#!/bin/sh
#
# The following script removes the 'auditconfig -aconf' string from 
# /etc/security/audit_startup.
#
#     


PATID_NEW=109007
NOUNDO_NEW=10    #when postbackout was introduced in this patch
                 #this patch acc/obs 108875

PATID=108875
NOUNDO=12        #when postbackout was introduced in this patch

PKG_INSTALL_ROOT=$ROOTDIR

INFO="$PKG_INSTALL_ROOT/var/sadm/pkg/SUNWcsr/pkginfo"
pids=`egrep '^PATCHLIST' $INFO | nawk -F= '{print $2}'`  #Find highest rev 

fix_audit () {

STARTUP=$ROOTDIR/etc/security/audit_startup

# Check to see if the audit_startup file exists

if [ -f ${STARTUP} ]; then

    # If audit_startup exists, check if the 'aconf' string already present

    /usr/bin/grep '\-aconf' $STARTUP >/dev/null 2>&1

    # If 'aconf' string present, we remove the related auditconfig line

    if [ "$?" -eq "0" ]; then
        /usr/bin/grep -v '\-aconf' $STARTUP > $STARTUP.tmp
        /usr/bin/mv $STARTUP.tmp $STARTUP
        /usr/bin/chmod 0744 $STARTUP
    fi
fi

}

# First check to see if a version of the
# new patchid is still on the system.  Exit if
# rev 10 or greater is there.  If not, continue
# to check for 108875 in next section.
#

if echo "$pids" | grep 109007  > /dev/null 2>&1
then
   for i in `echo $pids`; do
        echo $i | egrep -s $PATID_NEW || continue
        rev_new=`expr //$i : '.*-\(.*\)'`
        #No edits for rev-10 or higher
        [ $rev_new -ge $NOUNDO_NEW ] && exit
  done

fi

# Continue to check if a version of 108875 is on
# the system.

for i in `echo $pids`; do
        echo $i | egrep -s $PATID || continue
        rev=`expr //$i : '.*-\(.*\)'`
        #No edits for rev-12 or higher
        [ $rev -ge $NOUNDO ] && exit
done


fix_audit   

exit 0
