
#	ATT: ident	"sadmin:admin/unixadmin	2.3"

#ident	"@(#)sadmin/admin:unixadmin	25.1"

#	General purpose hook into administrative logins used as commands,
#	so that the commands can have passwords on them.



#test if yellow page is up
ps -e > /tmp/t1
if grep ypbind /tmp/t1 > /dev/null
then
# if so, is this the yp master server?
	host=`uname -n`					
	master=`ypwhich`
	if test $host = $master; then
		flag=`cat /tmp/t1`
	else
		echo "Must be YP master server to execute unixadmin\n"
		rm /tmp/t1
		exit 1
	fi
fi
rm /tmp/t1
set -f
PATH=${PATH:-/bin:/usr/bin}:/usr/lbin
export PATH
cmd=`basename $0`
if  grep "^${cmd}:" /etc/passwd >/dev/null
then
	# Magic here!
	# The problem is that we want the commands to (potentially) have a
	# password, so that they can be restricted if the user likes, and
	# to be within the restricted shell so that the user can not break out
	# and become super-user.  The complication is that we want the command
	# to have arguments, but /bin/su will not permit arguments to something
	# that has /bin/rsh as its login shell and /bin/su clears out the
	# environment when the - argument is used.  So we open another File
	# Descriptor and ship the arguments in via a pipe.
	#	make File Descriptor 4 the same as 0 (standard input)
	exec 4<&0
	#	echo the arguments down a pipe.  On the receiving end,
	#	connect the pipe to File Descriptor 3 and connect the original
	#	standard input, available on FD 4, to FD 0.  Lastly, close FD 4.
	#	See the .profile file (admin profile.dot) for how the arguments
	#	are read.
	echo $*  |  3<&0 0<&4 4<&- /bin/su - ${cmd}
else
	admerr $0 Command ${cmd} does not exist in /etc/passwd.
	exit 1
fi
