#!/bin/ksh
# $Revision: 1.1.1.1.2.1 $
#Allows user to view, add, change or remove a user

#--------------------------------------------------------------------------
#  Set Global Variables
#--------------------------------------------------------------------------
login=$2
group=$3
comment=$4
vol_name=$5
var=$#
nis=0
nis_share=0
remove=0 
PATH=$PATH:/usr/bin:/usr/sbin
export PATH

#--------------------------------------------------------------------------
#  Function to display help
#--------------------------------------------------------------------------
helpme()
{
print "Usage: useradm add login_name  group_name \"comment\" vol_name"
print "       useradm change login_name [-g group_name] [-c \"comments\"]"
print "       useradm view [login_name]"
print "       useradm remove login_name"
print "       useradm download login_name {share \"<vol_name>\"| noshare}"
}
#--------------------------------------------------------------------------
#  Function to display nameserver message
#--------------------------------------------------------------------------
ns_msg()
{
 print "You are running a name service. Please use the download option."
 print "       useradm download login_name {share \"<vol_name>\"| noshare}"
}
#----------------------------------------------------------------------------
#  Function to view  user or users. This function calls the info function
#  to display the info to the screen.
#----------------------------------------------------------------------------
viewuser()
{

             if [[ $var -gt 2 ]]; then
               helpme
             elif [[ $var -eq 2  ]]; then
             # call user function to get user info
               user
               if [[ -z $user ]]; then
                   print "User" $login "does not exist"
                else
                   login_name=$login
                    info
                fi
             else
               login_name=$(/usr/bin/cut -d: -f1 /etc/passwd)
               info
             fi
}
#----------------------------------------------------------------------------
#  Function to display user info
#----------------------------------------------------------------------------
info()
{
                typeset -L20 h1 h2 h4 h5
                typeset -L40 h3 h6
                h1="Login Name"
                h4="----------"
                h2="Group"
                h5="-----"
                h3="Comment"
                h6="-------"
                print "$h1$h2$h3""$h4$h5$h6"
               for login in $login_name
               do
                 comment=$(/usr/bin/grep -w $login":" /etc/passwd | /usr/bin/cut -d: -f5)
                 gid_in=$(/usr/bin/grep -w $login":" /etc/passwd  | /usr/bin/cut -d: -f4)
                 group_in=$(/usr/bin/grep -w $gid_in":" /etc/group | /usr/bin/cut -d: -f1)

                 typeset -L20 f1 f2
                 typeset -L40 f3
                 f1=$login
                 f2=$group_in
                 f3=$comment
                 print "$f1$f2$f3"
               done
}

#----------------------------------------------------------------------------
#  Function to add a user
#----------------------------------------------------------------------------
 
adduser()
{
  passwd="*LK*"
 if [[ $var -lt 5 || $var -gt 5 ]]; then
         helpme
         exit 1 
 elif [[ $nis -eq 1 ]]; then
       ns_msg
       exit 1 
 fi
# Call user and get_gid functions to return information. Check to see if they exist.
   user  
   get_gid 
    if [[ -n $user ]]; then
         print "User" $login "already exists"
         exit 1
    fi 
    if [[ -z $gid ]]; then
         print "Group does not exist"
         exit 1
     else
         group=$gid
    fi  
# call the following functions to add user.  
            get_uid
            create_dir 
            update_passwd
            chg_owner
            nfs_share  
            cifs_share
}
#----------------------------------------------------------------------------
#  Function to Change a user
#----------------------------------------------------------------------------
chguser()
{  
     chgrp=0
     chcom=0
     if [[ $nis -eq 1 ]]; then
            ns_msg
            exit 1
     fi
     if [[ $var -lt 3 ]]; then
           helpme
           exit 1
     fi
   # Check to see if user and group exist by calling user and get_gid functions
       user
       if [[ -z $user ]]; then
             print "User" $login "does not exist"
             exit 1
       fi
       if [[ -n $group_opt ]]; then
       group=$group_opt
       get_gid
          if [[ -z $gid ]]; then
              print "Group does not exist"
              exit 1
          else
              chgrp=1
          fi
        fi
        if [[ -n $comment_opt ]]; then
              chcom=1
        fi
/usr/bin/grep -v $login /etc/passwd | /usr/bin/grep ^$login | /usr/bin/grep -w -v $login /etc/passwd >>/tmp/passwd.chg
  /usr/bin/grep  -w $login /etc/passwd |/usr/bin/grep ^$login >> /tmp/changes
if [[ $chgrp -eq 1 && $chcom -eq 1 ]]; then
     b1=$(/usr/bin/cut -d: -f1-3 /tmp/changes)
     b2=$(/usr/bin/cut -d: -f6-7 /tmp/changes)
     change=$b1":"$gid":"$comment_opt":"$b2
elif [[ $chgrp -eq 1 && $chcom -eq 0 ]]; then
     g1=$(/usr/bin/cut -d: -f1-3 /tmp/changes)
     g2=$(/usr/bin/cut -d: -f5-7 /tmp/changes)
     change=$g1":"$gid":"$g2
elif [[ $chcom -eq 1 && $chgrp -eq 0 ]]; then
     c1=$(/usr/bin/cut -d: -f1-4 /tmp/changes)
     c2=$(/usr/bin/cut -d: -f6-7 /tmp/changes)
     change=$c1":"$comment_opt":"$c2
fi
   dir=$(/usr/bin/cut -d: -f6 /tmp/changes)
       if [[ $chcom -eq 1 ]]; then
          /usr/sbin/share -d "$comment_opt" $dir 2>/dev/null
         entry=$(/usr/bin/grep -w $login /etc/dfs/dfstab | cut -c1-31)
        if [[ -n $entry ]]; then
          /usr/bin/grep  -w $login /etc/dfs/dfstab | /usr/bin/grep -w $login  | /usr/bin/grep -w -v $login /etc/dfs/dfstab >> /tmp/dfstab
          echo $entry "\"$comment_opt"\" $dir >> /tmp/dfstab
          /usr/bin/mv /tmp/dfstab /etc/dfs/dfstab
        fi
          /opt/lanman/bin/net admin \\`/opt/lanman/sbin/getrole -p` /c net user $login >/dev/null 2>/dev/null
         if [[ $? -eq 0 ]]; then
           /opt/lanman/bin/net admin \\`/opt/lanman/sbin/getrole -p` /c net user $login /fullname:"$comment_opt" >/dev/null 2>/dev/null
         else
         /opt/lanman/bin/net admin \\`/opt/lanman/sbin/getrole -p` /c net user $login /add /passwordmustchg:yes /fullname:"$comment_opt" >/dev/null 2>/dev/null
          fi
          /opt/lanman/bin/net share $login >/dev/null 2>/dev/null
         if [[ $? -eq 0 ]]; then
          /opt/lanman/bin/net share $login /remark:"$comment_opt" >/dev/null 2>/dev/null
         else
 /opt/lanman/bin/net admin \\`/opt/lanman/sbin/getrole -p` /c net user $login /add /passwordmustchg:yes /fullname:"$comment_opt" >/dev/null 2>/dev/null
          fi
          /opt/lanman/bin/net share $login >/dev/null 2>/dev/null
          if [[ $? -eq 0 ]]; then
            /opt/lanman/bin/net share $login /remark:"$comment_opt" >/dev/null 2>/dev/null
          else
            /opt/lanman/bin/net share $login"=c:"$dir /remark:"$comment" > /dev/null 2>/dev/null
          fi
       fi 
       if [[ $chgrp -eq 1 ]]; then 
         /usr/bin/chgrp $group_opt $dir
       fi 
print $change >> /tmp/passwd.chg
/usr/bin/mv /tmp/passwd.chg /etc/passwd 
/usr/bin/rm /tmp/changes

     
}
#----------------------------------------------------------------------------
# This function is to find the next available uid in /etc/passwd. 
#----------------------------------------------------------------------------
get_uid()
{
/usr/bin/cut -d: -f3 /etc/passwd >>/tmp/uids$$

count=104

while(true)
do
        avail=$(/usr/bin/grep -wc $count /tmp/uids$$)

        if [[ $avail -eq 0 ]]; then
                break
        fi
        let count="count + 1"
done
uid=$count
/usr/bin/rm /tmp/uids$$
} 
#----------------------------------------------------------------------------
# This function is to download user information from the nameserver. 
#----------------------------------------------------------------------------
download()
{
       
 if [[ $nis -eq 1 ]]; then
       nis_info  
       if [[ -z $uid ]]; then
          print "You are running a name service. You must add user on"
          print "the nameserver before adding the user on the filer."
          exit 1
        fi
 else
       print "You are not running a name service. Use the add option."
       print  "useradm" "add login_name  group_name \"comment\" vol_name"
       exit 1
 fi
   case $option in 
                share)
                 if [[ -z $vol_name ]]; then
                    print "Please specify a volume name"
                    exit 1
                 else
                     create_dir
                 fi     
                 nis_share=1
                 ;;
                noshare)
                 nis_share=0 
                 ;;
                *) 
                 helpme
                 exit 1
                 ;;
   esac
# call user function to get user information. If user exists then set remove 
# varaiable to 1 and call update_passwd. This removes the entry from the
# passwd file. Set variable remove back to 0 and call update_passwd to
# add user back into passwd. This is done to sync the user.

 user
 if [[ -n $user ]]; then 
       remove=1
       update_passwd
       remove=0
 fi
# call update_passwd function to add name server information
        update_passwd
# If share option is selected call the appropriate functions to create
# shares.
     if [[ $nis_share -eq 1 ]]; then
          nfs_share
          cifs_share 
          chg_owner
     fi
}
#---------------------------------------------------------------------------
# This function updates the /etc/passwd file and /etc/shadow file. 
#---------------------------------------------------------------------------

 update_passwd()
{
shell="/usr/rbin/utility/filer"
 
 if [[ remove -eq 1 ]]; then
      /usr/sbin/userdel $login
 else
      print $login":x:"$uid":"$gid":"$comment":"$vol":"$shell  >> /etc/passwd
      print $login":$passwd:::::::" >> /etc/shadow
  fi           
}
#---------------------------------------------------------------------------
# Change owner of directory to user.
#---------------------------------------------------------------------------
chg_owner()
{
        /usr/bin/chown $login":"$group $vol >/dev/null
}
#---------------------------------------------------------------------------
# Creates a directory for a user.
#---------------------------------------------------------------------------

create_dir()
{
           vol=$(/usr/bin/grep "ARRAY"  /opt/SUNWsfadm/cfg/filer | /usr/bin/grep -w $vol_name |/usr/bin/cut -d: -f2)

               if [[ -z $vol ]]; then
                 print "Invalid volume_name"
                 exit 1
               else
                 vol=$vol"/"$login
               fi
               if [[ -d  $vol ]]; then
                  print "Directory exists"  > /dev/null
               else
                  /usr/bin/mkdir $vol
                fi

}
#----------------------------------------------------------------------------
#  Function to get user information
#----------------------------------------------------------------------------
user()
{
  user=$(/usr/bin/grep -w  $login /etc/passwd | /usr/bin/grep ^$login)
}
#----------------------------------------------------------------------------
# Function to get group id when group name is given.
#----------------------------------------------------------------------------
get_gid()
{
  gid=$(/usr/bin/grep -w $group /etc/group | /usr/bin/grep ^$group | /usr/bin/cut -d: -f3)
}
#----------------------------------------------------------------------------
# This function is to get nis user information from the nameserver. 
#----------------------------------------------------------------------------
nis_info()
{
      nis_entry=$(ypcat passwd | /usr/bin/grep -w $login)
      passwd=$(echo $nis_entry | /usr/bin/cut -d: -f2)
      uid=$(echo $nis_entry | /usr/bin/cut -d: -f3)
      gid=$(echo $nis_entry | /usr/bin/cut -d: -f4)
      comment=$(echo $nis_entry | /usr/bin/cut -d: -f5)
      vol=$(echo $nis_entry | /usr/bin/cut -d: -f6)
      if [[ -n $gid ]]; then
        group=$(/usr/bin/ypcat group | /usr/bin/grep -w $gid | /usr/bin/cut -d: -f1)
      fi
}
#----------------------------------------------------------------------------
#  Function to delete a user
#----------------------------------------------------------------------------
remuser()
{
      if [[ $var -ne 2 ]]; then
         helpme
         exit 1
      fi 
    # call user function to get info
    user
    if [[ -z $user ]]; then
               print "User $login does not exist"
               exit 1
          fi
# call functions to remove from passwd and remove shares.
               rem_nfsshare
               rem_cifs_share 
               update_passwd
}
  
#---------------------------------------------------------------------------
# Creates an NFS share for the user. The /etc/dfs/dfstab file is updated.
# The solaris share command is run to create the share. 
#---------------------------------------------------------------------------
nfs_share() 
{
           if [[ $nis_share -eq 1 ]]; then
              dir=$vol
           else 
           dir=$(/usr/bin/grep -w $login /etc/passwd | /usr/bin/grep ^$login | /usr/bin/cut -d: -f6)
           fi
              print $dir >> /tmp/dir
            f1=$(/usr/bin/cut -d/ -f2 /tmp/dir)
            f2=$(/usr/bin/cut -d/ -f3 /tmp/dir)
            dir=$f1"/"$f2
           share=$(/usr/bin/grep -w $dir /etc/dfs/dfstab)
           if [[ -z $share ]]; then
            print /usr/sbin/share -F nfs -o rw -d \"$comment\" $vol >> /etc/dfs/dfstab
           fi

            /usr/sbin/share | /usr/bin/grep -w $dir >/dev/null
            if [[ $? -ne 0 ]]; then
               /usr/bin/grep -w $dir /etc/dfs/dfstab >> /tmp/usershare.$$
               /usr/bin/chmod +x /tmp/usershare.$$
               /tmp/usershare.$$
               /usr/bin/rm /tmp/usershare.$$
            fi
            /usr/bin/rm /tmp/dir
}

#---------------------------------------------------------------------------
# This function creates a cifs share using the pc netlink software.
#---------------------------------------------------------------------------
cifs_share()
{

       /opt/lanman/bin/net admin \\`/opt/lanman/sbin/getrole -p` /c net user $login | /usr/bin/grep -w $login >/dev/null  2>&1 /dev/null
           
         if [[ $? -ne 0 ]]; then
         /opt/lanman/bin/net admin \\`/opt/lanman/sbin/getrole -p` /c net user $login /add /passwordmustchg:yes /fullname:"$comment" 2>&1 >/dev/null
         fi
         /opt/lanman/bin/net share $login >/dev/null 2>/dev/null
          if [[ $? -ne 0 ]]; then
            /opt/lanman/bin/net share $login"=c:"$vol /remark:"$comment" > /dev/null
          fi
} 
#----------------------------------------------------------------------------
# Remove nfs share. Check to see if share exists for user. Make sure to
# delete delete correct person from /etc/dfs/dstab. Run solaris unshare
# command to remove share.
#----------------------------------------------------------------------------

rem_nfsshare()
{

 # delete correct person from dfstab
          if [[ $nis -eq 1 ]]; then
              dir=$(/usr/bin/sed 's/ -F nfs -o rw -d/:/g' /etc/dfs/dfstab | /usr/bin/sed 's/"/:/g' | cut -d: -f4 | /usr/bin/grep -w $login)
          else
              dir=$(/usr/bin/grep -w $login /etc/passwd | /usr/bin/grep ^$login | /usr/bin/cut -d: -f6)
          fi
              print $dir >> /tmp/dir
              dir1=$(/usr/bin/tr '/' ':' < /tmp/dir)
              print $dir1 >> /tmp/dir2
              f1=$(/usr/bin/cut -d: -f2 /tmp/dir2)
              f2=$(/usr/bin/cut -d: -f3 /tmp/dir2)
              dir1=$f1"/"$f2
              /usr/bin/grep -v $dir1 /etc/dfs/dfstab | /usr/bin/grep -w -v $dir1 /etc/dfs/dfstab >> /tmp/dfstab
#              /usr/sbin/userdel $login
              unshare=$(/usr/sbin/share | /usr/bin/grep $dir1)  
               if [[ -n $unshare ]]; then 
                 /usr/sbin/unshare $dir
               fi
              /usr/bin/mv /tmp/dfstab /etc/dfs/dfstab
              /usr/bin/rm /tmp/dir /tmp/dir2  

}
#----------------------------------------------------------------------------
# Remove cifs share using pc netlink. Verify share exists.
#----------------------------------------------------------------------------
rem_cifs_share() 
{
               /opt/lanman/bin/net admin \\`/opt/lanman/sbin/getrole -p` /c net user $login >/dev/null 2>/dev/null
             if [[ $? -eq 0 ]]; then
              /opt/lanman/bin/net admin \\`/opt/lanman/sbin/getrole -p` /c net user $login /delete >/dev/null 2>/dev/null
             fi
             /opt/lanman/bin/net share $login >/dev/null 2>/dev/null
            if [[ $? -eq 0 ]]; then
             /opt/lanman/bin/net share $login /delete  >/dev/null 2>/dev/null
            fi
} 
#----------------------------------------------------------------------------
#     Option and usage checking
#---------------------------------------------------------------------------s
if [[ $2 = -* ]]; then
  helpme
  exit 1
fi

# Determine if nis is running.
if [[ -e /etc/defaultdomain ]]; then
   nis=1
fi

case $1 in
        add)
            vol_name=$5  
            adduser
         ;;   
        view)
              viewuser
           ;;
        change)
              while [[ $3 = -* ]]; do
              case $3
              in
                 -g)
                    group_opt=$4
                    if [[ -z $group ]]; then
                       echo "Please specify a group"
                       exit 1
                    fi
                    shift 2
                    ;;
                 -c)
                    comment_opt=$4    
                    if [[ -z $comment_opt ]]; then
                         echo "Please specify a comment"
                         exit 1
                     fi
                     shift 2
                     ;;
                  *)
                     helpme
                     shift
                     exit 1
                     ;;
                esac
                done
                chguser
           ;;
        remove)
               remove=1  
               remuser
           ;;

   	download) 
                 option=$3
       		 vol_name=$4
                 download
         ;;
        *)
          helpme
         ;; 
esac
