modified: install_shell/audit_patch.sh

deleted: install_shell/cgroup-d5000-install/42-2014-01-15-062120/README deleted: install_shell/cgroup-d5000-install/42-2014-01-15-062120/install.sh modified: install_shell/cgroup-d5000-install/install.sh modified: install_shell/create_users.sh modified: install_shell/ntpd_cron_patch.sh modified: install_shell/other.sh modified: install_shell/set_network.sh modified: install_shell/set_ssh.sh modified: setup.sh Signed-off-by: Qin Bo <bqin@linx-info.com>
2014-02-19 11:12:23 +08:00
parent 2235771f09
commit 39d88f389f
10 changed files with 1 additions and 261 deletions
--- a/install_shell/audit_patch.sh
+++ b/install_shell/audit_patch.sh
@@ -25,7 +25,6 @@ USER_HOME=$2
 #	UNIT_NAME=$1
 #fi
 # copy new script 
-install -o sys -g sys -m 755 auditd /etc/rc.d/init.d/auditd
 cp auditd.conf  /etc/audit
 cp audit.rules  /etc/audit/audit.rules.${USER_NAME}
 #sed -i "s#fujian#${UNIT_NAME}#g" /etc/audit/audit.rules.${USER_NAME}
--- a/install_shell/cgroup-d5000-install/42-2014-01-15-062120/README
+++ b/install_shell/cgroup-d5000-install/42-2014-01-15-062120/README
@@ -1,5 +0,0 @@
-1.安装libcgroup和cgroups的图形界面
-	sh ./install.sh
-2.启动cgroups的图形界面
-	cg-gui
-
--- a/install_shell/cgroup-d5000-install/42-2014-01-15-062120/install.sh
+++ b/install_shell/cgroup-d5000-install/42-2014-01-15-062120/install.sh
@@ -1,28 +0,0 @@
-#!/bin/sh
-
-echo "Starting update kernel..."
-cd kernel
-tar xf update_kernel-2013-11-25_2.6.32.41-cgroup.tar.gz
-cd update_kernel-2013-11-25_2.6.32.41-cgroup
-./install.sh
-cd ..
-/bin/rm -rf update_kernel-2013-11-25_2.6.32.41-cgroup
-cd ..
-
-echo "Starting upgrade cg-manager need package..."
-pkgrm cairo
-pkgadd  -f cairo#1.8.4-x86_64-linx-Rocky4.3.pkg.tar.gz
-pkgrm gtk2
-pkgadd -f gtk2#2.14.7-x86_64-linx-Rocky4.3.pkg.tar.gz
-pkgrm jasper
-pkgadd  -f jasper#1.900.1-x86_64-linx-Rocky4.3.pkg.tar.gz 
-pkgrm pixman
-pkgadd  -f pixman#0.12.0-x86_64-linx-Rocky4.3.pkg.tar.gz
-pkgrm libgtop2
-pkgadd  -f libgtop2#2.28.1-x86_64-linx-Rocky4.3.pkg.tar.gz
-
-echo "Starting install libcgroup and cg-manager package..."
-pkgrm libcgroup
-pkgadd -f libcgroup#0.38-x86_64-linx-Rocky4.3.pkg.tar.gz
-pkgrm cg-manager
-pkgadd -f cg-manager#1.0-x86_64-linx-Rocky4.3.pkg.tar.gz 
--- a/install_shell/cgroup-d5000-install/install.sh
+++ b/install_shell/cgroup-d5000-install/install.sh
@@ -3,19 +3,7 @@
 USER_NAME=$1
 USER_HOME=$2
 USER_SHELL=$3
-#chmod 755 /root
-#update linx kernel
-#cd LXCG-RC3
-cd 42-2014-01-15-062120
-./install.sh
-cd ../
-pkginfo -i|grep numactl
-if [ $? -ne 0 ];then
-	pkgadd -f  numactl#2.0.3-x86_64-linx-Rocky4.2.pkg.tar.gz
-else
-	pkgadd -f -u numactl#2.0.3-x86_64-linx-Rocky4.2.pkg.tar.gz
-fi
-#cp cgconfig.conf cgrules.conf /etc
+
 sed -i "s#d5000#${USER_NAME}#g" /etc/cgconfig.conf
 sed -i "s#d5000#${USER_NAME}#g" /etc/cgrules.conf
 grep ^${USER_NAME} /etc/security/limits.conf|grep nproc &>/dev/null
--- a/install_shell/create_users.sh
+++ b/install_shell/create_users.sh
@@ -37,12 +37,10 @@ fi
 check_konsole $USER_HOME
 check_konsole $HOME

-ln -sf /bin/tcsh   /bin/csh
 cp -r root-kde/.kde    $HOME/
 cp -r d5000-kde/.kde    $USER_HOME/
 #cp -r /etc/skel/.kde   $USER_HOME/
 cp -r d5000-fcitx/.config   $USER_HOME/
 chown -R ${USER_NAME}:${USER_NAME} ${USER_HOME}
-cp bash_profile  /etc/skel/.bash_profile

 usermod -p `openssl passwd root`  root  
--- a/install_shell/ntpd_cron_patch.sh
+++ b/install_shell/ntpd_cron_patch.sh
@@ -1,21 +1,5 @@
 #!/bin/bash

-unset cron
-cron=$(ls  /etc/rc.d/rc[0-9].d/*cron* 2> /dev/null)
-if [ -z "$cron" ];then
-	ln -sf /etc/rc.d/init.d/cron  /etc/rc.d/rc3.d/S520cron
-	ln -sf /etc/rc.d/init.d/cron  /etc/rc.d/rc5.d/S520cron
-else
-    	for i in $cron
-	do
-		rm $i
-	done
-	ln -sf /etc/rc.d/init.d/cron  /etc/rc.d/rc3.d/S520cron
-	ln -sf /etc/rc.d/init.d/cron  /etc/rc.d/rc5.d/S520cron
-fi
-
-
-
 if [ -f /var/spool/cron/crontabs/root ];then
        grep update_time.sh  /var/spool/cron/crontabs/root &> /dev/null
        if [ $? = 0 ];then
@@ -30,35 +14,9 @@ else
 fi


-grep cron /etc/cron/weekly/syslog > /dev/null
-if [ $? = 0 ];then
-	sed -i '/cron/d' /etc/cron/weekly/syslog
-fi
-
 #d5000 cron example
 cp d5000_cron_example.sh   /opt/

-#logrotate
-cp logrotate.d/*   /etc/logrotate.d/
-chown -R audadmin.audadmin /etc/logrotate.d/
-#cp syslog /etc/cron/weekly/
-/bin/rm /etc/cron/weekly/syslog
-mkdir -p /etc/cron/monthly
-cp syslog /etc/cron/monthly
-chown -R audadmin.audadmin /etc/cron/monthly
-setfacl -m u:sysadmin:rwx /usr/sbin/rotatelog
-#delete
-del_exist ()
-{
-	if [ -f /etc/cron/daily/$1 ];then
-		/bin/rm /etc/cron/daily/$1
-	fi
-}
-del_exist makewhatis 
-del_exist pwck 
-del_exist rdate 
-del_exist slocate 
-
 #ntp client 
 if [ -f /usr/sbin/update_time.sh ];then
        chmod +x /usr/sbin/update_time.sh
--- a/install_shell/other.sh
+++ b/install_shell/other.sh
@@ -5,22 +5,6 @@ USER_NAME=$1
 USER_HOME=$2
 USER_SHELL=$3

-#revise grub.conf
-chown sysadmin:users      /boot/grub
-chown sysadmin:sysadmin   /boot/grub/menu.lst
-chown sysadmin:users      /boot/grub/grub.conf.sample
-
-grep 'kernel_type'  /boot/grub/menu.lst &>/dev/null
-if [ $? != 0 ];then
-	sed -i '/vmlinuz-root-n/s/$/& kernel_type=noroot/g'  /boot/grub/menu.lst
-fi
-
-
-#add smartd link
-
-ln -sf /etc/rc.d/init.d/smartd   /etc/rc.d/rc5.d/S101smartd
-ln -sf /etc/rc.d/init.d/smartd   /etc/rc.d/rc3.d/S101smartd
-
 #revise order 
 grep 4.2.35  /etc/issue &> /dev/null
 if [ $? = 0 ];then 
@@ -36,52 +20,6 @@ if [ $? != 0 ];then
 	echo "lsm_linx" >> /etc/sysconfig/modules
 fi

-
-#for proftp
-FTP_CONFIG=/etc/proftpd/proftpd.conf
-grep MaxClients  $FTP_CONFIG &> /dev/null
-if [ $? != 0 ];then
-	sed -i "/MaxInstances/a\#MaxClients 200"   $FTP_CONFIG
-fi
-
-grep TimesGMT  $FTP_CONFIG  &>/dev/null
-if [ $? != 0 ];then
-	sed -i "/MaxInstances/a\#TimesGMT   off"        $FTP_CONFIG
-fi
-
-grep UseReverseDNS  $FTP_CONFIG  &>/dev/null
-if [ $? != 0 ];then
-	sed -i "/MaxInstances/a\#UseReverseDNS   off"  $FTP_CONFIG
-fi
-
-grep IdentLookups  $FTP_CONFIG  &>/dev/null
-if [ $? != 0 ];then
-	sed -i "/MaxInstances/a\#IdentLookups   off"  $FTP_CONFIG
-fi
-#flag_4_2_40=`grep '4.2.40' /etc/issue|awk '{print $5}'`
-#if [ -z ${flag_4_2_40} ];then
-#	grep ^UseUTF8 ${FTP_CONFIG} &> /dev/null
-#	if [ $? -ne 0 ];then
-#		echo "UseUTF8    off">> ${FTP_CONFIG}
-#	fi
-
-#else
-#	grep ^useencoding ${FTP_CONFIG} &> /dev/null
-#	if [ $? -ne 0 ];then
-#		echo "useencoding gbk  gbk">> ${FTP_CONFIG}
-#	fi
-#fi
-
-grep ^useencoding ${FTP_CONFIG} &> /dev/null
-if [ $? -ne 0 ];then
-	echo "useencoding gbk  gbk">> ${FTP_CONFIG}
-fi
-
-grep ^DefaultRoot ${FTP_CONFIG} &> /dev/null
-if [ $? -ne 0 ];then
-	echo "DefaultRoot ~">> ${FTP_CONFIG}
-fi
-
 # revise /etc/rc.d/init.d/functions
 sed -i '/ENTER/s/^/# &/g'   /etc/rc.d/init.d/functions

@@ -115,10 +53,6 @@ chmod 755 /usr/sbin/linx-watch-top.sh
 if [ -f /var/spool/cron/crontabs/root ];then
 	rm /var/spool/cron/crontabs/root
 fi
-#恢复被netkit-base包覆盖的/etc/inetd.conf文件
-cp inetd.conf /etc
-chown root.root /etc/inetd.conf
-chmod 644 /etc/inetd.conf

 chown audadmin.audadmin /var/log/kernel*
 chmod 644 /var/log/kernel*
@@ -163,10 +97,6 @@ cp os.sh /usr/sbin
 cp pci.ids /usr/share
 chown  sysadmin.sysadmin /usr/sbin/get_parameter_log.sh
 chmod  755 /usr/sbin/get_parameter_log.sh
-chown  sysadmin.sysadmin /usr/sbin/dmidecode
-chmod  755 /usr/sbin/dmidecode
-chown  sysadmin.sysadmin /usr/sbin/lshw
-chmod  755 /usr/sbin/lshw
 chown  sysadmin.sysadmin /usr/sbin/check_sec_local.sh
 chmod  755 /usr/sbin/check_sec_local.sh
 chown  sysadmin.sysadmin /usr/sbin/os.sh
@@ -221,12 +151,6 @@ else
 		chown ${USER_NAME}.${USER_NAME} ${USER_HOME}/.profile
 	fi
 fi
-#setcap "cap_sys_admin,cap_sys_rawio,cap_sys_time+ep" /sbin/hwclock
-cp -a shadow-cap.conf /etc/security/capability/
-setcap -f /etc/security/capability/shadow-cap.conf
-setcap "cap_chown,cap_dac_read_search,cap_fowner,cap_setgid,cap_setuid,cap_setpcap,cap_sys_resource+ep" /bin/login
 chown netadmin.netadmin /etc/rc.d/rc.local
 touch /var/log/corosync.log
 chown audadmin.audadmin /var/log/corosync.log
-setcap "cap_dac_read_search,cap_sys_admin,cap_dac_override+ep" /usr/sbin/syslogd
-cp -a sysklogd /etc/rc.d/init.d
--- a/install_shell/set_network.sh
+++ b/install_shell/set_network.sh
@@ -64,25 +64,3 @@ do
 done
 fi

-	
-
-
-
-#blacklist,Just for bonding crash,maybe it can help us.. 
-if [ -f /etc/modprobe.d/blacklist-ipv6.conf ];then
-	echo "blacklist ipv6 exist.."
-else
-	echo "blacklist ipv6" >> /etc/modprobe.d/blacklist-ipv6.conf
-	chown sysadmin:sysadmin /etc/modprobe.d/blacklist-ipv6.conf
-fi
-
-#for blade
-
-NET_CONFIG=/etc/sysconfig/network
-
-check_config  $NET_CONFIG  NETWORKING  yes
-if [ $rtn -eq 2 ];then
-    echo "NETWORKING=yes" >> $NET_CONFIG
-elif [ $rtn -eq 1 ];then
-    sed -i '/NETWORKING/s@no@yes@' $NET_CONFIG
-fi
--- a/install_shell/set_ssh.sh
+++ b/install_shell/set_ssh.sh
@@ -5,43 +5,6 @@

 # sshd_config
 SSHD_CONFIG=/etc/ssh/sshd_config
-
-check_config $SSHD_CONFIG ChallengeResponseAuthentication no
-if [ $rtn -eq 1 ]; then
-	sed -i '/ChallengeResponseAuthentication/s@yes@no@' $SSHD_CONFIG
-elif [ $rtn -eq 2 ]; then
-	echo 'ChallengeResponseAuthentication no' >> $SSHD_CONFIG
-fi
-
-check_config $SSHD_CONFIG UsePAM yes
-if [ $rtn -eq 1 ]; then
-	sed -i '/UsePAM/s@no@yes@' $SSHD_CONFIG
-elif [ $rtn -eq 2 ]; then
-	echo 'UsePAM yes' >> $SSHD_CONFIG
-fi
-
-check_config $SSHD_CONFIG X11Forwarding yes
-if [ $rtn -eq 1 ]; then
-	sed -i '/X11Forwarding/s@no@yes@' $SSHD_CONFIG
-elif [ $rtn -eq 2 ]; then
-	echo 'X11Forwarding yes' >> $SSHD_CONFIG
-fi
-
-check_config $SSHD_CONFIG UseDNS no 
-if [ $rtn -eq 1 ]; then
-	sed -i '/UseDNS/s@yes@no@' $SSHD_CONFIG
-elif [ $rtn -eq 2 ]; then
-	echo 'UseDNS no' >> $SSHD_CONFIG
-fi
-
-check_config $SSHD_CONFIG MaxStartups 60 
-if [ $rtn -eq 1 ]; then
-	sed -i '/MaxStartups/d' $SSHD_CONFIG
-	echo 'MaxStartups 60' >> $SSHD_CONFIG
-elif [ $rtn -eq 2 ]; then
-	echo 'MaxStartups 60' >> $SSHD_CONFIG
-fi
-
 SSH_CONFIG=/etc/ssh/ssh_config

 check_config $SSH_CONFIG StrictHostKeyChecking no 
@@ -60,25 +23,6 @@ elif [ $rtn -eq 2 ]; then
 	echo 'IgnoreUserKnownHosts yes' >> $SSHD_CONFIG
 fi

-sed -i '/AddressFamily/d' $SSHD_CONFIG
-sed -i "/^ListenAddress/i\AddressFamily inet" ${SSHD_CONFIG}
-
-# openssh-cap.conf
-cat > /etc/security/capability/openssh-cap.conf <<EOF
-/usr/sbin/sshd 
-{
-	cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_setgid,cap_setuid,cap_setpcap,cap_net_bind_service,cap_sys_resource+ep
-}
-EOF
-setcap -f /etc/security/capability/openssh-cap.conf
-
-
-
-grep 'pam_limits.so' /etc/pam.d/kde &>/dev/null
-if [ ! $? -eq 0 ]; then
-	echo "session         required        /lib64/security/pam_limits.so" >>  /etc/pam.d/kde
-fi
-
 # To create ssh key..
 USERNAME=$1

--- a/setup.sh
+++ b/setup.sh
@@ -25,9 +25,6 @@ echo "====Set Kernel parameters..."
 ./set_ssh.sh $1 $2 $3 
 echo "====Set ssh...."

-./set_X.sh
-echo "====Set  X..."
-
 ./ntpd_cron_patch.sh
 echo "====Set ntp client..."

@@ -38,9 +35,6 @@ echo "====Set audit.rules ..."
 ./set_fonts.sh
 echo "====add fonts===="

-./lvm-alsa-setup.sh
-echo "====alsa,lvm===="
-
 ./set_limits.conf.sh
 echo "====Set limits.conf===="

@@ -53,9 +47,6 @@ echo "===Set /etc/fstab==="
 #./install_tool.sh
 #echo "===instll update packages==="

-./install_new_packages.sh
-echo "===instll new packages==="
-
 ./set_close_ipv6.sh
 echo "===close ipv6 ip==="

@@ -72,13 +63,6 @@ cd cgroup-d5000-install
 ./install.sh $1 $2 $3
 echo "===Set cgroup==="

-cd ../sysinfo
-./install.sh
-echo "===Set linx system information driver==="
-
-cd ../firefox25-Rocky4.2_x64
-./install.sh
-echo "===install firefox25==="

 echo "=======Finish========"