr $0 Command ${cmd} does not exist in /etc/passwd.
	exit 1
fi
