Bash script to run post installation of CentOS or RedHat.

#/bin/bash
# post installation script
#
#
#set -x
echo ". Post installation script"
#
# /etc/hosts
#
echo ". /etc/hosts"
#
# nozeroconf
#
echo ". removendo suporte a zeroconf"
echo 'NOZEROCONF=yes' >>/etc/sysconfig/network
#
# Desativando servicos que nao sao utilizados
#
echo ". chkconfig"
chkconfig --level 35 acpid off
chkconfig --level 35 anacron off
chkconfig --level 35 atd off
chkconfig --level 35 auditd off
chkconfig --level 35 autofs off
chkconfig --level 35 avahi-daemon off
chkconfig --level 35 bluetooth off
chkconfig --level 35 cpuspeed off
chkconfig --level 35 cups off
chkconfig --level 35 gpm off
chkconfig --level 35 haldaemon off
chkconfig --level 35 hidd off
chkconfig --level 35 hplip off
chkconfig --level 35 ip6tables off
chkconfig --level 35 iptables off
chkconfig --level 35 isdn off
chkconfig --level 35 lm_sensors off
chkconfig --level 35 lvm2-monitor off
chkconfig --level 35 mcstrans off
chkconfig --level 35 mdmonitor off
chkconfig --level 35 messagebus off
chkconfig --level 35 pcscd off
chkconfig --level 35 readahead_early off
chkconfig --level 35 rhnsd off
chkconfig --level 35 rpcgssd off
chkconfig --level 35 rpcidmapd off
chkconfig --level 35 sendmail off
chkconfig --level 35 smartd off
chkconfig --level 35 sysstat off
chkconfig --level 35 yum-updatesd off
#
# inittab
#
echo ". /etc/inittab"
cp /etc/inittab /etc/inittab.orig
cat >/etc/inittab <
#               Modified for RHS Linux by Marc Ewing and Donnie Barnes
#
# Default runlevel. The runlevels used by RHS are:
#   0 - halt (Do NOT set initdefault to this)
#   1 - Single user mode
#   2 - Multiuser, without NFS (The same as 3, if you do not have networking)
#   3 - Full multiuser mode
#   4 - unused
#   5 - X11
#   6 - reboot (Do NOT set initdefault to this)
#
id:3:initdefault:
# System initialization.
si::sysinit:/etc/rc.d/rc.sysinit
l0:0:wait:/etc/rc.d/rc 0
l1:1:wait:/etc/rc.d/rc 1
l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6
# Trap CTRL-ALT-DELETE
#ca::ctrlaltdel:/sbin/shutdown -t3 -r now
# When our UPS tells us power has failed, assume we have a few minutes
# of power left.  Schedule a shutdown for 2 minutes from now.
# This does, of course, assume you have powerd installed and your
# UPS connected and working correctly.
pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Down"
# If power was restored before the shutdown kicked in, cancel it.
pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancelled"
# Run gettys in standard runlevels
1:2345:respawn:/sbin/mingetty --noclear tty1
2:2345:respawn:/sbin/mingetty --noclear tty2
# Run xdm in runlevel 5
x:5:respawn:/etc/X11/prefdm -nodaemon
EOF
init q
#
# Kernel parameters
#
cp /etc/sysctl.conf /etc/sysctl.conf.orig
cat >/etc/sysctl.conf </etc/cron.allow ; echo >/etc/cron.deny ;chmod 600 /etc/cron.allow /etc/cron.deny
#
# ssh
#
echo ". sshd"
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
cat >/etc/ssh/sshd_config </etc/host.conf
order hosts,bind
nospoof on
spoofalert on
EOF
chmod 644 /etc/host.conf
#
# restricao no su
#
echo ". chgrp no su"
ls -l /bin/su ; chgrp suporte /bin/su ; chmod 4550 /bin/su ; ls -l /bin/su
#
# restringindo acesso a alguns utilitarios do SO
#
#echo ". restricoes gerais"
#for c in /sbin/halt /sbin/shutdown /usr/bin/nc /usr/sbin/tcpdump /usr/bin/gcc
#do chmod 500 $c 2>/dev/null ; ls -l $c ; done
#
# ajustes no /etc/profile
#
echo ". /etc/profile"
echo "umask 0077" >>/etc/profile
echo "#TMOUT=300 ; export TMOUT ; readonly TMOUT" >>/etc/profile
Tags: , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *