Bash script to run post installation of CentOS or RedHat.
#/bin/bash # post installation script # # #set -x echo ". Post installation script" # # /etc/hosts # echo ". /etc/hosts" # # nozeroconf # echo ". removendo suporte a zeroconf" echo 'NOZEROCONF=yes' >>/etc/sysconfig/network # # Desativando servicos que nao sao utilizados # echo ". chkconfig" chkconfig --level 35 acpid off chkconfig --level 35 anacron off chkconfig --level 35 atd off chkconfig --level 35 auditd off chkconfig --level 35 autofs off chkconfig --level 35 avahi-daemon off chkconfig --level 35 bluetooth off chkconfig --level 35 cpuspeed off chkconfig --level 35 cups off chkconfig --level 35 gpm off chkconfig --level 35 haldaemon off chkconfig --level 35 hidd off chkconfig --level 35 hplip off chkconfig --level 35 ip6tables off chkconfig --level 35 iptables off chkconfig --level 35 isdn off chkconfig --level 35 lm_sensors off chkconfig --level 35 lvm2-monitor off chkconfig --level 35 mcstrans off chkconfig --level 35 mdmonitor off chkconfig --level 35 messagebus off chkconfig --level 35 pcscd off chkconfig --level 35 readahead_early off chkconfig --level 35 rhnsd off chkconfig --level 35 rpcgssd off chkconfig --level 35 rpcidmapd off chkconfig --level 35 sendmail off chkconfig --level 35 smartd off chkconfig --level 35 sysstat off chkconfig --level 35 yum-updatesd off # # inittab # echo ". /etc/inittab" cp /etc/inittab /etc/inittab.orig cat >/etc/inittab < # Modified for RHS Linux by Marc Ewing and Donnie Barnes # # Default runlevel. The runlevels used by RHS are: # 0 - halt (Do NOT set initdefault to this) # 1 - Single user mode # 2 - Multiuser, without NFS (The same as 3, if you do not have networking) # 3 - Full multiuser mode # 4 - unused # 5 - X11 # 6 - reboot (Do NOT set initdefault to this) # id:3:initdefault: # System initialization. si::sysinit:/etc/rc.d/rc.sysinit l0:0:wait:/etc/rc.d/rc 0 l1:1:wait:/etc/rc.d/rc 1 l2:2:wait:/etc/rc.d/rc 2 l3:3:wait:/etc/rc.d/rc 3 l4:4:wait:/etc/rc.d/rc 4 l5:5:wait:/etc/rc.d/rc 5 l6:6:wait:/etc/rc.d/rc 6 # Trap CTRL-ALT-DELETE #ca::ctrlaltdel:/sbin/shutdown -t3 -r now # When our UPS tells us power has failed, assume we have a few minutes # of power left. Schedule a shutdown for 2 minutes from now. # This does, of course, assume you have powerd installed and your # UPS connected and working correctly. pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Down" # If power was restored before the shutdown kicked in, cancel it. pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancelled" # Run gettys in standard runlevels 1:2345:respawn:/sbin/mingetty --noclear tty1 2:2345:respawn:/sbin/mingetty --noclear tty2 # Run xdm in runlevel 5 x:5:respawn:/etc/X11/prefdm -nodaemon EOF init q # # Kernel parameters # cp /etc/sysctl.conf /etc/sysctl.conf.orig cat >/etc/sysctl.conf </etc/cron.allow ; echo >/etc/cron.deny ;chmod 600 /etc/cron.allow /etc/cron.deny # # ssh # echo ". sshd" cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig cat >/etc/ssh/sshd_config </etc/host.conf order hosts,bind nospoof on spoofalert on EOF chmod 644 /etc/host.conf # # restricao no su # echo ". chgrp no su" ls -l /bin/su ; chgrp suporte /bin/su ; chmod 4550 /bin/su ; ls -l /bin/su # # restringindo acesso a alguns utilitarios do SO # #echo ". restricoes gerais" #for c in /sbin/halt /sbin/shutdown /usr/bin/nc /usr/sbin/tcpdump /usr/bin/gcc #do chmod 500 $c 2>/dev/null ; ls -l $c ; done # # ajustes no /etc/profile # echo ". /etc/profile" echo "umask 0077" >>/etc/profile echo "#TMOUT=300 ; export TMOUT ; readonly TMOUT" >>/etc/profile