#!/bin/sh
#
# A simple wrapper script to test for remote invocation of kinit.
# Rename kinit to kinit.bin and copy this script to kinit.
#

passreq=1		# Default assumption is "password required"
for x in "$@"		# Check the arguments
do
    case "$x" in
	-[kR]) passreq=0;;
    esac
done

test $passreq -ne 0 -a -c /dev/console -a ! -r /dev/console && {
  echo "******************************************************************" >&2
  echo "*** It seems you are about to type your password over the net. ***" >&2
  sleep 1
  echo "*** Are you SURE there's no other way to do this ?             ***" >&2
  sleep 1
  echo "*** If not, is your connection encrypted end-to-end ?          ***" >&2
  sleep 1
  echo "*** Talk with a guru or review the documentation at            ***" >&2
  echo "*** http://www.fnal.gov/docs/strongauth/html/user.html         ***" >&2
  echo "******************************************************************" >&2
  echo ""
  sleep 1
}
exec /usr/krb5/bin/kinit.bin $*
