Merge remote-tracking branch 'origin/4.3/1691-jgmu' into master-merge

install_shell/audit.rules

@@ -1,103 +0,0 @@
-##
--D
-
-
-##
--b 32768
-
-
-##
--f 1
-
-
-##
--w /var/log/audit/ -k LOG_audit
--w /etc/audit/ -p wa -k CFG_audit
--w /etc/sysconfig/auditd -p wa -k CFG_auditd.conf
--w /etc/libaudit.conf -p wa -k CFG_libaudit.conf
--w /etc/audisp/ -p wa -k CFG_audisp
-
-
-
-##
--w /home/d5000/fujian/bin/ -p wa -k BIN_d5000
--w /home/d5000/fujian/conf/ -p wa -k CFG_d5000
--w /home/d5000/fujian/.cshrc -p wa -k CFG_cshrc
--w /etc/hosts -p wa -k CFG_hosts
--w /etc/services -p wa -k CFG_services
--w /etc/sysctl.conf -p wa -k CFG_sysctl.conf
--w /etc/syslog.conf -p wa -k CFG_syslog.conf
--w /etc/security/limits.conf -p wa -k CFG_limits.conf
-
-
-##
--a exit,always -F path=/home/d5000/fujian/bin/sca_analog -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_point -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_cal -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_op -S  all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_manage -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_topo -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_handle -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_com  -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_mgr -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_gps -S all 
--a exit,always -F path=/home/d5000/fujian/bin/rtdb_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/rtdb_modify -S all 
--a exit,always -F path=/home/d5000/fujian/bin/case_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/download_daemon -S all 
--a exit,always -F path=/home/d5000/fujian/bin/download_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/db_modify_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sql_sp_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/db_commit -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_nicmonitor -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_procm -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_procm_mon -S all 
--a exit,always -F path=/home/d5000/fujian/bin/msg_bus -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_servicemanage -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_trans_alarm -S all 
--a exit,always -F path=/home/d5000/fujian/bin/remote_exed -S all
--a exit,always -F path=/home/d5000/fujian/bin/locator  -S all
--a exit,always -F path=/home/d5000/fujian/bin/proxy  -S all
--a exit,always -F path=/home/d5000/fujian/bin/midmmi -S all
--a exit,always -F path=/home/d5000/fujian/bin/midbrow -S all
--a exit,always -F path=/home/d5000/fujian/bin/middata -S all
--a exit,always -F path=/home/d5000/fujian/bin/evt_sender -S all
--a exit,always -F path=/home/d5000/fujian/bin/evt_recv   -S all
--a exit,always -F path=/home/d5000/fujian/bin/hissam     -S all
--a exit,always -F path=/home/d5000/fujian/bin/hissec   -S all
--a exit,always -F path=/home/d5000/fujian/bin/midhs   -S all
--a exit,always -F path=/home/d5000/fujian/bin/sca_pdrrep -S all
--a exit,always -F path=/home/d5000/fujian/bin/sca_pdrrec  -S all
--a exit,always -F path=/home/d5000/fujian/bin/fes_ser  -S all
- 
-
-##
-#-w /database/ -p wa -k DAT_database
-
-
-
-##
--w /etc/passwd -p wa -k CFG_passwd
--w /etc/group -p wa -k CFG_group
--w /etc/shadow -p wa -k CFG_shadow
-
-
-##
--a entry,always -F arch=b32 -S setxattr -S lsetxattr -S removexattr -S lremovexattr
--a entry,always -F arch=b64 -S setxattr -S lsetxattr -S removexattr -S lremovexattr
-
-
-##
--w /etc/cron.allow -p wa -k CFG_cron.allow
--w /etc/cron.deny -p wa -k CFG_cron.deny
--w /etc/cron.d/ -p wa -k CFG_cron.d
--w /etc/cron.daily/ -p wa -k CFG_cron.daily
--w /etc/cron.hourly/ -p wa -k CFG_cron.hourly
--w /etc/cron.monthly/ -p wa -k CFG_cron.monthly
--w /etc/cron.weekly/ -p wa -k CFG_cron.weekly
--w /etc/crontab -p wa -k CFG_crontab
--w /var/spool/cron/crontabs/root -k CFG_crontab_root
--w /var/spool/cron/crontabs/d5000 -p wa -k CFG_crontab_root
-#trace kill
-#-a entry,always -F arch=b32 -F a1>0 -S kill
-#-a entry,always -F arch=b64 -F a1>0 -S kill

install_shell/audit.rules.d5000

@@ -1,103 +0,0 @@
-##
--D
-
-
-##
--b 32768
-
-
-##
--f 1
-
-
-##
--w /var/log/audit/ -k LOG_audit
--w /etc/audit/ -p wa -k CFG_audit
--w /etc/sysconfig/auditd -p wa -k CFG_auditd.conf
--w /etc/libaudit.conf -p wa -k CFG_libaudit.conf
--w /etc/audisp/ -p wa -k CFG_audisp
-
-
-
-##
--w /home/d5000/fujian/bin/ -p wa -k BIN_d5000
--w /home/d5000/fujian/conf/ -p wa -k CFG_d5000
--w /home/d5000/fujian/.cshrc -p wa -k CFG_cshrc
--w /etc/hosts -p wa -k CFG_hosts
--w /etc/services -p wa -k CFG_services
--w /etc/sysctl.conf -p wa -k CFG_sysctl.conf
--w /etc/syslog.conf -p wa -k CFG_syslog.conf
--w /etc/security/limits.conf -p wa -k CFG_limits.conf
-
-
-##
--a exit,always -F path= PATH=/home/d5000/fujian/bin/sca_analog -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_point -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_cal -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_op -S  all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_manage -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_topo -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_handle -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_com  -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_mgr -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_gps -S all 
--a exit,always -F path=/home/d5000/fujian/bin/rtdb_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/rtdb_modify -S all 
--a exit,always -F path=/home/d5000/fujian/bin/case_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/download_daemon -S all 
--a exit,always -F path=/home/d5000/fujian/bin/download_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/db_modify_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sql_sp_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/db_commit -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_nicmonitor -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_procm -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_procm_mon -S all 
--a exit,always -F path=/home/d5000/fujian/bin/msg_bus -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_servicemanage -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_trans_alarm -S all 
--a exit,always -F path=/home/d5000/fujian/bin/remote_exed -S all
--a exit,always -F path=/home/d5000/fujian/bin/locator  -S all
--a exit,always -F path=/home/d5000/fujian/bin/proxy  -S all
--a exit,always -F path=/home/d5000/fujian/bin/midmmi -S all
--a exit,always -F path=/home/d5000/fujian/bin/midbrow -S all
--a exit,always -F path=/home/d5000/fujian/bin/middata -S all
--a exit,always -F path=/home/d5000/fujian/bin/evt_sender -S all
--a exit,always -F path=/home/d5000/fujian/bin/evt_recv   -S all
--a exit,always -F path=/home/d5000/fujian/bin/hissam     -S all
--a exit,always -F path=/home/d5000/fujian/bin/hissec   -S all
--a exit,always -F path=/home/d5000/fujian/bin/midhs   -S all
--a exit,always -F path=/home/d5000/fujian/bin/sca_pdrrep -S all
--a exit,always -F path=/home/d5000/fujian/bin/sca_pdrrec  -S all
--a exit,always -F path=/home/d5000/fujian/bin/fes_ser  -S all
- 
-
-##
-#-w /database/ -p wa -k DAT_database
-
-
-
-##
--w /etc/passwd -p wa -k CFG_passwd
--w /etc/group -p wa -k CFG_group
--w /etc/shadow -p wa -k CFG_shadow
-
-
-##
--a entry,always -F arch=b32 -S setxattr -S lsetxattr -S removexattr -S lremovexattr
--a entry,always -F arch=b64 -S setxattr -S lsetxattr -S removexattr -S lremovexattr
-
-
-##
--w /etc/cron.allow -p wa -k CFG_cron.allow
--w /etc/cron.deny -p wa -k CFG_cron.deny
--w /etc/cron.d/ -p wa -k CFG_cron.d
--w /etc/cron.daily/ -p wa -k CFG_cron.daily
--w /etc/cron.hourly/ -p wa -k CFG_cron.hourly
--w /etc/cron.monthly/ -p wa -k CFG_cron.monthly
--w /etc/cron.weekly/ -p wa -k CFG_cron.weekly
--w /etc/crontab -p wa -k CFG_crontab
--w /var/spool/cron/crontabs/root -k CFG_crontab_root
--w /var/spool/cron/crontabs/d5000 -p wa -k CFG_crontab_root
-#trace kill
-#-a entry,always -F arch=b32 -F a1>0 -S kill
-#-a entry,always -F arch=b64 -F a1>0 -S kill

install_shell/audit_patch.sh

@@ -1,31 +0,0 @@
-#!/bin/sh
-
-. ./check_function.sh
-
-AUDIT_CONFIG=/etc/audit/audit.rules
-
-check_config $AUDIT_CONFIG '^-f'  1 
-if [ $rtn -eq 1 ]; then
-	sed -i '/-f/s@[0-9]@1@' $AUDIT_CONFIG
-elif [ $rtn -eq 2 ]; then
-	line=$(grep -n ^-b  $AUDIT_CONFIG | cut -d: -f1)
-	num=`expr ${line} + 2`
-	sed -i "${num}a\-f 1" /etc/audit/audit.rules
-fi
-DATE=$(date +%Y%m%d)
-sed -i.bak_$DATE '/kill/d'  $AUDIT_CONFIG
-echo "#trace kill">> $AUDIT_CONFIG
-echo "#-a entry,always -F arch=b32 -F a1>0 -S kill">> $AUDIT_CONFIG
-echo "#-a entry,always -F arch=b64 -F a1>0 -S kill">> $AUDIT_CONFIG
-USER_NAME=$1
-USER_HOME=$2
-#if [ -z $1 ];then
-#	UNIT_NAME=guodiao
-#else
-#	UNIT_NAME=$1
-#fi
-# copy new script 
-cp auditd.conf  /etc/audit
-cp audit.rules  /etc/audit/audit.rules.${USER_NAME}
-#sed -i "s#fujian#${UNIT_NAME}#g" /etc/audit/audit.rules.${USER_NAME}
-sed -i "s#/home/d5000/fujian#${USER_HOME}#g" /etc/audit/audit.rules.${USER_NAME}

install_shell/auditd.conf

@@ -1,25 +0,0 @@
-#
-# This file controls the configuration of the audit daemon
-#
-
-log_file = /var/log/audit/audit.log
-log_format = RAW
-log_group = root
-priority_boost = 4
-flush = INCREMENTAL
-freq = 20
-num_logs = 16
-disp_qos = lossy
-dispatcher = /sbin/audispd
-name_format = NONE
-##name = mydomain
-max_log_file = 300 
-max_log_file_action = ROTATE
-space_left = 75
-space_left_action = SYSLOG
-action_mail_acct = audadmin
-admin_space_left = 50
-admin_space_left_action = SUSPEND
-disk_full_action = SUSPEND
-disk_error_action = SUSPEND
-

install_shell/cgroup-d5000-install/install.sh

@@ -8,6 +8,6 @@ sed -i "s#d5000#${USER_NAME}#g" /etc/cgconfig.conf
 sed -i "s#d5000#${USER_NAME}#g" /etc/cgrules.conf
 grep ^${USER_NAME} /etc/security/limits.conf|grep nproc &>/dev/null
 if [ $? -ne 0 ];then
-	echo "${USER_NAME}        soft    nproc           6000">>/etc/security/limits.conf
-	echo "${USER_NAME}        hard    nproc           6000">>/etc/security/limits.conf
+	echo "${USER_NAME}        soft    nproc           10240">>/etc/security/limits.conf
+	echo "${USER_NAME}        hard    nproc           10240">>/etc/security/limits.conf
 fi

install_shell/crontab

@@ -13,5 +13,5 @@ MAILTO=""
 0 20 * * * 	d5000  /usr/sbin/xrm.sh
 #Every Sunday morning, 5:0
 0 5 * * 7 	audadmin  /usr/sbin/linx-watch-top.sh&
-*/1  * * * *   sysadmin    /usr/sbin/update_time.sh
+0  * * * *   sysadmin    /usr/sbin/update_time.sh
 */1  * * * *   audadmin    /usr/sbin/get_max_mem_process.sh

install_shell/ntpd_cron_patch.sh

@@ -1,43 +0,0 @@
-#!/bin/bash
-
-if [ -f /var/spool/cron/crontabs/root ];then
-        grep update_time.sh  /var/spool/cron/crontabs/root &> /dev/null
-        if [ $? = 0 ];then
-                sed -i '/update_time.sh/d'   /var/spool/cron/crontabs/root
-                echo "*/1  * * * *   sysadmin    /usr/sbin/update_time.sh"  >> /etc/crontab
-        fi
-else
-        grep  update_time.sh  /etc/crontab  | grep  sysadmin   &> /dev/null
-        if [ $? != 0 ];then
-                echo "*/1  * * * *   sysadmin    /usr/sbin/update_time.sh"  >> /etc/crontab
-        fi
-fi
-
-
-#d5000 cron example
-cp d5000_cron_example.sh   /opt/
-
-#ntp client 
-if [ -f /usr/sbin/update_time.sh ];then
-        chmod +x /usr/sbin/update_time.sh
-        chown sysadmin:sysadmin /usr/sbin/update_time.sh
-else
-
-cat > /usr/sbin/update_time.sh << 'EOF'
-#!/bin/bash
-NTPSERVER_A=''
-NTPSERVER_B=''
-NTPDATE='/usr/sbin/ntpdate'
-${NTPDATE}  ${NTPSERVER_A} || ${NTPDATE} ${NTPSERVER_B}
-hwclock -w
-EOF
-	
-        ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
-        chmod +x /usr/sbin/update_time.sh
-        chown sysadmin:sysadmin /usr/sbin/update_time.sh
-fi
-
-#ntp server
-sed -i '/ntps1*/d'  /etc/ntp/ntp.conf
-sed -i '/ntp1*/d'  /etc/ntp/ntp.conf
-

install_shell/other.sh

@@ -43,17 +43,6 @@ touch /var/lib/logrotate.status
 chown audadmin.audadmin /var/lib/logrotate.status
 chmod 755 /usr/sbin/runjobs
 
-#解决以普通用户运行date命令设置当前时间的问题
-setcap "cap_sys_time+ep" /bin/date
-
-#解决/var/log/errors中postfix/sendmail:fatal:chair /var/spool/postfix:Permission denied?报错问题
-#解决/var/log/messages中的/usr/sbin/cron[2856]: (sysadmin) MAIL (mailed 126 bytes of output but got status 0x004b )的报错问题
-#mkfifo /var/spool/postfix/public/pickup
-#chown postfix.postfix /var/spool/postfix/public/pickup
-#setfacl -m u:sysadmin:rwx /var/spool/postfix
-#setfacl -m u:sysadmin:rwx /var/spool/postfix/*
-#setfacl -m u:sysadmin:rwx /usr/sbin/postdrop
-
 
 #解决定时抓取占用最大内存的进程名，并记录到/var/log/messages文件中
 cp  get_max_mem_process.sh  /usr/sbin/

install_shell/set_kernel.sh

@@ -1,18 +0,0 @@
-#!/bin/bash
-# Parallel computing patch
-
-. ./check_function.sh
-
-LIMIT_CONFIG=/etc/security/limits.conf
-
-
-# set limits.conf
-grep -v ^#  $LIMIT_CONFIG  | grep  stack   | grep 16384 | grep hard &>/dev/null
-if [ $? -eq 1 ];then
-	echo "* soft   stack   8192" >> $LIMIT_CONFIG
-	echo "* hard   stack   8192" >> $LIMIT_CONFIG
-elif [ $? -eq 0 ];then
-	exit 0
-fi
-
-

install_shell/set_limits.conf.sh

@@ -1,5 +1,10 @@
 #!/bin/bash
 
+
+. ./check_function.sh
+
+
+
 #本脚本更改同时打开文件数的限制为65536
 
 ROOT_UID=0

install_shell/set_linux-pam.sh

@@ -1,20 +0,0 @@
-#!/bin/bash
-ROOT_UID=0
-E_ROOT=2
-DATE=$(date +%Y%m%d)
-if [ $UID -ne $ROOT_UID ];then
-	echo "You must run this script use root ..."
-	exit $E_ROOT
-fi
-PASSWD_FILE=/etc/pam.d/passwd
-LOGIN_FILE=/etc/pam.d/login
-KDE_FILE=/etc/pam.d/kde
-SSHD_FILE=/etc/pam.d/sshd
-sed -i.bak_$DATE '/pam_cracklib.so/d' ${PASSWD_FILE}
-sed -i.bak_$DATE '/pam_tally.so/d' ${LOGIN_FILE}
-sed -i.bak_$DATE '/pam_tally.so/d' ${KDE_FILE}
-sed -i.bak_$DATE '/pam_tally.so/d' ${SSHD_FILE}
-sed -i "/pam_unix_passwd.so/i\password	required pam_cracklib.so retry=3 minlen=12 difok=3 ucredit=1 lcredit=2 dcredit=1 ocredit=1" ${PASSWD_FILE}
-echo "auth       required     /lib64/security/pam_tally.so per_user unlock_time=600 onerr=succeed audit deny=3">> ${LOGIN_FILE}
-echo "auth       required     /lib64/security/pam_tally.so per_user unlock_time=600 onerr=succeed audit deny=3">> ${KDE_FILE}
-echo "auth       required     /lib64/security/pam_tally.so per_user unlock_time=600 onerr=succeed audit deny=3">> ${SSHD_FILE}

install_shell/set_recycling-station.sh

@@ -1,46 +0,0 @@
-#!/bin/bash
-#set_recycling-station.sh
-#Linux回收站，改写rm防止误删文件引起无法恢复
-
-#Jincheng Ye
-#2013/05/14
-#modified by Jincheng Ye,2013/10/28
-grep trash /root/.bashrc &> /dev/null
-if [ $? -eq 0 ];then
-	echo "trash exist..."
-else
-
-cat >> /root/.bashrc <<EOF
-#Linux回收站，改写rm,防止bash用户误删文件引起无法恢复
-mkdir -p ~/.trash
-alias rm=trash
-alias r=trash
-alias rl='ls ~/.trash'
-alias ur=undelfile
-#回收函数
-undelfile()
-{
-	mv -i ~/.trash/\$@ ./
-}
-#垃圾函数,该函数不删除系统重要目录下的重要文件，如果用户实在想删除，可以指定rm命令的路径来完成原来rm的功能，如:
-#/bin/rm  /opt/test.sh
-trash()
-{
-#Can't delete / /s* /b* /l* /d* /e* /u* /r* /v* /h* /o* /p* /* ~ ~/*
-	if [[ \$@ != /[sbldeurvhop]* ]] && [[ \$@ != "/" ]] && [[ \$@ != "/*" ]] && [[ \$@ != ~* ]]
-	then
-		mv \$@  ~/.trash/
-	else
-		echo "Can't delete \$@!"
-	fi
-}
-#清除垃圾回收站的内容的函数
-cleartrash()
-{
-	read -p "clear sure?[y/n]" confirm
-	[ ${confirm} == 'y' ]||[ ${confirm} == 'Y' ] && /bin/rm -rf ~/.trash/*
-}
-
-EOF
-
-fi

install_shell/set_recycling-station.sh.bak

@@ -1,83 +0,0 @@
-#!/bin/bash
-#set_recycling-station.sh
-#Linux回收站，改写rm防止误删文件引起无法恢复
-
-#Jincheng Ye
-#2013/05/14
-
-grep trash /etc/profile &> /dev/null
-if [ $? -eq 0 ];then
-	echo "trash exist..."
-else
-
-cat >> /etc/profile <<EOF
-#Linux回收站，改写rm,防止bash用户误删文件引起无法恢复
-mkdir -p ~/.trash
-alias rm=trash
-alias r=trash
-alias rl='ls ~/.trash'
-alias ur=undelfile
-#回收函数
-undelfile()
-{
-	mv -i ~/.trash/\$@ ./
-}
-#垃圾函数,该函数不删除系统重要目录下的重要文件，如果用户实在想删除，可以指定rm命令的路径来完成原来rm的功能，如:
-#/bin/rm  /opt/test.sh
-trash()
-{
-#Can't delete / /s* /b* /l* /d* /e* /u* /r* /v* /h* /o* /p* /* ~ ~/*
-	if [[ \$@ != /[sbldeurvhop]* ]] && [[ \$@ != "/" ]] && [[ \$@ != "/*" ]] && [[ \$@ != ~* ]]
-	then
-		mv \$@  ~/.trash/
-	else
-		echo "Can't delete \$@!"
-	fi
-}
-#清除垃圾回收站的内容的函数
-cleartrash()
-{
-	read -p "clear sure?[y/n]" confirm
-	[ ${confirm} == 'y' ]||[ ${confirm} == 'Y' ] && /bin/rm -rf ~/.trash/*
-}
-
-EOF
-cat >> ~/.bashrc <<EOF
-#Linux回收站，改写rm,防止bash用户误删文件引起无法恢复
-mkdir -p ~/.trash
-alias rm=trash
-alias r=trash
-alias rl='ls ~/.trash'
-alias ur=undelfile
-#回收函数
-undelfile()
-{
-	mv -i ~/.trash/\$@ ./
-}
-#垃圾函数,该函数不删除系统重要目录下的重要文件，如果用户实在想删除，可以指定rm命令的路径来完成原来rm的功能，如:
-#/bin/rm  /opt/test.sh
-trash()
-{
-#Can't delete / /s* /b* /l* /d* /e* /u* /r* /v* /h* /o* /p* /* ~ ~/*
-	if [[ \$@ != /[sbldeurvhop]* ]] && [[ \$@ != "/" ]] && [[ \$@ != "/*" ]] && [[ \$@ != ~* ]]
-	then
-		mv \$@  ~/.trash/
-	else
-		echo "Can't delete \$@!"
-	fi
-}
-#清除垃圾回收站的内容的函数
-cleartrash()
-{
-	read -p "clear sure?[y/n]" confirm
-	[ ${confirm} == 'y' ]||[ ${confirm} == 'Y' ] && /bin/rm -rf ~/.trash/*
-}
-
-EOF
-
-cat >> /etc/csh.cshrc <<EOF
-#由于cshell脚本编程中没有函数，因此仅在cshell用户中删除时进行提示
-alias rm 'rm -i' 
-EOF
-
-fi

install_shell/update_time.sh

@@ -1,6 +1,19 @@
-#!/bin/sh
-NTPSERVER_A='net1-1'
-NTPSERVER_B='net2-1'
-NTPDATE='/usr/sbin/ntpdate'
-${NTPDATE} ${NTPSERVER_A} || ${NTPDATE} ${NTPSERVER_B}
+#!/bin/bash
+
+#ntp client 
+if [ -f /usr/sbin/update_time.sh ];then
+	rm /usr/sbin/update_time.sh
+fi
+
+cat > /usr/sbin/update_time.sh << 'EOF'
+#!/bin/bash
 hwclock -w
+EOF
+
+chmod +x /usr/sbin/update_time.sh
+chown sysadmin:sysadmin /usr/sbin/update_time.sh
+
+#ntp server
+sed -i '/ntps1*/d'  /etc/ntp/ntp.conf
+sed -i '/ntp1*/d'  /etc/ntp/ntp.conf
+

setup.sh

@@ -19,18 +19,11 @@ fi
 ./set_network.sh
 echo "====Set Bonding..."
 
-./set_kernel.sh
-echo "====Set Kernel parameters..."
-
 ./set_ssh.sh $1 $2 $3 
 echo "====Set ssh...."
 
-./ntpd_cron_patch.sh
-echo "====Set ntp client..."
-
-
-./audit_patch.sh $1 $2 $3
-echo "====Set audit.rules ..."
+./update_time.sh
+echo "====Set update time...."
 
 ./set_fonts.sh
 echo "====add fonts===="
@@ -38,9 +31,6 @@ echo "====add fonts===="
 ./set_limits.conf.sh
 echo "====Set limits.conf===="
 
-./set_recycling-station.sh
-echo "===Set trash recycling station==="
-
 ./set_fstab.sh
 echo "===Set /etc/fstab==="
 
@@ -56,8 +46,6 @@ echo "====Set tcsh encode to gb18030..."
 ./other.sh $1 $2 $3
 echo "===Set other==="
 
-./set_linux-pam.sh
-echo "===Set pam_cracklib.so and pam_tally.so ==="
 
 cd cgroup-d5000-install
 ./install.sh $1 $2 $3