:
#	@(#) mkrmuser 23.4 91/08/29 
#
#	Copyright (C) 1990-1991 The Santa Cruz Operation, Inc.
#	and SecureWare, Inc.	All Rights Reserved.
#	The information in this file is provided for the exclusive use of
#	the licensees of The Santa Cruz Operation, Inc.  Such users have the
#	right to use, modify, and incorporate this code into other products
#	for purposes authorized by the license agreement provided they include
#	this notice and the associated copyright notice with any such product.
#	The information in this file is provided "AS IS" without warranty.
#
# rmuser	--  Removes accounts from the system
#
# Usage: rmuser [ userlist ]
#
# where userlist is a list of space separated account names to be removed.
# If userlist is not supplied then standard in is read.
#

TMPFILE="/tmp/users$$"

# cleanup() - remove username holding file and exit
cleanup() { /bin/rm -f "$TMPFILE"; exit 1; }

# store - store an account name in the holding file
store() { if /bin/who | /bin/grep "$1" >/dev/null
then echo "$0: $1 is logged in so cannot be removed"
else /bin/echo "$1" >> "$TMPFILE"; fi; }

trap '/bin/echo "$0: Stopped"; cleanup;' 1 2 3 15 

# test if system is in "relaxed" mode w.r.t security
[ -f /etc/auth/system/default ] || \
	{ /bin/echo "$0:/etc/auth/system/default not readable" ; exit 1; }

/bin/grep REUSEUID=YES /etc/default/login 2>&1 > /dev/null || \
	{ /bin/echo "$0: The system is in a secure mode -
	to protect against reusing uids, users may not be removed."
	  exit 1; }

# use any command line arguments as account names
[ "$#" != "0" ] && 
{ > "$TMPFILE"; while [ -n "$1" ]; do store "$1"; shift; done; }

# if no command line arguments then read stdin for account names
[ -f "$TMPFILE" ] || { while read user; do [ -n "$user" ] && store "$user"; 
			done; }

# lock /etc/passwd and remove users from /etc/passwd and 
# protected password database
[ -x /tcb/bin/ale ] || { /bin/echo "$0:/tcb/bin/ale is not executable"
			 cleanup; }
[ -s "$TMPFILE" ] && { /tcb/bin/ale /etc/passwd rmpasswd < "$TMPFILE" || 
		       cleanup; }

# if present, lock /etc/shadow and remove users from it
[ -s "$TMPFILE" ] && [ -f /etc/shadow ] &&
	{ /tcb/bin/ale /etc/shadow rmshadow < "$TMPFILE" || 
		       cleanup;}

# lock /etc/group and remove users from /etc/group
[ -s "$TMPFILE" ] && { /tcb/bin/ale /etc/group rmgroup < "$TMPFILE" || 
		       cleanup;}

# rebuild the protected subsystem database
[ -x /tcb/bin/authck ] || { /bin/echo "$0:/tcb/bin/authck not executable"; 
			    exit 1; }
[ -s "$TMPFILE" ] && { /tcb/bin/authck -sy 2>&1 >/dev/null || 
		       cleanup; }

# finished with the user holding file so delete it now
/bin/rm -rf "$TMPFILE"

exit 0
