#!/bin/sh

#    SAM-QFS_notice_begin
#
#      Solaris 2.x Sun Storage & Archiving Management File System
#
#      Copyright (c) 2004 Sun Microsystems, Inc.
#      All Rights Reserved.
#
#      Government Rights Notice
#      Use, duplication, or disclosure by the U.S. Government is
#      subject to restrictions set forth in the Sun Microsystems,
#      Inc. license agreements and as provided in DFARS 227.7202-1(a)
#      and 227.7202-3(a) (1995), DRAS 252.227-7013(c)(ii) (OCT 1988),
#      FAR 12.212(a)(1995), FAR 52.227-19, or FAR 52.227-14 (ALT III),
#      as applicable.  Sun Microsystems, Inc.
#
#    SAM-QFS_notice_end

#
# $Id: set_admin,v 1.6 2004/07/15 14:28:48 jp148923 Exp $
#
# set_admin sam-admin-group
#
# if no "sam-admin-group" is specified, the user will be prompted for one.
#

#  List of programs in /opt/SUNWsamfs/sbin to be SAM-FS admin group executable.

ADMLIST="archive_audit archiver auditslot build_cat chmed cleandrive \
  dmpshm dump_cat dump_log export import itemize load move odlabel sam-fsd\
  sam-recycler samtrace samcmd samset samu set_state showqueue tplabel \
  unarchive unload"

#  Check for root and exit if not.

UID=`/bin/id | sed -e "s/^[^=]*=//" -e "s/(.*//"`
if [ $UID -ne 0 ] ; then
    echo "You do not have permission to run this script. You must be 'root'."
	exit 1
fi

if [ X$1 = X ]; then

	if [ -f /usr/xpg4/bin/tr ]; then
		TR=/usr/xpg4/bin/tr
	else
		TR=/usr/bin/tr
	fi

	#
	# Obtain the current setting for the administrator group
	#
	GROUPADM=bin
	if [ -f /opt/SUNWsamfs/.samgroup ]; then
		GROUPADM=`cat /opt/SUNWsamfs/.samgroup`
	fi
	#
	#  Get the group for the administrators
	#
	echo ""
	echo By default, the administrator commands may be executed by
	echo root only.  However, if you wish, you can supply a group name
	echo which will also be allowed to execute the administrator commands.
	echo This group must currently exist in your system \(either in the
	echo /etc/group file or in YP/NIS/NIS+\)
	echo ""
	echo "The current group setting for the administrator commands is $GROUPADM."
	echo ""
	echo "If this is the desired value enter \"y\", if you wish to change"
	echo "the group setting to another group enter \"c\" ? \c"
	 
	CONTINUE=1
	while [ $CONTINUE -eq 1 ]; do
		read reply
		REPLY=`echo $reply | $TR -s '[:lower:]' '[:upper:]'`
		if [ X$REPLY = XY ]; then
			CONTINUE=0
		elif [ X$REPLY = XC ]; then
			ADDGROUP=1
			CONTINUE=0
		else
			echo ""
			echo "You have entered an invalid value of \"$reply\""
			echo ""
			echo "Please enter \"y\" to use the current group or \"c\" to"
			echo "change the group ? \c"

		fi
	done


	if [ $ADDGROUP = 1 ]; then
		CONTINUE=1
		echo ""
		echo Enter the name of the group which you wish to use administrator 
		echo group.
		while [ $CONTINUE -eq 1 ]; do
			echo ""
			read GROUPADM
			echo ""
			echo "You entered \"$GROUPADM\".  Enter y if this correct ? \c"
			read reply
			REPLY=`echo $reply | $TR -s '[:lower:]' '[:upper:]'`
			if [ X$REPLY = XY ]; then
				CONTINUE=0
			else
				echo ""
				echo You did not accept \"$GROUPADM\" as the group.
				echo ""
				echo Please enter the name of the group you wish to use
				echo as the administrator group.
			fi
		done
		echo The administrator commands will be executable by root and
		echo members of group $GROUPADM.
	fi
	echo ""
else
	#
	# set_admin was passed the group name already
	#
	GROUPADM=$1
fi

if [ $GROUPADM = "bin" ]; then
	ADMMODE=550
else
	ADMMODE=04550
fi

#  change the group on (most of) the adm commands in /opt/SUNWsamfs/sbin
 
chgrp $GROUPADM /opt/SUNWsamfs/sbin
if [ $? -ne 0 ]; then
	echo " "
	echo FATAL:  Group $GROUPADM does not exist in your system.
	echo This was the group you named as the administrator group.
	echo " "
	echo Please add the group following your site procedures, and then
	echo retry \"set_admin $GROUPADM\".
	exit 1
fi
for object in $ADMLIST
do
	if [ ! -f /opt/SUNWsamfs/sbin/$object ]; then
		continue
	fi
	chgrp $GROUPADM /opt/SUNWsamfs/sbin/$object
	chmod $ADMMODE /opt/SUNWsamfs/sbin/$object
done
if [ $GROUPADM = "bin" ]; then
	echo The administrator commands are now executable by root only.
else
	echo The administrator commands are now executable by root and
	echo members of group $GROUPADM.
fi	

# Retain the administrator group name for future installs and references

echo "$GROUPADM" > /opt/SUNWsamfs/.samgroup

exit 0
