#!/bin/ksh
#
# %Z%%M%        %I%  %W% %G% %U%
#

LANG_SAVE=$LANG

#238484: set to C if not en_US or C
if [ "$LANG" != "en_US" -a  "$LANG" != "C" ]; then
  export LANG=C
fi

OS=`/bin/uname -s`

if [ -z $PAM_DIRECTORY] ; then
  PAM_DIRECTORY=/etc/pam.d
fi

WEBSM_PAM_FILE="$PAM_DIRECTORY/websm"

 set -f			# this is so that the case statement will work

# This following function is only for Linux, it is already available
# as an executable on AIX

 function dspmsg
 {

   shift

   if [ "$1" == "-s" ]; then
     shift
     shift
   else
     shift
   fi
   echo $*
 }

print_usage()
{
  export LANG=$LANG_SAVE

  dspmsg websm.cat 1 "
Usage:  %s [-enable | -disable ]
Where:
	-enable  -- Enable the pam for websm
	-disable -- Disable pam for websm
" >&2


exit 1
}

function enable_pam
{
  if [ -r $WEBSM_PAM_FILE ] ; then
   dspmsg websm.cat 1 "
    Websm file already exists. Nothing to configure"
   exit 0
  fi

  if [ ! -w $PAM_DIRECTORY ] ; then
    dspmsg websm.cat 1 "
    Cannot write to file $WEBSM_PAM_FILE.
    Either permissions are missing or not a valid user"
    exit 0
  fi

  cat > $WEBSM_PAM_FILE << EOF
auth	required	/lib/security/pam_unix.so
account	required	/lib/security/pam_unix.so
password	required	/lib/security/pam_unix.so
EOF
}

function disable_pam
{
  if [ ! -r $WEBSM_PAM_FILE ] ; then
   dspmsg websm.cat 1 "
    Websm file doesn't exist. Nothing to disable"
   exit 0
  fi

  if [ ! -w $PAM_DIRECTORY ] ; then
    dspmsg websm.cat 1 "
    Cannot write to file $WEBSM_PAM_FILE.
    Either permissions are missing or not a valid user"
  fi
  
  /bin/rm -f $WEBSM_PAM_FILE 2> /dev/null
 
  if [ $? != 0 ] ; then
   dspmsg websm.cat 1 "
    Couldn't delete the pam config file"
   exit 0
  fi

   dspmsg websm.cat 1 "Pam disabled successfully"
   
}
if [[ $# -eq 0 ]] ; then
  print_usage
fi

case $1 in 
  -enable)  	enable_pam  ;;
  -disable) 	disable_pam ;;
  *) 		print_usage ;;
esac

