Initial commit

Signed-off-by: Qin Bo <bqin@linx-info.com>

install_shell/other.sh

@@ -0,0 +1,232 @@
+#!/bin/bash
+
+. ./check_function.sh
+USER_NAME=$1
+USER_HOME=$2
+USER_SHELL=$3
+
+#revise grub.conf
+chown sysadmin:users      /boot/grub
+chown sysadmin:sysadmin   /boot/grub/menu.lst
+chown sysadmin:users      /boot/grub/grub.conf.sample
+
+grep 'kernel_type'  /boot/grub/menu.lst &>/dev/null
+if [ $? != 0 ];then
+	sed -i '/vmlinuz-root-n/s/$/& kernel_type=noroot/g'  /boot/grub/menu.lst
+fi
+
+
+#add smartd link
+
+ln -sf /etc/rc.d/init.d/smartd   /etc/rc.d/rc5.d/S101smartd
+ln -sf /etc/rc.d/init.d/smartd   /etc/rc.d/rc3.d/S101smartd
+
+#revise order 
+grep 4.2.35  /etc/issue &> /dev/null
+if [ $? = 0 ];then 
+   rm  /etc/rc.d/rcsysinit.d/S005modules
+   rm  /etc/rc.d/rcsysinit.d/S010udev
+	ln -sf /etc/rc.d/init.d/modules   /etc/rc.d/rcsysinit.d/S010modules
+	ln -sf  /etc/rc.d/init.d/udev    /etc/rc.d/rcsysinit.d/S005udev
+fi
+
+#check linx sn
+grep lsm_linx /etc/sysconfig/modules &> /dev/null
+if [ $? != 0 ];then
+	echo "lsm_linx" >> /etc/sysconfig/modules
+fi
+
+
+#for proftp
+FTP_CONFIG=/etc/proftpd/proftpd.conf
+grep MaxClients  $FTP_CONFIG &> /dev/null
+if [ $? != 0 ];then
+	sed -i "/MaxInstances/a\#MaxClients 200"   $FTP_CONFIG
+fi
+
+grep TimesGMT  $FTP_CONFIG  &>/dev/null
+if [ $? != 0 ];then
+	sed -i "/MaxInstances/a\#TimesGMT   off"        $FTP_CONFIG
+fi
+
+grep UseReverseDNS  $FTP_CONFIG  &>/dev/null
+if [ $? != 0 ];then
+	sed -i "/MaxInstances/a\#UseReverseDNS   off"  $FTP_CONFIG
+fi
+
+grep IdentLookups  $FTP_CONFIG  &>/dev/null
+if [ $? != 0 ];then
+	sed -i "/MaxInstances/a\#IdentLookups   off"  $FTP_CONFIG
+fi
+#flag_4_2_40=`grep '4.2.40' /etc/issue|awk '{print $5}'`
+#if [ -z ${flag_4_2_40} ];then
+#	grep ^UseUTF8 ${FTP_CONFIG} &> /dev/null
+#	if [ $? -ne 0 ];then
+#		echo "UseUTF8    off">> ${FTP_CONFIG}
+#	fi
+
+#else
+#	grep ^useencoding ${FTP_CONFIG} &> /dev/null
+#	if [ $? -ne 0 ];then
+#		echo "useencoding gbk  gbk">> ${FTP_CONFIG}
+#	fi
+#fi
+
+grep ^useencoding ${FTP_CONFIG} &> /dev/null
+if [ $? -ne 0 ];then
+	echo "useencoding gbk  gbk">> ${FTP_CONFIG}
+fi
+
+grep ^DefaultRoot ${FTP_CONFIG} &> /dev/null
+if [ $? -ne 0 ];then
+	echo "DefaultRoot ~">> ${FTP_CONFIG}
+fi
+
+# revise /etc/rc.d/init.d/functions
+sed -i '/ENTER/s/^/# &/g'   /etc/rc.d/init.d/functions
+
+
+#checkfs
+
+FILE=/etc/rc.d/init.d/checkfs
+
+egrep 'options=' $FILE | tail -n 1 | grep '\-f'
+if [ $? -eq 0 ]; then
+	line=$(sed -n '/options=/ =' $FILE | tail -n 1)
+	sed -i "${line}s@-f@@" $FILE
+	echo "$FILE fix successful."
+#else
+#	echo "$FILE already fixed."
+#	exit 0
+fi
+
+#解决从无root内核启动后，日志轮转和与时间服务器校时的cron定时任务的用户为sysadmin
+#解决d5000等用户家目录下.xsession-errors文件删除的问题
+cp crontab /etc/
+sed -i "s#d5000#${USER_NAME}#g"  /etc/crontab
+chown sysadmin.sysadmin /etc/crontab
+chmod 644 /etc/crontab
+cp xrm.sh /usr/sbin
+cp linx-watch-top.sh /usr/sbin
+chown root.root /usr/sbin/xrm.sh
+chown root.root /usr/sbin/linx-watch-top.sh
+chmod 755 /usr/sbin/xrm.sh
+chmod 755 /usr/sbin/linx-watch-top.sh
+if [ -f /var/spool/cron/crontabs/root ];then
+	rm /var/spool/cron/crontabs/root
+fi
+#恢复被netkit-base包覆盖的/etc/inetd.conf文件
+cp inetd.conf /etc
+chown root.root /etc/inetd.conf
+chmod 644 /etc/inetd.conf
+
+chown audadmin.audadmin /var/log/kernel*
+chmod 644 /var/log/kernel*
+chown audadmin.audadmin /var/log/messages*
+chmod 644  /var/log/messages*
+chown audadmin.audadmin /var/log/auth*
+chmod 644 /var/log/auth*
+chown audadmin.audadmin /var/log/errors*
+chmod 644 /var/log/errors*
+chown audadmin.audadmin /var/log/old/*
+chmod -R 755 /var/log/old/
+chown -R audadmin.audadmin /etc/cron/daily/
+chown -R audadmin.audadmin /etc/cron/weekly/
+chown audadmin.audadmin /etc/logrotate.conf
+touch /var/lib/logrotate.status
+chown audadmin.audadmin /var/lib/logrotate.status
+chmod 755 /usr/sbin/runjobs
+
+#解决以普通用户运行date命令设置当前时间的问题
+setcap "cap_sys_time+ep" /bin/date
+
+#解决/var/log/errors中postfix/sendmail:fatal:chair /var/spool/postfix:Permission denied?报错问题
+#解决/var/log/messages中的/usr/sbin/cron[2856]: (sysadmin) MAIL (mailed 126 bytes of output but got status 0x004b )的报错问题
+mkfifo /var/spool/postfix/public/pickup
+chown postfix.postfix /var/spool/postfix/public/pickup
+setfacl -m u:sysadmin:rwx /var/spool/postfix
+setfacl -m u:sysadmin:rwx /var/spool/postfix/*
+setfacl -m u:sysadmin:rwx /usr/sbin/postdrop
+
+
+#解决定时抓取占用最大内存的进程名，并记录到/var/log/messages文件中
+cp  get_max_mem_process.sh  /usr/sbin/
+chown  audadmin.audadmin /usr/sbin/get_max_mem_process.sh
+chmod  755 /usr/sbin/get_max_mem_process.sh
+
+#获取系统的部分日志或全部日志及系统相关信息的脚本
+cp  get_parameter_log.sh  /usr/sbin/
+cp dmidecode /usr/sbin
+cp lshw /usr/sbin
+cp check_sec_local.sh /usr/sbin
+cp os.sh /usr/sbin
+cp pci.ids /usr/share
+chown  sysadmin.sysadmin /usr/sbin/get_parameter_log.sh
+chmod  755 /usr/sbin/get_parameter_log.sh
+chown  sysadmin.sysadmin /usr/sbin/dmidecode
+chmod  755 /usr/sbin/dmidecode
+chown  sysadmin.sysadmin /usr/sbin/lshw
+chmod  755 /usr/sbin/lshw
+chown  sysadmin.sysadmin /usr/sbin/check_sec_local.sh
+chmod  755 /usr/sbin/check_sec_local.sh
+chown  sysadmin.sysadmin /usr/sbin/os.sh
+chmod  755 /usr/sbin/os.sh
+cp LinxSetupSign /etc/security
+echo "setup time">>/etc/security/LinxSetupSign
+date>>/etc/security/LinxSetupSign
+#check root user's  HISTTIMEFORMAT
+grep HISTTIMEFORMAT /root/.bashrc &> /dev/null
+if [ $? -ne 0 ];then
+	#设置保存历史命令的文件大小
+	echo "HISTFILESIZE=200000" >> /root/.bashrc
+	#保存历史命令条数
+	echo "HISTSIZE=200000" >> /root/.bashrc
+	#实时记录历史命令，默认只有在用户退出之后才会统一记录，很容易造成多用户间的相互覆盖
+	echo "export PROMPT_COMMAND=\"history -a\"">>/root/.bashrc
+	#记录每条历史命令的执行时间
+	echo "HISTTIMEFORMAT=\"%Y%m%d-%H%M%S:\"" >> /root/.bashrc
+	echo "export HISTTIMEFORMAT" >> /root/.bashrc
+fi
+grep HISTTIMEFORMAT ~sysadmin/.bashrc &> /dev/null
+if [ $? -ne 0 ];then
+	#设置保存历史命令的文件大小
+	echo "HISTFILESIZE=200000" >> ~sysadmin/.bashrc
+	#保存历史命令条数
+	echo "HISTSIZE=200000" >> ~sysadmin/.bashrc
+	#实时记录历史命令，默认只有在用户退出之后才会统一记录，很容易造成多用户间的相互覆盖
+	echo "export PROMPT_COMMAND=\"history -a\"">>~sysadmin/.bashrc
+	#记录每条历史命令的执行时间
+	echo "HISTTIMEFORMAT=\"%Y%m%d-%H%M%S:\"" >> ~sysadmin/.bashrc
+	echo "export HISTTIMEFORMAT" >> ~sysadmin/.bashrc
+fi
+if [ "${USER_SHELL}" == "tcsh" ];then
+	chmod  -R 644  ${USER_HOME}/.history_log/*
+else
+	grep HISTTIMEFORMAT ${USER_HOME}/.bashrc &> /dev/null
+	if [ $? -ne 0 ];then
+		#设置保存历史命令的文件大小
+		echo "HISTFILESIZE=200000" >> ${USER_HOME}/.bashrc
+		#保存历史命令条数
+		echo "HISTSIZE=200000" >> ${USER_HOME}/.bashrc
+		#实时记录历史命令，默认只有在用户退出之后才会统一记录，很容易造成多用户间的相互覆盖
+		echo "export PROMPT_COMMAND=\"history -a\"" >> ${USER_HOME}/.bashrc
+		#记录每条历史命令的执行时间
+		echo "HISTTIMEFORMAT=\"%Y%m%d-%H%M%S:\"" >> ${USER_HOME}/.bashrc
+		echo "export HISTTIMEFORMAT" >> ${USER_HOME}/.bashrc
+		echo "#include .bashrc if it exists">>${USER_HOME}/.profile
+		echo "if [ -f \"\$HOME/.bashrc\" ];then">>${USER_HOME}/.profile
+		echo ". \"\$HOME/.bashrc\"">>${USER_HOME}/.profile
+		echo "fi">>${USER_HOME}/.profile
+		chown ${USER_NAME}.${USER_NAME} ${USER_HOME}/.bashrc
+		chown ${USER_NAME}.${USER_NAME} ${USER_HOME}/.profile
+	fi
+fi
+#setcap "cap_sys_admin,cap_sys_rawio,cap_sys_time+ep" /sbin/hwclock
+cp -a shadow-cap.conf /etc/security/capability/
+setcap -f /etc/security/capability/shadow-cap.conf
+setcap "cap_chown,cap_dac_read_search,cap_fowner,cap_setgid,cap_setuid,cap_setpcap,cap_sys_resource+ep" /bin/login
+chown netadmin.netadmin /etc/rc.d/rc.local
+touch /var/log/corosync.log
+chown audadmin.audadmin /var/log/corosync.log
+setcap "cap_dac_read_search,cap_sys_admin,cap_dac_override+ep" /usr/sbin/syslogd
+cp -a sysklogd /etc/rc.d/init.d