remove.c

1. /*
2. REMOVE -- February 26, 1999
3. Simple Nomad -- Nomad Mobile Research Centre
4.  
5. Universal utmp, wtmp, and lastlog editor. Actually
6. removes, doesn't leave holes...
7.  
8. Compile "cc -o remove remove.c -DGENERIC" and run
9. as root. Use -DAIX instead of -DGENERIC for an AIX
10. machine. Use -DSCO instead of -DGENERIC for a SCO
11. machine.
12. */
13.  
14. #include <stdio.h>
15. #include <utmp.h>
16. #include <sys/types.h>
17. #include <unistd.h>
18. #include <fcntl.h>
19. #ifndef AIX
20. #include <lastlog.h>
21. #else
22. #include <login.h>
23. #endif
24. #include <pwd.h>
25.  
26. #ifdef AIX
27. #define WTMP "/var/log/wtmp"
28. #define UTMP "/etc/utmp"
29. #define LASTLOG "/etc/security/lastlog" /* Not a binary file in AIX, so */
30. /* handled a bit differently. */
31. char LogParam[7][30]=
32. {
33. "time_last_login=","tty_last_login=","host_last_login=",
34. "unsuccessful_login_count=","time_last_unsuccessful_login=",
35. "tty_last_unsuccessful_login=","host_last_unsuccessful_login="
36. };
37. #endif
38. #ifdef SCO
39. #define WTMP "/etc/wtmp" /* wtmp was here on the SCO box I accessed */
40. #define UTMP "/var/run/utmp"
41. #define LASTLOG "/var/log/lastlog"
42. #endif
43. #ifdef GENERIC /* Should work with Linux, IRIX, Digital Unix, BSDs, etc */
44. #define WTMP "/var/log/wtmp"
45. #define UTMP "/var/run/utmp"
46. #define LASTLOG "/var/log/lastlog"
47. #endif
48.  
49. void main(argc,argv)
50. int argc;
51. char *argv[];
52. {
53. int cleanWtmp(char *,int);
54. int cleanUtmp(char *,int);
55. int cleanLastlog(char *);
56. int getCount(char *,char *);
57. char line[10];
58. int killem, firstcnt, t;
59.  
60. if(argc!=2)
61. {
62. printf("Usage: %s acct\n",argv[0]);
63. exit(0);
64. }
65. firstcnt=getCount(WTMP,argv[1]); /* Get an initial count */
66. printf("\nREMOVE by Simple Nomad\nNomad Mobile Research Centre (c) 1999\n\n")
67. ;
68. printf("Found %d record(s) for user %s\n",firstcnt,argv[1]);
69. printf("Will attempt a lastlog cleanup by default.\n\n");
70. printf("# - remove last # records from utmp/wtmp\n");
71. printf("a - remove (a)ll records from utmp/wtmp\n");
72. printf("q - (q)uit program\n\n");
73. printf("Enter selection -> ");
74. gets(line);
75. if(line[0]==0x51 || line[0]==0x71) exit(0);
76. if(line[0]==0x41 || line[0]==0x61) killem=firstcnt;
77. else killem=atoi(line);
78. if (killem>firstcnt)
79. {
80. printf("You cannot delete %d records if only %d exist.\n",killem,firstcnt);
81. exit(-1);
82. }
83. t=cleanWtmp(argv[1],killem); /* Now to clean up utmp and wtmp */
84. if (t==1) {
85. printf("Trouble cleaning up %s.\n",WTMP);
86. exit(-1);
87. } else printf("REMOVE cleaned up %d record(s) from %s\n",killem,WTMP);
88. t=cleanUtmp(argv[1],killem);
89. if (t==1) {
90. printf("Trouble cleaning up %s.\n",UTMP);
91. exit(-1);
92. } else printf("REMOVE cleaned up %d record(s) from %s\n",killem,UTMP);
93. t=cleanLastlog(argv[1]); /* Make our attempt at lastlog */
94. if (t==1) {
95. printf("Trouble cleaning up %s.\n",LASTLOG); exit(-1);
96. }
97. printf("REMOVE cleaned up %s\n",LASTLOG);
98. } /* end main */
99.  
100. int getCount(fname,acct) /* Go check wtmp and find out how many records */
101. char *fname, *acct;
102. {
103. struct utmp utmp_ent;
104. int f,cnt=0;
105.  
106. if((f=open(fname,O_RDWR))>=0){
107. while(read(f,&utmp_ent,sizeof(utmp_ent)))if(!strncmp(utmp_ent.ut_name, acct
108. ,strlen(acct)))cnt++;
109. }
110. close(f);
111. return(cnt);
112. } /* end getCount */
113.  
114. int cleanWtmp(acct,killem)
115. char *acct;
116. int killem;
117. {
118. struct utmp utmp_ent;
119. int fd,count=0;
120. if((fd=open(WTMP,O_RDWR))>=0){
121. while(read(fd,&utmp_ent,sizeof(utmp_ent)))if(!strncmp(utmp_ent.ut_name,acct
122. ,strlen(acct)))count++;
123. lseek(fd,0,SEEK_SET);
124. while(read(fd,&utmp_ent,sizeof(utmp_ent))&&killem){
125. if(!strncmp(utmp_ent.ut_name,acct,strlen(acct))){
126. count--;
127. if(count+1<=killem){
128. bzero((char *)&utmp_ent,sizeof(utmp_ent));
129. lseek(fd,-(sizeof(utmp_ent)),SEEK_CUR);
130. write(fd,&utmp_ent,sizeof(utmp_ent));
131. killem--;
132. }
133. }
134. }
135. close(fd);
136. }
137. else return(1);
138. } /* end cleanWtmp */
139.  
140. int cleanUtmp(acct,killem)
141. char *acct;
142. int killem;
143. {
144. struct utmp utmp_ent;
145. int fd;
146. if((fd=open(UTMP,O_RDWR))>=0){
147. lseek(fd,0,SEEK_SET);
148. while(read(fd,&utmp_ent,sizeof(utmp_ent))&&killem){
149. if(!strncmp(utmp_ent.ut_name,acct,strlen(acct))){
150. if(killem>0){
151. bzero((char *)&utmp_ent,sizeof(utmp_ent));
152. lseek(fd,-(sizeof(utmp_ent)),SEEK_CUR);
153. write(fd,&utmp_ent,sizeof(utmp_ent));
154. killem--;
155. }
156. }
157. }
158. close(fd);
159. }
160. else return(1);
161. } /* end cleanUtmp */
162.  
163. int cleanLastlog(acct) /* The lastlog subroutine */
164. char *acct;
165. {
166. #ifdef AIX /* Quite a kludge for AIX, but what the fuck it works */
167. int t,i;
168. char entry[200];
169. for (i=0;i<7;i++)
170. {
171. sprintf(entry,"chsec -f %s -s %s -a %s>/dev/null",LASTLOG,acct,LogParam[i])
172. ;
173. t=system(entry);
174. printf("Return code for %s is %d\n",LogParam[i],t);
175. }
176. #else /* Normal binary lastlog cleanup */
177. struct passwd *pwd;
178. struct lastlog logit;
179. int f;
180. if((pwd=getpwnam(acct))){
181. if((f=open(LASTLOG,O_RDWR))>=0){
182. lseek(f,(long)pwd->pw_uid*sizeof(struct lastlog),0);
183. bzero((char *)&logit,sizeof(logit));
184. write(f,(char *)&logit,sizeof(logit));
185. close(f);
186. }
187. }
188. else return(1);
189. #endif
190. } /* end cleanLastlog */