#!/bin/ksh
#
# logins: Sun Enterprise Server check - BB external script test
#
# version 1.0
# version 1.1 - updated 08-07-2002 to include sulog and sudo.log
# version 1.2 - updated 09-05-2002 to exclude HPUX btmp banner for restart
#
# BIG BROTHER / XXXXXXXXXXXXXXXX status
#
# Written by Paul A. Luzzi
#  on August 5, 2002
#

########################################
# NOTE
# This has been tested with BB 1.2b, 1.4h2, 1.5, 1.5a
# 
# Tested on 
#   Sun Ultra 5 thru E6500
#   HP-UX version 10.20 and later - 712 thru N4000
########################################

########################################
# INSTALLATION
#  step 1  - update the EXT section of the runbb.sh script to include this
#  step 2  - update the local bb-hosts to include this 
#  requires read access to the /var/adm/btmp on HP or /var/adm/loginlog on Sun
#  ...
########################################

##################################
# CONFIGURE IT HERE
##################################
DATE_CHECK=`$DATE | $CUT -c1-10`
SHORT_DATE=`$DATE | $CUT -c5-10`
OS_TYPE=`$UNAME -s`
export DATE_CHECK OS_TYPE SHORT_DATE

##################################
# Start of script
##################################

if test ! "$BBHOME"
then
	echo "template: BBHOME is not set"
	exit 1
fi

if test ! -d "$BBHOME"
then
	echo "template: BBHOME is invalid"
	exit 1
fi

if test ! "$BBTMP"                      # GET DEFINITIONS IF NEEDED
then
	echo "template: The BB environment is not set"
	exit 1
fi

#####
#####  Start of custom section added by Paul A. Luzzi
#####

#####
#####  Get Status proc - used to get all responses
#####
get_status() 
{

  #####
  #####  Setup any and all variables before beginning.
  #####

  #####
  #####  Purpose is to report back to a central server, all bad user login
  #####    information - mostly for management and security enforcement
  #####
  #####  Any problem areas should be highlighted in :
  #####    bold, italics, and colorized font.
  #####

  #####
  #####  Setup some variables for use later
  #####
  COLOR="green"

  #####
  #####  Grep for any occurences with today's date in bad login files
  #####
  case "$OS_TYPE" in
    HP-UX* )
      ##echo "OS_TYPE is HPUX"
      CATCH_COMMAND=` /usr/bin/lastb -R | $GREP "$DATE_CHECK" | $GREP -v "btmp begins" `
      RESULT="$?"
      HEADER_TITLE="<B>--- ( lastb -R | grep $DATE_CHECK ) ---</B>"
      ;;
    SunOS* )
      ##echo "OS_TYPE is Solaris"
      CATCH_COMMAND=` $GREP "$DATE_CHECK" /var/adm/loginlog `
      RESULT="$?"
      HEADER_TITLE="<B>--- ( grep $DATE_CHECK /var/adm/loginlog ) ---</B>"
      ;;
    * )
      ##echo "OS_TYPE is unmatched"
      COLOR="clear"
      CATCH_COMMAND=`echo \"Unsupported type of O/S - $OS_TYPE \" `
      RESULT="1"
      HEADER_TITLE="<B>--- ( Unsupported type of O/S - $OS_TYPE ) ---</B>"
      ;;
  esac

  echo "<P><DIV ALIGN=\"CENTER\"><HR>" 
  echo "<B>============== Bad Login Info ==============</B>"
  echo "$HEADER_TITLE"
  echo "<HR></DIV>" 
  echo "<BLOCKQUOTE>" 

  if [ "$RESULT" = "0" ]
    then
      COLOR="red"
      echo "<FONT COLOR=\"$COLOR\"><I>There are currently failed logins on $THIS_HOST : \n</I></FONT>"
      echo "$CATCH_COMMAND"
     else
      echo "No reported issues with bad logins today - so far."
    fi
  echo "</BLOCKQUOTE>" 

  #####
  #####  Now get bad sudo.log info
  #####
  echo "<P><DIV ALIGN=\"CENTER\"><HR>" 
  echo "<B>============== Bad SUDO Info ==============</B>"
  echo "<B>--- ( grep $SHORT_DATE /var/adm/sudo.log ) ---</B>"
  echo "<HR></DIV>" 
  echo "<BLOCKQUOTE>" 

  CATCH_COMMAND2=` $GREP "$SHORT_DATE" /var/adm/sudo.log | $EGREP -i "user not in sudoers|command not allowed" `
  RESULT="$?"
  if [ "$RESULT" = "0" ]
    then
      COLOR="red"
      echo "<FONT COLOR=\"$COLOR\"><I>There are failures in todays sudo log file on $THIS_HOST : \n</I></FONT>"
      echo "$CATCH_COMMAND2"
     else
      echo "No reported issues with sudo log today - so far."
    fi
  echo "</BLOCKQUOTE>" 

  #####
  #####  Make sure to export COLOR so that it gets back to "central"
  #####
  export COLOR

#####
#####  End of get_status proc
#####
}

#####
#####  Main body
#####
touch /tmp/$THIS_HOST.logins
$GREP $THIS_HOST $BBHOSTS | $GREP "logins" | 
while read line
  do
    if [ ! -z "$line" ]
      then
        echo "<BR><DIV ALIGN=\"CENTER\"><HR></DIV>" > /tmp/$THIS_HOST.logins
        echo "Status of bad logins on $THIS_HOST " >> /tmp/$THIS_HOST.logins
        echo "Captured : `$DATE` " >> /tmp/$THIS_HOST.logins
        get_status >> /tmp/$THIS_HOST.logins
        $BB $BBDISP "status $THIS_HOST.logins $COLOR `$DATE` `$CAT /tmp/$THIS_HOST.logins` "
      else
        COLOR="clear"
        $BB $BBDISP "status $THIS_HOST.logins $COLOR `$DATE` `$CAT /tmp/$THIS_HOST.logins` "
      fi
    done

#####
#####  End of custom section added by Paul A. Luzzi
#####
  
##############################################
# end of script
##############################################