#!/usr/bin/perl
#
####################################################################### 
# Assumptions: 
#	-All filenames are "normal" and do not contain spaces.
#	-There are at least 15 files in /var/log so I can use that as 
#        a threshhold for find.
#	-It is better to print more than the 10 required files if the 
#	 last group of files has the same timestamp.
#	-I am NOT running updatedb to get recent files since that 
#	 makes a change to the filesystem, and I do not know if that 
#	 is allowed, and whether or not it is up to date anyways.
#	-I am assuming that there ARE files in /var/log and in /etc/
#	-I am assuming that files are named "Normally".  All files 
#	 have standard alphanumeric characters and no spaces in the 
#	 filenames.
#	-I am assuming fileutils and perl are installed.
#	-Files with a modification date in the future are in error
#	 and are purposely ignored.
#
# Problems with the requirements:
#	-Requirements were for "Most recently created" which is not 
#	 stored on a standard linux box.  I am substituting most 
#	 recently modified.
#	-Nothing about journaling being enabled or not.
#	-Did not state whether or not the "Locate" database was up to 
#	 date, and whether or not that could be updated as part of 
#	 find recently created files.
#	-Did not state size of file system, approximate number of 
#	 files.
#	-Did not state the machine's recent power-on history
#	-Did not state what the machine was used for (workstation,
#	 webserver, database server, mail server, etc.
#	-Did not state the amount of RAM.

$time = time;

open (LS, "/bin/ls -t /var/log|") || die "can not run /bin/ls\n";
$counter=1;
$path="/var/log";
while (<LS>){
	$counter ++;
	$file=$_;
	if ($counter >15) {last};
}
close (LS);
chop;

if ($counter<16){
	$path="/etc";
	open (LS, "/bin/ls -t /etc|") || die "can not run /bin/ls\n";
	$counter=1;
	while (<LS>){
		$counter ++;
		$file=$_;
		if ($counter >15) {last};
	}
	close (LS);
}
chop;
$threshold_file=$_;

($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks) = stat("$path/$threshold_file");
$threshold_mtime=$mtime;
$difference=$time-$threshold_mtime;
$days=int((193468/60/60/24))+1 ;

open (FIND, "find /boot / -mount -mtime -$days -type f |") || die "can not run find\n";
while (<FIND>){
	chop;
	($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks) = stat($_);
	if ($mtime < $threshold_mtime){next;}
	if ($mtime <= $time){
		$FileTimes{$mtime}.="$_ ";
	}
}
close (FIND);

$counter=0;
foreach (reverse sort keys %FileTimes ){
	$count=@array=split(/ /,$FileTimes{$_});
	$FileTimes{$_}=~ s/ /\n/g;
	print "$FileTimes{$_}";
	$counter+=$count;
	if ($counter >=10){last};
}