From 19d701ddf07d855128ded0cf2b573ce468e3bdd6 Mon Sep 17 00:00:00 2001
From: Ashlee Young <ashlee@wildernessvoice.com>
Date: Wed, 20 Jan 2016 01:10:01 +0000
Subject: Removing Suricata and Audit from source repo, and updated build.sh to
 avoid building suricata. Will re-address this in C release via tar balls.

Change-Id: I3710076f8b7f3313cb3cb5260c4eb0a6834d4f6e
Signed-off-by: Ashlee Young <ashlee@wildernessvoice.com>
---
 framework/src/audit/tools/aulastlog/aulastlog.c | 169 ------------------------
 1 file changed, 169 deletions(-)
 delete mode 100644 framework/src/audit/tools/aulastlog/aulastlog.c

(limited to 'framework/src/audit/tools/aulastlog/aulastlog.c')

diff --git a/framework/src/audit/tools/aulastlog/aulastlog.c b/framework/src/audit/tools/aulastlog/aulastlog.c
deleted file mode 100644
index c51b1efb..00000000
--- a/framework/src/audit/tools/aulastlog/aulastlog.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * aulastlog.c - A lastlog program based on audit logs 
- * Copyright (c) 2008-2009,2011 Red Hat Inc., Durham, North Carolina.
- * All Rights Reserved.
- *
- * This software may be freely redistributed and/or modified under the
- * terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 2, or (at your option) any
- * later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; see the file COPYING. If not, write to the
- * Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- *
- * Authors:
- *   Steve Grubb <sgrubb@redhat.com>
- */
-
-#include <stdio.h>
-#include <locale.h>
-#include <string.h>
-#include <errno.h>
-#include <pwd.h>
-#include "auparse.h"
-#include "aulastlog-llist.h"
-
-void usage(void)
-{
-	fprintf(stderr, "usage: aulastlog [--stdin] [--user name]\n");
-}
-
-int main(int argc, char *argv[])
-{
-	int i, use_stdin = 0;
-	char *user = NULL;
-	struct passwd *p;
-        auparse_state_t *au;
-	llist l;
-
-        setlocale (LC_ALL, "");
-	for (i=1; i<argc; i++) {
-		if ((strcmp(argv[i], "--user") == 0) || 
-				(strcmp(argv[i], "-u") == 0)) {
-			i++;
-			if (i<argc)
-				user = argv[i];
-			else {
-				usage();
-				return 1;
-			}
-		} else if (strcmp(argv[i], "--stdin") == 0) {
-			use_stdin = 1;
-		} else {
-			usage();
-			return 1;
-		}
-	}
-
-	list_create(&l);
-
-	// Stuff linked lists with all users 
-	while ((p = getpwent()) != NULL) {
-		lnode n;
-
-		n.sec = 0;
-		n.uid = p->pw_uid;
-		n.name = p->pw_name;
-		n.host = NULL;
-		n.term = NULL;
-		if (user == NULL)
-			list_append(&l, &n);
-		else if (strcmp(user, p->pw_name) == 0)
-			list_append(&l, &n);
-	}
-	endpwent();
-
-	if (user && list_get_cnt(&l) == 0) {
-		printf("Unknown User: %s\n", user);
-		return 1;
-	}
-
-	// Search for successful user logins
-	if (use_stdin)
-		au = auparse_init(AUSOURCE_FILE_POINTER, stdin);
-	else
-		au = auparse_init(AUSOURCE_LOGS, NULL);
-	if (au == NULL) {
-		printf("Error - %s\n", strerror(errno));
-		goto error_exit_1;
-	}
-	if (ausearch_add_item(au, "type", "=", "USER_LOGIN",
-						 AUSEARCH_RULE_CLEAR)){
-		printf("ausearch_add_item error - %s\n", strerror(errno));
-		goto error_exit_2;
-	}
-	if (ausearch_add_item(au, "res", "=", "success",
-						 AUSEARCH_RULE_AND)){
-		printf("ausearch_add_item error - %s\n", strerror(errno));
-		goto error_exit_2;
-	}
-	if (ausearch_set_stop(au, AUSEARCH_STOP_RECORD)){
-		printf("ausearch_set_stop error - %s\n", strerror(errno));
-		goto error_exit_2;
-        }
-
-	// Now scan the logs and append events
-	while (ausearch_next_event(au) > 0) {
-		const au_event_t *e = auparse_get_timestamp(au);
-		if (auparse_find_field(au, "auid")) {
-			uid_t u = auparse_get_field_int(au);
-			list_first(&l);
-			if (list_find_uid(&l, u)) {
-				const char *str;
-
-				list_update_login(&l, e->sec);
-				str = auparse_find_field(au, "hostname");
-				if (str) 
-					list_update_host(&l, str);
-				str = auparse_find_field(au, "terminal");
-				if (str)
-					list_update_term(&l, str);
-			}
-		}
-		if (auparse_next_event(au) < 0)
-			break;
-	}
-        auparse_destroy(au);
-
-	// Now output the report
-	printf( "Username         Port         From"
-		"                       Latest\n");
-	list_first(&l);
-	do {
-		char tmp[48];
-		const char *c, *h, *t;
-		lnode *cur = list_get_cur(&l);
-		if (cur->sec == 0)
-			c = "**Never logged in**";
-		else {
-			struct tm *btm;
-
-			btm = localtime(&cur->sec);
-			strftime(tmp, sizeof(tmp), "%x %T", btm);
-			c = tmp;
-		}
-		h = cur->host;
-		if (h == NULL)
-			h = "";
-		t = cur->term;
-		if (t == NULL)
-			t = "";
-		printf("%-16s %-12.12s %-26.26s %s\n", cur->name, t, h, c);
-	} while (list_next(&l));
-	
-	list_clear(&l);
-	return 0;
-
-error_exit_2:
-        auparse_destroy(au);
-error_exit_1:
-	list_clear(&l);
-	return 1;
-}
-
-- 
cgit 1.2.3-korg