6379926 audit_login.c and audit_mgrs.c are dead code

--HG--
rename : usr/src/lib/libbsm/common/audit_login.c => deleted_files/usr/src/lib/libbsm/common/audit_login.c
rename : usr/src/lib/libbsm/common/audit_mgrs.c => deleted_files/usr/src/lib/libbsm/common/audit_mgrs.c

7 files changed, 20 insertions, 1220 deletions

diff --git a/usr/src/cmd/bsmrecord/audit_record_attr.txt b/usr/src/cmd/bsmrecord/audit_record_attr.txt
index c6bc4b9e85..5eb025eaea 100644
--- a/usr/src/cmd/bsmrecord/audit_record_attr.txt
+++ b/usr/src/cmd/bsmrecord/audit_record_attr.txt
@@ -2,15 +2,14 @@
 # Two "#" are comments that are copied to audit_record_attr
 # other comments are removed.
 ##
-## Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+## Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
 ## Use is subject to license terms.
 ##
 ## CDDL HEADER START
 ##
 ## The contents of this file are subject to the terms of the
-## Common Development and Distribution License, Version 1.0 only
-## (the "License").  You may not use this file except in compliance
-## with the License.
+## Common Development and Distribution License (the "License").
+## You may not use this file except in compliance with the License.
 ##
 ## You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 ## or http://www.opensolaris.org/os/licensing.
@@ -1999,8 +1998,7 @@ label=AUE_create_user
     comment=path:
     comment=server:
     comment=permissions
-# see audit_mgrs.c
-# last used by AdminSuite 3.0; SMC uses new records types
+# Obsolete, last used by AdminSuite 3.0; SMC uses new records types
 
 label=AUE_cron_invoke
   program=/usr/sbin/cron
@@ -2058,22 +2056,19 @@ label=AUE_delete_user
   program=administration: delete user
   format=text1
     comment=uid
-# See audit_mgrs.c
-# last used by AdminSuite 3.0; SMC uses new records types
+# Obsolete, last used by AdminSuite 3.0; SMC uses new records types
 
 label=AUE_disable_user
   program=administration: disable user
   format=text1
     comment=uid
-# See audit_mgrs.c
-# last used by AdminSuite 3.0; SMC uses new records types
+# Obsolete, last used by AdminSuite 3.0; SMC uses new records types
 
 label=AUE_enable_user
   program=administration: enable user
   format=text1
     comment=uid
-# See audit_mgrs.c
-# last used by AdminSuite 3.0; SMC uses new records types
+# Obsolete, last used by AdminSuite 3.0; SMC uses new records types
 
 label=AUE_ftpd
   program=/usr/sbin/in.ftpd
@@ -2214,15 +2209,6 @@ label=AUE_login
   see=login(1);dtlogin
   format=text1
   comment=error message or "successful login"
-# See audit_login.c
-#	header,81,2,login - local,,Fri Nov 09 13:54:46 2001, + 150 msec
-#	subject,tuser1,tuser1,staff,tuser1,staff,322,322,0 0 tmach2
-#	text,invalid password
-#	return,failure: Interrupted system call,-1
-#	header,81,2,login - local,,Fri Nov 09 13:55:00 2001, + 550 msec
-#	subject,tuser1,tuser1,staff,tuser1,staff,342,342,0 0 tmach2
-#	text,successful login
-#	return,success,0
 
 label=AUE_logout
   title=login: logout
@@ -2230,11 +2216,6 @@ label=AUE_logout
   see=login(1)
   format=text1
   comment="logout" username
-# See audit_login.c
-#	header,81,2,logout,,Tue Oct 23 12:45:22 2001, + 197 msec
-#	subject,tuser1,tuser1,emacs,tuser1,emacs,23400,3451581082,24 7 tmach2
-#	text,logout tuser1
-#	return,success,0
 
 label=AUE_modify_user
   program=administration: modify user
@@ -2253,8 +2234,7 @@ label=AUE_modify_user
     comment=path:
     comment=server:
     comment=permissions
-# See audit_mgrs.c
-# last used by AdminSuite 3.0; SMC uses new records types
+# Obsolete, last used by AdminSuite 3.0; SMC uses new records types
 
 label=AUE_mountd_mount
   title=mountd: NFS mount
@@ -2404,19 +2384,6 @@ label=AUE_rlogin
   see=login(1) - rlogin
   format=[text]1
     comment=success/fail message
-# See audit_login.c
-#	header,81,2,login - rlogin,,Fri Nov 09 13:05:30 2001, + 483 msec
-#	subject,tuser2,tuser2,staff,tuser2,staff,10345,10345,24 18 tmach3
-#	text,invalid password
-#	return,failure: Interrupted system call,-1
-#	header,81,2,login - rlogin,,Fri Nov 09 13:05:39 2001, + 269 msec
-#	subject,tuser2,tuser2,staff,tuser2,staff,10345,10345,24 18 tmach3
-#	text,invalid password
-#	return,failure: Interrupted system call,-1
-#	header,81,2,login - rlogin,,Fri Nov 09 13:05:49 2001, + 94 msec
-#	subject,tuser2,tuser2,staff,tuser2,staff,10345,10345,255 197121 tmach3
-#	text,successful login
-#	return,success,0
 
 label=AUE_role_login
   program=SMC server
@@ -2546,11 +2513,6 @@ label=AUE_telnet
   see=login(1) - telnet
   format=[text]1
   comment=success/fail message
-# See audit_login.c
-#	header,81,2,login - telnet,,Fri Nov 09 13:49:44 2001, + 374 msec
-#	subject,tuser2,tuser2,staff,tuser2,staff,10409,10409,11856 196631 tmach3
-#	text,successful login
-#	return,success,0
 
 label=AUE_uadmin_solaris
   title=uadmin
diff --git a/usr/src/lib/libbsm/Makefile b/usr/src/lib/libbsm/Makefile
index 1170a18bb2..55ccf943e2 100644
--- a/usr/src/lib/libbsm/Makefile
+++ b/usr/src/lib/libbsm/Makefile
@@ -2,9 +2,8 @@
 # CDDL HEADER START
 #
 # The contents of this file are subject to the terms of the
-# Common Development and Distribution License, Version 1.0 only
-# (the "License").  You may not use this file except in compliance
-# with the License.
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
 #
 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 # or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
 # CDDL HEADER END
 #
 #
-# Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
 # Use is subject to license terms.
 #
 # ident	"%Z%%M%	%I%	%E% SMI"
@@ -68,9 +67,7 @@ OBJECTS=	adr.o \
 		audit_inetd.o \
 		audit_kadmind.o \
 		audit_krb5kdc.o \
-		audit_login.o \
 		audit_mountd.o \
-		audit_mgrs.o \
 		audit_newgrp.o \
 		audit_plugin.o \
 		audit_reboot.o \
diff --git a/usr/src/lib/libbsm/Makefile.com b/usr/src/lib/libbsm/Makefile.com
index fcbf87cc73..3a7318aa72 100644
--- a/usr/src/lib/libbsm/Makefile.com
+++ b/usr/src/lib/libbsm/Makefile.com
@@ -2,9 +2,8 @@
 # CDDL HEADER START
 #
 # The contents of this file are subject to the terms of the
-# Common Development and Distribution License, Version 1.0 only
-# (the "License").  You may not use this file except in compliance
-# with the License.
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
 #
 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 # or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
 # CDDL HEADER END
 #
 #
-# Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
 # Use is subject to license terms.
 #
 # ident	"%Z%%M%	%I%	%E% SMI"
@@ -51,9 +50,7 @@ OBJECTS=	adr.o \
 		audit_inetd.o \
 		audit_kadmind.o \
 		audit_krb5kdc.o \
-		audit_login.o \
 		audit_mountd.o \
-		audit_mgrs.o \
 		audit_newgrp.o \
 		audit_plugin.o \
 		audit_reboot.o \
diff --git a/usr/src/lib/libbsm/common/audit_login.c b/usr/src/lib/libbsm/common/audit_login.c
deleted file mode 100644
index e5673a6b1e..0000000000
--- a/usr/src/lib/libbsm/common/audit_login.c
+++ /dev/null
@@ -1,421 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
- * Use is subject to license terms.
- */
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
-#include <sys/systeminfo.h>
-#include <sys/param.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/systeminfo.h>
-#include <sys/stat.h>
-#include <sys/wait.h>
-#include <netinet/in.h>
-#include <netdb.h>
-#include <signal.h>
-
-#include <pwd.h>
-#include <stdlib.h>
-#include <shadow.h>
-#include <utmpx.h>
-#include <unistd.h>
-#include <string.h>
-
-#include <bsm/audit.h>
-#include <bsm/libbsm.h>
-#include <bsm/audit_uevents.h>
-#include <bsm/audit_record.h>
-#include <bsm/audit_private.h>
-#include <generic.h>
-
-#include <locale.h>
-
-static void audit_login_record();
-static void audit_login_session_setup();
-
-static void get_terminal_id();
-static void audit_login_logout();
-static int get_machine(uint32_t *, uint32_t *);
-static int selected();
-
-static char	sav_ttyn[512];
-static int	sav_rflag;
-static int	sav_hflag;
-static char	sav_name[512];
-static uid_t	sav_uid;
-static gid_t	sav_gid;
-static dev_t	sav_port;
-static uint32_t	sav_machine[4];
-static uint32_t	sav_iptype;
-static char	sav_host[512];
-
-int
-audit_login_save_flags(rflag, hflag)
-	int rflag, hflag;
-{
-
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	sav_rflag = rflag;
-	sav_hflag = hflag;
-	return (0);
-}
-
-int
-audit_login_save_host(host)
-	char *host;
-{
-	int rv;
-
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	(void) strncpy(sav_host, host, 511);
-	sav_host[511] = '\0';
-	rv = audit_login_save_machine();
-	return (rv);
-}
-
-int
-audit_login_save_ttyn(ttyn)
-	char *ttyn;
-{
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	(void) strncpy(sav_ttyn, ttyn, 511);
-	sav_ttyn[511] = '\0';
-	return (0);
-}
-
-int
-audit_login_save_port()
-{
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	sav_port = aug_get_port();
-	return (0);
-}
-
-int
-audit_login_save_machine()
-{
-	int rv;
-
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	rv = get_machine(&sav_machine[0], &sav_iptype);
-
-	return (rv);
-}
-
-int
-audit_login_save_pw(pwd)
-	struct passwd *pwd;
-{
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	if (pwd == NULL) {
-		sav_name[0] = '\0';
-		sav_uid = -1;
-		sav_gid = -1;
-	} else {
-		(void) strncpy(sav_name, pwd->pw_name, 511);
-		sav_name[511] = '\0';
-		sav_uid = pwd->pw_uid;
-		sav_gid = pwd->pw_gid;
-	}
-	return (0);
-}
-
-int
-audit_login_maxtrys()
-{
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	audit_login_record(1, dgettext(bsm_dom, "maxtrys"),
-		AUE_login);
-	return (0);
-}
-
-int
-audit_login_not_console()
-{
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	audit_login_record(2, dgettext(bsm_dom, "not_console"),
-		AUE_login);
-	return (0);
-}
-
-int
-audit_login_bad_pw()
-{
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	if (sav_uid == -1) {
-		audit_login_record(3, dgettext(bsm_dom,
-			"invalid user name"), AUE_login);
-	} else {
-		audit_login_record(4, dgettext(bsm_dom,
-			"invalid password"), AUE_login);
-	}
-	return (0);
-}
-
-int
-audit_login_bad_dialup()
-{
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	audit_login_record(5, dgettext(bsm_dom,
-		"invalid dialup password"), AUE_login);
-	return (0);
-}
-
-int
-audit_login_success()
-{
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	audit_login_session_setup();
-	audit_login_record(0, dgettext(bsm_dom,
-		"successful login"), AUE_login);
-	audit_login_logout();
-	return (0);
-}
-
-static void
-audit_login_record(typ, string, event_no)
-int	typ;
-char	*string;
-au_event_t event_no;
-{
-	int		ad, rc;
-	uid_t		uid;
-	gid_t		gid;
-	pid_t		pid;
-	au_tid_addr_t	tid;
-
-	uid = sav_uid;
-	gid = sav_gid;
-	pid = getpid();
-
-	get_terminal_id(&tid);
-
-	if (typ == 0) {
-		rc = 0;
-	} else {
-		rc = -1;
-	}
-
-	if (event_no == AUE_login) {
-		if (sav_hflag)  {
-			event_no = AUE_telnet;
-		}
-		if (sav_rflag) {
-			event_no = AUE_rlogin;
-		}
-	}
-
-	if (!selected(sav_name, uid, event_no, rc))
-		return;
-
-	ad = au_open();
-
-	(void) au_write(ad, au_to_subject_ex(uid, uid,
-		gid, uid, gid, pid, pid, &tid));
-	(void) au_write(ad, au_to_text(string));
-#ifdef _LP64
-	(void) au_write(ad, au_to_return64(typ, (int64_t)rc));
-#else
-	(void) au_write(ad, au_to_return32(typ, (int32_t)rc));
-#endif
-
-	rc = au_close(ad, AU_TO_WRITE, event_no);
-	if (rc < 0) {
-		perror("audit");
-	}
-}
-
-static void
-audit_login_session_setup()
-{
-	int	rc;
-	struct auditinfo_addr info;
-	au_mask_t mask;
-	struct auditinfo_addr now;
-
-	info.ai_auid = sav_uid;
-	info.ai_asid = getpid();
-	mask.am_success = 0;
-	mask.am_failure = 0;
-
-	(void) au_user_mask(sav_name, &mask);
-
-	info.ai_mask.am_success  = mask.am_success;
-	info.ai_mask.am_failure  = mask.am_failure;
-
-	/* see if terminal id already set */
-	if (getaudit_addr(&now, sizeof (now)) < 0) {
-		perror("getaudit");
-	}
-	/*
-	 * Don't allow even a privileged process to change terminal
-	 * info once it has been set
-	 */
-	if (now.ai_termid.at_port ||
-	    now.ai_termid.at_addr[0] ||
-	    now.ai_termid.at_addr[1] ||
-	    now.ai_termid.at_addr[2] ||
-	    now.ai_termid.at_addr[3]) {
-		info.ai_termid = now.ai_termid;
-		/* update terminal ID with real values */
-		sav_port   = now.ai_termid.at_port;
-		sav_iptype = now.ai_termid.at_type;
-		sav_machine[0] = now.ai_termid.at_addr[0];
-		sav_machine[1] = now.ai_termid.at_addr[1];
-		sav_machine[2] = now.ai_termid.at_addr[2];
-		sav_machine[3] = now.ai_termid.at_addr[3];
-	} else
-		get_terminal_id(&(info.ai_termid));
-
-	rc = setaudit_addr(&info, sizeof (info));
-	if (rc < 0) {
-		perror("setaudit");
-	}
-}
-
-
-static void
-get_terminal_id(tid)
-au_tid_addr_t *tid;
-{
-	tid->at_port = sav_port;
-	tid->at_type = sav_iptype;
-	tid->at_addr[0] = sav_machine[0];
-	tid->at_addr[1] = sav_machine[1];
-	tid->at_addr[2] = sav_machine[2];
-	tid->at_addr[3] = sav_machine[3];
-}
-
-static void
-audit_login_logout()
-{
-	int	ret; /* return value of wait() */
-	int	status; /* wait status */
-	pid_t pid; /* process id */
-
-	if ((pid = fork()) == 0) {
-		return;
-	} else if (pid == -1) {
-		(void) fputs(dgettext(bsm_dom,
-			"login: could not fork\n"), stderr);
-		exit(1);
-	} else {
-		char	textbuf[BSM_TEXTBUFSZ];
-
-		/*
-		 * When this routine is called, the current working
-		 * directory is the user's home directory. Change it
-		 * to root for the waiting process so that the user's
-		 * home directory can be unmounted if necessary.
-		 */
-		if (chdir("/") != 0) {
-			(void) fputs(dgettext(bsm_dom,
-				"login: could not chdir\n"), stderr);
-			/* since we let the child finish we just bail */
-			exit(0);
-		}
-
-		(void) sigset(SIGCHLD, SIG_DFL);
-		while ((ret = (int)wait(&status)) != pid && ret != -1);
-			/* keep waiting */
-		(void) snprintf(textbuf, sizeof (textbuf),
-			dgettext(bsm_dom, "logout %s"), sav_name);
-		audit_login_record(0, textbuf, AUE_logout);
-		exit(0);
-	}
-}
-
-static int
-get_machine(uint32_t *buf, uint32_t *iptype)
-{
-	int	rc;
-	char	hostname[256];
-	int stat;
-
-	if (sav_rflag || sav_hflag) {
-		stat = aug_get_machine(sav_host, buf, iptype);
-	} else {
-		rc = sysinfo(SI_HOSTNAME, hostname, 256);
-		if (rc < 0) {
-			perror("sysinfo");
-			return (0);
-		}
-		stat = aug_get_machine(hostname, buf, iptype);
-	}
-	return (stat);
-}
-
-
-static int
-selected(nam, uid, event, sf)
-char	*nam;
-uid_t uid;
-au_event_t event;
-int	sf;
-{
-	int	rc, sorf;
-	char	naflags[512];
-	struct au_mask mask;
-
-	mask.am_success = mask.am_failure = 0;
-	if (uid < 0) {
-		rc = getacna(naflags, 256); /* get non-attrib flags */
-		if (rc == 0)
-			(void) getauditflagsbin(naflags, &mask);
-	} else {
-		rc = au_user_mask(nam, &mask);
-	}
-
-	if (sf == 0) {
-		sorf = AU_PRS_SUCCESS;
-	} else {
-		sorf = AU_PRS_FAILURE;
-	}
-	rc = au_preselect(event, &mask, sorf, AU_PRS_REREAD);
-
-	return (rc);
-}
diff --git a/usr/src/lib/libbsm/common/audit_mgrs.c b/usr/src/lib/libbsm/common/audit_mgrs.c
deleted file mode 100644
index 768c71b204..0000000000
--- a/usr/src/lib/libbsm/common/audit_mgrs.c
+++ /dev/null
@@ -1,603 +0,0 @@
-/*
- * CDDL HEADER START
- *
- * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
- *
- * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
- * or http://www.opensolaris.org/os/licensing.
- * See the License for the specific language governing permissions
- * and limitations under the License.
- *
- * When distributing Covered Code, include this CDDL HEADER in each
- * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
- * If applicable, add the following below this CDDL HEADER, with the
- * fields enclosed by brackets "[]" replaced with your own identifying
- * information: Portions Copyright [yyyy] [name of copyright owner]
- *
- * CDDL HEADER END
- */
-/*
- * Copyright 2003 Sun Microsystems, Inc.  All rights reserved.
- * Use is subject to license terms.
- */
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
-#include <sys/types.h>
-#include <string.h>
-#include <stdlib.h>
-#include <bsm/audit.h>
-#include <bsm/audit_record.h>
-#include <bsm/audit_uevents.h>
-#include <bsm/libbsm.h>
-#include "generic.h"
-#include <netinet/in.h>
-#include <netdb.h>
-#include <pwd.h>
-#include <unistd.h>
-#include <libintl.h>
-#include <locale.h>
-#include <syslog.h>
-
-#ifdef C2_DEBUG
-#define	dprintf(x) { printf x; }
-#else
-#define	dprintf(x)
-#endif
-
-/* constant for user account enable/disable state change */
-
-#define	AC_STATE_UNCHANGED -99
-
-/* Constants used for password type interpretation in BSM auditing */
-
-#define	PWD_NONE_CODE		0
-#define	PWD_CLEARED_CODE	1
-#define	PWD_LOCKED_CODE		2
-#define	PWD_NORMAL_CODE		3
-#define	PWD_UNCHANGED_CODE	4
-
-#define	PWD_NONE_TEXT		"No password active"
-#define	PWD_CLEARED_TEXT	"Cleared until first login"
-#define	PWD_LOCKED_TEXT		"Account is locked"
-#define	PWD_NORMAL_TEXT		"Normal password active"
-
-static int  save_afunc();
-
-static char *saved_uid_p;
-static char *saved_username_p;
-static char *saved_gid_p;
-static char *saved_groups_p;
-static char *saved_shell_p;
-static char *saved_min_p;
-static char *saved_max_p;
-static char *saved_inactive_p;
-static char *saved_expire_p;
-static char *saved_warn_p;
-static char *saved_home_path_p;
-static char *saved_home_server_p;
-static char *saved_home_mode_p;
-static int   saved_passwd_type_code;
-
-#define	String_max 511
-static char		adm_name[String_max + 1];
-static uid_t		adm_uid;
-static uid_t		adm_euid;
-static char		adm_host[String_max + 1];
-static uint32_t		adm_session_id;
-
-static int taudit_user_dde_event_setup(au_event_t, char *);
-static int audit_user_generic(int);
-static int audit_users_modified_by_group_generic(char *, char *, int);
-static void admin_auth_init(char *, char *);
-static void admin_record(int, char *, au_event_t);
-static  int admin_selected(int, au_event_t);
-
-/*
- * Save user information to audit log as text tokens
- */
-
-static int
-save_afunc(int ad)
-{
-	char *local_passwd_type_string;
-
-	/* Work out the password type display string */
-
-	switch (saved_passwd_type_code) {
-	case PWD_CLEARED_CODE:
-		local_passwd_type_string = PWD_CLEARED_TEXT;
-		break;
-	case PWD_LOCKED_CODE:
-		local_passwd_type_string = PWD_LOCKED_TEXT;
-		break;
-	case PWD_NORMAL_CODE:
-		local_passwd_type_string = PWD_NORMAL_TEXT;
-		break;
-	case PWD_NONE_CODE:
-		local_passwd_type_string = PWD_NONE_TEXT;
-		break;
-	case PWD_UNCHANGED_CODE:
-		local_passwd_type_string = NULL;
-		break;
-	default:
-		/* Never reached, but if it is report as if none */
-		/* to flag a potential hole in security */
-		local_passwd_type_string = PWD_NONE_TEXT;
-		break;
-	}
-
-	if (saved_uid_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_uid_p));
-	}
-	if (saved_username_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_username_p));
-	}
-	if (saved_gid_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_gid_p));
-	}
-	if (saved_groups_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_groups_p));
-	}
-	if (saved_shell_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_shell_p));
-	}
-	if (local_passwd_type_string != NULL) {
-		(void) au_write(ad, au_to_text(local_passwd_type_string));
-	}
-	if (saved_min_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_min_p));
-	}
-	if (saved_max_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_max_p));
-	}
-	if (saved_inactive_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_inactive_p));
-	}
-	if (saved_expire_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_expire_p));
-	}
-	if (saved_warn_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_warn_p));
-	}
-	if (saved_home_path_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_home_path_p));
-	}
-	if (saved_home_server_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_home_server_p));
-	}
-	if (saved_home_mode_p != NULL) {
-		(void) au_write(ad, au_to_text(saved_home_mode_p));
-	}
-
-	return (0);
-}
-
-/*
- * Set up data for audit of user Delete/Disable or Enable Event
- */
-
-int
-audit_user_dde_event_setup(char *uid_p)
-{
-	return (taudit_user_dde_event_setup(AUE_delete_user, uid_p));
-}
-
-static int
-taudit_user_dde_event_setup(au_event_t id, char *uid_p)
-{
-	dprintf(("taudit_user_dde_event_setup()\n"));
-
-	if (cannot_audit(0)) {
-		return (0);
-	}
-
-	(void) aug_init();
-
-	aug_save_event(id);
-	aug_save_text(uid_p);
-
-	(void) aug_save_me();
-
-	return (0);
-}
-
-/*
- * Audit successful or failed user create
- */
-
-int
-audit_user_create_event(char *uid_p,
-				char *username_p,
-				char *gid_p,
-				char *groups_p,
-				char *shell_p,
-				char *min_p,
-				char *max_p,
-				char *inactive_p,
-				char *expire_p,
-				char *warn_p,
-				char *home_path_p,
-				char *home_server_p,
-				char *home_mode_p,
-				int  passwd_type_code,
-				int  ac_disabled,
-				int  status)
-
-{
-	dprintf(("audit_user_create_event()\n"));
-
-	if (cannot_audit(0)) {
-		return (0);
-	}
-
-	saved_uid_p 		= uid_p;
-	saved_username_p 	= username_p;
-	saved_gid_p 		= gid_p;
-	saved_groups_p 		= groups_p;
-	saved_shell_p 		= shell_p;
-	saved_min_p 		= min_p;
-	saved_max_p 		= max_p;
-	saved_inactive_p 	= inactive_p;
-	saved_expire_p 		= expire_p;
-	saved_warn_p 		= warn_p;
-	saved_home_path_p 	= home_path_p;
-	saved_home_server_p 	= home_server_p;
-	saved_home_mode_p 	= home_mode_p;
-	saved_passwd_type_code	= passwd_type_code;
-
-	(void) aug_init();
-
-	aug_save_event(AUE_create_user);
-
-	(void) aug_save_me();
-
-	aug_save_afunc(save_afunc);
-
-	if (status != 0) {
-		(void) audit_user_generic(-1);
-	} else {
-		(void) audit_user_generic(0);
-	}
-
-	if (ac_disabled != AC_STATE_UNCHANGED) {
-		if (ac_disabled) {
-			(void) taudit_user_dde_event_setup(AUE_disable_user,
-			    saved_uid_p);
-		} else {
-			(void) taudit_user_dde_event_setup(AUE_enable_user,
-			    saved_uid_p);
-		}
-
-		if (status != 0) {
-			(void) audit_user_generic(-1);
-		} else {
-			(void) audit_user_generic(0);
-		}
-	}
-
-	return (0);
-}
-
-/*
- * Audit user modification
- */
-
-int
-audit_user_modify_event(char *uid_p,
-				char *username_p,
-				char *gid_p,
-				char *groups_p,
-				char *shell_p,
-				char *min_p,
-				char *max_p,
-				char *inactive_p,
-				char *expire_p,
-				char *warn_p,
-				char *home_path_p,
-				char *home_server_p,
-				int  passwd_type_code,
-				int  ac_disabled,
-				int  status)
-
-{
-	dprintf(("audit_user_modify_event()\n"));
-
-	if (cannot_audit(0)) {
-		return (0);
-	}
-
-	saved_uid_p 		= uid_p;
-	saved_username_p 	= username_p;
-	saved_gid_p 		= gid_p;
-	saved_groups_p 		= groups_p;
-	saved_shell_p 		= shell_p;
-	saved_min_p 		= min_p;
-	saved_max_p 		= max_p;
-	saved_inactive_p 	= inactive_p;
-	saved_expire_p 		= expire_p;
-	saved_warn_p 		= warn_p;
-	saved_home_path_p 	= home_path_p;
-	saved_home_server_p 	= home_server_p;
-	saved_home_mode_p 	= NULL;
-	saved_passwd_type_code	= passwd_type_code;
-
-	(void) aug_init();
-
-	aug_save_event(AUE_modify_user);
-
-	(void) aug_save_me();
-
-	aug_save_afunc(save_afunc);
-
-	if (status != 0) {
-		(void) audit_user_generic(-1);
-	} else {
-		(void) audit_user_generic(0);
-	}
-
-	if (ac_disabled != AC_STATE_UNCHANGED) {
-		if (ac_disabled) {
-			(void) taudit_user_dde_event_setup(AUE_disable_user,
-			    saved_uid_p);
-		} else {
-			(void) taudit_user_dde_event_setup(AUE_enable_user,
-			    saved_uid_p);
-		}
-
-		if (status != 0) {
-			(void) audit_user_generic(-1);
-		} else {
-			(void) audit_user_generic(0);
-		}
-	}
-
-	return (0);
-}
-
-int
-audit_delete_user_fail()
-{
-	return (audit_user_generic(-1));
-}
-
-int
-audit_delete_user_success()
-{
-	return (audit_user_generic(0));
-}
-
-static int
-audit_user_generic(int sorf)
-{
-	dprintf(("audit_user_generic(%d)\n", sorf));
-
-	if (cannot_audit(0)) {
-		return (0);
-	}
-
-	aug_save_sorf(sorf);
-	(void) aug_audit();
-
-	return (0);
-}
-
-int
-audit_users_modified_by_group_success(char *unique_members, char *ID)
-{
-	return (audit_users_modified_by_group_generic(unique_members, ID, 0));
-}
-
-int
-audit_users_modified_by_group_fail(char *members, char *ID)
-{
-	return (audit_users_modified_by_group_generic(members, ID, -1));
-}
-
-static int
-audit_users_modified_by_group_generic(char *member_list, char *ID, int sorf)
-{
-	char *member_start;
-	char *member_finish;
-	int  member_len;
-	char *member;
-
-	member_start = member_list;
-	member_finish = member_list;
-
-	while (member_finish != NULL) {
-		member_finish = strchr(member_start, ',');
-		if (member_finish == NULL) {
-			(void) audit_user_modify_event(NULL,
-						member_start,
-						ID,
-						NULL,
-						NULL,
-						NULL,
-						NULL,
-						NULL,
-						NULL,
-						NULL,
-						NULL,
-						NULL,
-						PWD_UNCHANGED_CODE,
-						AC_STATE_UNCHANGED,
-						sorf);
-		}
-		else
-		{
-			member_len = member_finish - member_start;
-			member = (char *)malloc(member_len + 1);
-
-			if (member != NULL) {
-				(void) strncpy(member, member_start,
-				    member_len);
-				member[member_len] = '\0';
-
-				(void) audit_user_modify_event(NULL,
-							member,
-							ID,
-							NULL,
-							NULL,
-							NULL,
-							NULL,
-							NULL,
-							NULL,
-							NULL,
-							NULL,
-							NULL,
-							PWD_UNCHANGED_CODE,
-							AC_STATE_UNCHANGED,
-							sorf);
-
-				free(member);
-			}
-
-			member_start = member_finish + 1;
-		}
-
-	}
-	return (0);
-}
-
-/*
- * Record result of administrator authentication
- */
-
-int
-audit_admin_auth_fail(char *user_name, char *host, int fail_status)
-{
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	adm_session_id = 0;
-
-	admin_auth_init(user_name, host);
-
-	if (fail_status == -1) {
-		admin_record(1, dgettext(bsm_dom, "invalid user name"),
-				AUE_admin_authenticate);
-	} else {
-		admin_record(2, dgettext(bsm_dom, "invalid password"),
-				AUE_admin_authenticate);
-	}
-	return (0);
-}
-
-int
-audit_admin_auth_success(char *user_name, char *host, uint32_t session_id)
-{
-	if (cannot_audit(0)) {
-		return (0);
-	}
-	admin_auth_init(user_name, host);
-
-	adm_session_id = session_id;
-
-	admin_record(0, dgettext(bsm_dom, "successful authentication"),
-				AUE_admin_authenticate);
-	return (0);
-}
-
-static
-void
-admin_auth_init(char *user_name, char *host)
-{
-	struct passwd *pwd;
-
-	adm_uid = getuid();
-
-	(void) strncpy(adm_name, user_name, sizeof (adm_name) - 1);
-
-	pwd = getpwnam(user_name);
-	if (pwd == NULL) {
-		adm_name[0] = '\0';
-		adm_euid = -1;
-	} else {
-		adm_name[String_max] = '\0';
-		adm_euid = pwd->pw_uid;
-	}
-
-	(void) strncpy(adm_host, host, sizeof (adm_host) - 1);
-	adm_host[String_max] = '\0';
-}
-
-static void
-admin_record(int type, char *string, au_event_t event)
-{
-	int		ad, rc;
-	pid_t		pid;
-	au_tid_addr_t	tid;
-
-	rc = (type == 0) ? 0 : -1;
-	if (!admin_selected(rc, event))
-		return;
-
-	pid = getpid();
-
-	(void) aug_get_machine(adm_host, &(tid.at_addr[0]), &(tid.at_type));
-	tid.at_port = 0;	/* not known */
-
-	ad = au_open();
-
-	/*
-	 * to be consistent with admin_login, use uid, not gid...
-	 */
-	(void) au_write(ad, au_to_subject_ex(adm_euid, adm_uid,
-				adm_uid, adm_uid, adm_uid,
-				pid, adm_session_id, &tid));
-	(void) au_write(ad, au_to_text(string));
-
-	/*
-	 * rc and type are reversed from how login works, but
-	 * the output from praudit is correct for this code
-	 * and wrong for login.
-	 */
-#ifdef _LP64
-	(void) au_write(ad, au_to_return64((int64_t)rc, type));
-#else
-	(void) au_write(ad, au_to_return32((int32_t)rc, type));
-#endif
-
-	rc = au_close(ad, AU_TO_WRITE, event);
-	if (rc < 0) {
-		openlog("BSM-adminsuite", LOG_PID | LOG_CONS, LOG_AUTH);
-		(void) setlogmask(LOG_UPTO(LOG_ALERT));
-		syslog(LOG_ALERT, "au_close call failed: %m");
-		closelog();
-	}
-}
-
-static
-int
-admin_selected(int sf, au_event_t event)
-{
-	int	rc, sorf;
-	char	naflags[String_max + 1];
-	struct au_mask mask;
-
-	mask.am_success = mask.am_failure = 0;
-	if (adm_euid < 0) {		/* get non-attrib flags */
-		rc = getacna(naflags, sizeof (naflags) - 1);
-		if (rc) {
-			return (rc);	/* don't audit if error */
-		}
-		rc = getauditflagsbin(naflags, &mask);
-	} else {
-		rc = au_user_mask(adm_name, &mask);
-	}
-	if (rc != 0) {
-		return (0);		/* audit if error */
-	}
-
-	if (sf == 0) {
-		sorf = AU_PRS_SUCCESS;
-	} else {
-		sorf = AU_PRS_FAILURE;
-	}
-	rc = au_preselect(event, &mask, sorf, AU_PRS_REREAD);
-
-	return (rc);
-}
diff --git a/usr/src/lib/libbsm/common/audit_private.h b/usr/src/lib/libbsm/common/audit_private.h
index fb448871c8..07e7728c5f 100644
--- a/usr/src/lib/libbsm/common/audit_private.h
+++ b/usr/src/lib/libbsm/common/audit_private.h
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  *
  * Do not add to this file unless it is to cover an existing private
@@ -179,23 +178,6 @@ extern	int	audit_reboot_success(void);
 extern	int	audit_reboot_fail(void);
 
 /*
- * audit_login.c
- * login
- */
-extern	int	audit_login_save_flags(int, int);
-extern	int	audit_login_save_host(char *);
-extern	int	audit_login_save_ttyn(char *);
-extern	int	audit_login_save_port(void);
-extern	int	audit_login_save_machine(void);
-extern	int	audit_login_success(void);
-extern	int	audit_login_save_pw(struct passwd *);
-extern	int	audit_login_bad_pw(void);
-extern	int	audit_login_maxtrys(void);
-extern	int	audit_login_not_console(void);
-extern	int	audit_login_bad_dialup(void);
-extern	int	audit_login_maxtrys(void);
-
-/*
  * audit_newgrp.c
  * newgrp
  */
diff --git a/usr/src/lib/libbsm/spec/private.spec b/usr/src/lib/libbsm/spec/private.spec
index cdafa7c582..1435ae29e9 100644
--- a/usr/src/lib/libbsm/spec/private.spec
+++ b/usr/src/lib/libbsm/spec/private.spec
@@ -1,13 +1,12 @@
 #
-# Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
 # Use is subject to license terms.
 #
 # CDDL HEADER START
 #
 # The contents of this file are subject to the terms of the
-# Common Development and Distribution License, Version 1.0 only
-# (the "License").  You may not use this file except in compliance
-# with the License.
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
 #
 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 # or http://www.opensolaris.org/os/licensing.
@@ -369,72 +368,6 @@ declaration	int audit_settid(int fd)
 version		SUNWprivate_1.1
 end
 
-function	audit_login_bad_dialup
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_login_bad_dialup(void)
-version		SUNWprivate_1.1
-end		
-
-function	audit_login_bad_pw
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_login_bad_pw(void)
-version		SUNWprivate_1.1
-end		
-
-function	audit_login_maxtrys
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_login_maxtrys(void)
-version		SUNWprivate_1.1
-end		
-
-function	audit_login_not_console
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_login_not_console(void)
-version		SUNWprivate_1.1
-end		
-
-function	audit_login_save_flags
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_login_save_flags(int rflag, int hflag)
-version		SUNWprivate_1.1
-end		
-
-function	audit_login_save_host
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_login_save_host(char *host)
-version		SUNWprivate_1.1
-end		
-
-function	audit_login_save_machine
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_login_save_machine(void)
-version		SUNWprivate_1.1
-end		
-
-function	audit_login_save_port
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_login_save_port(void)
-version		SUNWprivate_1.1
-end		
-
-function	audit_login_save_pw
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_login_save_pw(struct passwd *pwd)
-version		SUNWprivate_1.1
-end		
-
-function	audit_login_save_ttyn
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_login_save_ttyn(char *ttyn)
-version		SUNWprivate_1.1
-end		
-
-function	audit_login_success
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_login_success(void)
-version		SUNWprivate_1.1
-end		
-
 function	audit_mountd_mount
 include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
 declaration	void audit_mountd_mount(char *clname, char *path, int success)
@@ -933,53 +866,6 @@ declaration	int audit_crontab_process_not_audited()
 version		SUNWprivate_1.1
 end		
 
-function	audit_delete_user_fail
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-version		SUNWprivate_1.1
-end		
-
-function	audit_delete_user_success
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-version		SUNWprivate_1.1
-end		
-
-function	audit_user_create_event
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-version		SUNWprivate_1.1
-end		
-
-function	audit_user_dde_event_setup
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-version		SUNWprivate_1.1
-end		
-
-function	audit_user_modify_event
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-version		SUNWprivate_1.1
-end		
-
-function	audit_users_modified_by_group_fail
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-version		SUNWprivate_1.1
-end		
-
-function	audit_users_modified_by_group_success
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-version		SUNWprivate_1.1
-end		
-
-function	audit_admin_auth_fail
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_admin_auth_fail(char *user_name, char *host, int status)
-version		SUNWprivate_1.1
-end		
-
-function	audit_admin_auth_success
-include		<sys/types.h>, <bsm/audit.h>, <bsm/libbsm.h>, <bsm/audit_record.h>, <bsm/devices.h>, <pwd.h>
-declaration	int audit_admin_auth_success(char *user_name, char *host, uint32_t session_ID)
-version		SUNWprivate_1.1
-end		
-
 function	audit_newgrp_login
 include		<sys/types.h>, <bsm/audit.h>, <bsm/audit_uevents.h>, <stdio.h>, <bsm/libbsm.h> 
 declaration	void audit_newgrp_login(char *, int)