/*
   audenable.c

   Description:
   Audenable activates the auditing for an interactive user by
   creating a shell with the AUD_PROC flag.
      
   Author:
   Olivier S. Masse,  omasse~at~mayoxide~dot~com   2004/11/30
   

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 
*/

#include <sys/audit.h>
#include <stdio.h>
#include <errno.h>
#include <unistd.h>
#include <pwd.h>
#include <stdlib.h>

#define BUFSIZE 1024
#define SHELLNAME_SIZE 128
#define VERSION "audenable v1.0 - 2004/11/30"
#define ENV_VARIABLE "AUDENABLE=1"

int main(int argc, char *argv[])
{
	struct passwd *pwd = NULL;
	struct passwd *result = NULL;
	char *shellName = NULL;
	int i = 0;
	int pos = 0;

	/* Print version number */
	if ((argc == 2) && (strncmp(argv[1], "-v", 3) == 0))
	{
		fprintf (stderr, "%s\n", VERSION);
		exit(1);
	}


	/* Get the parameters on the user account */
	pwd=getpwuid(getuid());
	if (pwd == NULL)
	{
 		fprintf(stderr, "getpwuid error: '%s'\n", strerror(errno));
		exit(1);
	}
	
	/* Enable auditing for the current process (and its children) */
	if (setaudproc(AUD_PROC) == -1)
	{
		fprintf(stderr, "setaudproc error: '%s'\n", strerror(errno));
		fprintf(stderr, "If the error is 'Not owner', confirm that this	binary is setuid root\n");
		exit(1);
	}

	/* Put back the effective user id to the calling user, or else the
	   shell will have root privileges! */
	if (setuid(getuid()) == -1)
	{
		fprintf(stderr, "setuid error: '%s'\n", strerror(errno));
		exit(1);
	}

	/* Get the name of the shell, then replace the name to map its first
	   character to '-' and remove the full pathname. For example,
	   "/usr/bin/ksh" will become "-ksh" */
	shellName = calloc(SHELLNAME_SIZE, sizeof(char));
	if (shellName == NULL)
	{
		fprintf(stderr, "shellName: memory allocation error.\n");
		exit(1);	
	}
	for (i = 0; i < strlen(pwd->pw_shell); i++)
	{
		if (pwd->pw_shell[i] == '/') 
			pos=i;
	}
	if (pos != 0) pos++;
	shellName[0] = '-';
	strncpy(shellName+1, pwd->pw_shell+pos, SHELLNAME_SIZE-1);
	
	/* Add the AUDENABLE=1 environment variable to the current environment */
	putenv(ENV_VARIABLE);

	/* Replace the current process with the user's shell. */
	if (execlp(pwd->pw_shell, shellName, (char *) 0) == -1)
	{
		fprintf(stderr, "execlp error: '%s'\n", strerror(errno));
		free(shellName);
		exit(1);
	}
	
	/* If the shell execution was a success, we should never get down here! */
	free(shellName);
	exit(0);
}