From b81f1ec1fce37bb8c1f21fcbc524c5b1d0ba057a Mon Sep 17 00:00:00 2001
From: Jinnan Wang <jnwang@linx-info.com>
Date: Tue, 18 Mar 2014 14:09:57 +0800
Subject: [PATCH] =?UTF-8?q?=09=E5=88=A0=E9=99=A4=E4=B8=8E=E5=AE=A1?=
 =?UTF-8?q?=E8=AE=A1=E7=9B=B8=E5=85=B3=E7=9A=84=E9=85=8D=E7=BD=AE=E6=96=87?=
 =?UTF-8?q?=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 install_shell/audit.rules       | 103 --------------------------------
 install_shell/audit.rules.d5000 | 103 --------------------------------
 install_shell/audit_patch.sh    |  31 ----------
 install_shell/auditd.conf       |  25 --------
 setup.sh                        |   4 --
 5 files changed, 266 deletions(-)
 delete mode 100644 install_shell/audit.rules
 delete mode 100644 install_shell/audit.rules.d5000
 delete mode 100755 install_shell/audit_patch.sh
 delete mode 100644 install_shell/auditd.conf

diff --git a/install_shell/audit.rules b/install_shell/audit.rules
deleted file mode 100644
index a80ac8b..0000000
--- a/install_shell/audit.rules
+++ /dev/null
@@ -1,103 +0,0 @@
-##
--D
-
-
-##
--b 32768
-
-
-##
--f 1
-
-
-##
--w /var/log/audit/ -k LOG_audit
--w /etc/audit/ -p wa -k CFG_audit
--w /etc/sysconfig/auditd -p wa -k CFG_auditd.conf
--w /etc/libaudit.conf -p wa -k CFG_libaudit.conf
--w /etc/audisp/ -p wa -k CFG_audisp
-
-
-
-##
--w /home/d5000/fujian/bin/ -p wa -k BIN_d5000
--w /home/d5000/fujian/conf/ -p wa -k CFG_d5000
--w /home/d5000/fujian/.cshrc -p wa -k CFG_cshrc
--w /etc/hosts -p wa -k CFG_hosts
--w /etc/services -p wa -k CFG_services
--w /etc/sysctl.conf -p wa -k CFG_sysctl.conf
--w /etc/syslog.conf -p wa -k CFG_syslog.conf
--w /etc/security/limits.conf -p wa -k CFG_limits.conf
-
-
-##
--a exit,always -F path=/home/d5000/fujian/bin/sca_analog -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_point -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_cal -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_op -S  all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_manage -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_topo -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_handle -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_com  -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_mgr -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_gps -S all 
--a exit,always -F path=/home/d5000/fujian/bin/rtdb_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/rtdb_modify -S all 
--a exit,always -F path=/home/d5000/fujian/bin/case_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/download_daemon -S all 
--a exit,always -F path=/home/d5000/fujian/bin/download_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/db_modify_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sql_sp_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/db_commit -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_nicmonitor -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_procm -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_procm_mon -S all 
--a exit,always -F path=/home/d5000/fujian/bin/msg_bus -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_servicemanage -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_trans_alarm -S all 
--a exit,always -F path=/home/d5000/fujian/bin/remote_exed -S all
--a exit,always -F path=/home/d5000/fujian/bin/locator  -S all
--a exit,always -F path=/home/d5000/fujian/bin/proxy  -S all
--a exit,always -F path=/home/d5000/fujian/bin/midmmi -S all
--a exit,always -F path=/home/d5000/fujian/bin/midbrow -S all
--a exit,always -F path=/home/d5000/fujian/bin/middata -S all
--a exit,always -F path=/home/d5000/fujian/bin/evt_sender -S all
--a exit,always -F path=/home/d5000/fujian/bin/evt_recv   -S all
--a exit,always -F path=/home/d5000/fujian/bin/hissam     -S all
--a exit,always -F path=/home/d5000/fujian/bin/hissec   -S all
--a exit,always -F path=/home/d5000/fujian/bin/midhs   -S all
--a exit,always -F path=/home/d5000/fujian/bin/sca_pdrrep -S all
--a exit,always -F path=/home/d5000/fujian/bin/sca_pdrrec  -S all
--a exit,always -F path=/home/d5000/fujian/bin/fes_ser  -S all
- 
-
-##
-#-w /database/ -p wa -k DAT_database
-
-
-
-##
--w /etc/passwd -p wa -k CFG_passwd
--w /etc/group -p wa -k CFG_group
--w /etc/shadow -p wa -k CFG_shadow
-
-
-##
--a entry,always -F arch=b32 -S setxattr -S lsetxattr -S removexattr -S lremovexattr
--a entry,always -F arch=b64 -S setxattr -S lsetxattr -S removexattr -S lremovexattr
-
-
-##
--w /etc/cron.allow -p wa -k CFG_cron.allow
--w /etc/cron.deny -p wa -k CFG_cron.deny
--w /etc/cron.d/ -p wa -k CFG_cron.d
--w /etc/cron.daily/ -p wa -k CFG_cron.daily
--w /etc/cron.hourly/ -p wa -k CFG_cron.hourly
--w /etc/cron.monthly/ -p wa -k CFG_cron.monthly
--w /etc/cron.weekly/ -p wa -k CFG_cron.weekly
--w /etc/crontab -p wa -k CFG_crontab
--w /var/spool/cron/crontabs/root -k CFG_crontab_root
--w /var/spool/cron/crontabs/d5000 -p wa -k CFG_crontab_root
-#trace kill
-#-a entry,always -F arch=b32 -F a1>0 -S kill
-#-a entry,always -F arch=b64 -F a1>0 -S kill
diff --git a/install_shell/audit.rules.d5000 b/install_shell/audit.rules.d5000
deleted file mode 100644
index d76e32c..0000000
--- a/install_shell/audit.rules.d5000
+++ /dev/null
@@ -1,103 +0,0 @@
-##
--D
-
-
-##
--b 32768
-
-
-##
--f 1
-
-
-##
--w /var/log/audit/ -k LOG_audit
--w /etc/audit/ -p wa -k CFG_audit
--w /etc/sysconfig/auditd -p wa -k CFG_auditd.conf
--w /etc/libaudit.conf -p wa -k CFG_libaudit.conf
--w /etc/audisp/ -p wa -k CFG_audisp
-
-
-
-##
--w /home/d5000/fujian/bin/ -p wa -k BIN_d5000
--w /home/d5000/fujian/conf/ -p wa -k CFG_d5000
--w /home/d5000/fujian/.cshrc -p wa -k CFG_cshrc
--w /etc/hosts -p wa -k CFG_hosts
--w /etc/services -p wa -k CFG_services
--w /etc/sysctl.conf -p wa -k CFG_sysctl.conf
--w /etc/syslog.conf -p wa -k CFG_syslog.conf
--w /etc/security/limits.conf -p wa -k CFG_limits.conf
-
-
-##
--a exit,always -F path= PATH=/home/d5000/fujian/bin/sca_analog -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_point -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_cal -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_op -S  all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_manage -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sca_topo -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_handle -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_com  -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_mgr -S all 
--a exit,always -F path=/home/d5000/fujian/bin/fes_gps -S all 
--a exit,always -F path=/home/d5000/fujian/bin/rtdb_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/rtdb_modify -S all 
--a exit,always -F path=/home/d5000/fujian/bin/case_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/download_daemon -S all 
--a exit,always -F path=/home/d5000/fujian/bin/download_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/db_modify_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sql_sp_server -S all 
--a exit,always -F path=/home/d5000/fujian/bin/db_commit -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_nicmonitor -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_procm -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_procm_mon -S all 
--a exit,always -F path=/home/d5000/fujian/bin/msg_bus -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_servicemanage -S all 
--a exit,always -F path=/home/d5000/fujian/bin/sys_trans_alarm -S all 
--a exit,always -F path=/home/d5000/fujian/bin/remote_exed -S all
--a exit,always -F path=/home/d5000/fujian/bin/locator  -S all
--a exit,always -F path=/home/d5000/fujian/bin/proxy  -S all
--a exit,always -F path=/home/d5000/fujian/bin/midmmi -S all
--a exit,always -F path=/home/d5000/fujian/bin/midbrow -S all
--a exit,always -F path=/home/d5000/fujian/bin/middata -S all
--a exit,always -F path=/home/d5000/fujian/bin/evt_sender -S all
--a exit,always -F path=/home/d5000/fujian/bin/evt_recv   -S all
--a exit,always -F path=/home/d5000/fujian/bin/hissam     -S all
--a exit,always -F path=/home/d5000/fujian/bin/hissec   -S all
--a exit,always -F path=/home/d5000/fujian/bin/midhs   -S all
--a exit,always -F path=/home/d5000/fujian/bin/sca_pdrrep -S all
--a exit,always -F path=/home/d5000/fujian/bin/sca_pdrrec  -S all
--a exit,always -F path=/home/d5000/fujian/bin/fes_ser  -S all
- 
-
-##
-#-w /database/ -p wa -k DAT_database
-
-
-
-##
--w /etc/passwd -p wa -k CFG_passwd
--w /etc/group -p wa -k CFG_group
--w /etc/shadow -p wa -k CFG_shadow
-
-
-##
--a entry,always -F arch=b32 -S setxattr -S lsetxattr -S removexattr -S lremovexattr
--a entry,always -F arch=b64 -S setxattr -S lsetxattr -S removexattr -S lremovexattr
-
-
-##
--w /etc/cron.allow -p wa -k CFG_cron.allow
--w /etc/cron.deny -p wa -k CFG_cron.deny
--w /etc/cron.d/ -p wa -k CFG_cron.d
--w /etc/cron.daily/ -p wa -k CFG_cron.daily
--w /etc/cron.hourly/ -p wa -k CFG_cron.hourly
--w /etc/cron.monthly/ -p wa -k CFG_cron.monthly
--w /etc/cron.weekly/ -p wa -k CFG_cron.weekly
--w /etc/crontab -p wa -k CFG_crontab
--w /var/spool/cron/crontabs/root -k CFG_crontab_root
--w /var/spool/cron/crontabs/d5000 -p wa -k CFG_crontab_root
-#trace kill
-#-a entry,always -F arch=b32 -F a1>0 -S kill
-#-a entry,always -F arch=b64 -F a1>0 -S kill
diff --git a/install_shell/audit_patch.sh b/install_shell/audit_patch.sh
deleted file mode 100755
index 6852272..0000000
--- a/install_shell/audit_patch.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/bin/sh
-
-. ./check_function.sh
-
-AUDIT_CONFIG=/etc/audit/audit.rules
-
-check_config $AUDIT_CONFIG '^-f'  1 
-if [ $rtn -eq 1 ]; then
-	sed -i '/-f/s@[0-9]@1@' $AUDIT_CONFIG
-elif [ $rtn -eq 2 ]; then
-	line=$(grep -n ^-b  $AUDIT_CONFIG | cut -d: -f1)
-	num=`expr ${line} + 2`
-	sed -i "${num}a\-f 1" /etc/audit/audit.rules
-fi
-DATE=$(date +%Y%m%d)
-sed -i.bak_$DATE '/kill/d'  $AUDIT_CONFIG
-echo "#trace kill">> $AUDIT_CONFIG
-echo "#-a entry,always -F arch=b32 -F a1>0 -S kill">> $AUDIT_CONFIG
-echo "#-a entry,always -F arch=b64 -F a1>0 -S kill">> $AUDIT_CONFIG
-USER_NAME=$1
-USER_HOME=$2
-#if [ -z $1 ];then
-#	UNIT_NAME=guodiao
-#else
-#	UNIT_NAME=$1
-#fi
-# copy new script 
-cp auditd.conf  /etc/audit
-cp audit.rules  /etc/audit/audit.rules.${USER_NAME}
-#sed -i "s#fujian#${UNIT_NAME}#g" /etc/audit/audit.rules.${USER_NAME}
-sed -i "s#/home/d5000/fujian#${USER_HOME}#g" /etc/audit/audit.rules.${USER_NAME}
diff --git a/install_shell/auditd.conf b/install_shell/auditd.conf
deleted file mode 100644
index 594bd43..0000000
--- a/install_shell/auditd.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# This file controls the configuration of the audit daemon
-#
-
-log_file = /var/log/audit/audit.log
-log_format = RAW
-log_group = root
-priority_boost = 4
-flush = INCREMENTAL
-freq = 20
-num_logs = 16
-disp_qos = lossy
-dispatcher = /sbin/audispd
-name_format = NONE
-##name = mydomain
-max_log_file = 300 
-max_log_file_action = ROTATE
-space_left = 75
-space_left_action = SYSLOG
-action_mail_acct = audadmin
-admin_space_left = 50
-admin_space_left_action = SUSPEND
-disk_full_action = SUSPEND
-disk_error_action = SUSPEND
-
diff --git a/setup.sh b/setup.sh
index b18e57f..8cd2039 100755
--- a/setup.sh
+++ b/setup.sh
@@ -25,10 +25,6 @@ echo "====Set ssh...."
 ./ntpd_cron_patch.sh
 echo "====Set ntp client..."
 
-
-./audit_patch.sh $1 $2 $3
-echo "====Set audit.rules ..."
-
 ./set_fonts.sh
 echo "====add fonts===="