39d88f389f
deleted: install_shell/cgroup-d5000-install/42-2014-01-15-062120/README deleted: install_shell/cgroup-d5000-install/42-2014-01-15-062120/install.sh modified: install_shell/cgroup-d5000-install/install.sh modified: install_shell/create_users.sh modified: install_shell/ntpd_cron_patch.sh modified: install_shell/other.sh modified: install_shell/set_network.sh modified: install_shell/set_ssh.sh modified: setup.sh Signed-off-by: Qin Bo <bqin@linx-info.com>
34 lines
937 B
Bash
Executable File
34 lines
937 B
Bash
Executable File
#!/bin/sh
|
|
|
|
. ./check_function.sh
|
|
|
|
AUDIT_CONFIG=/etc/audit/audit.rules
|
|
|
|
check_config $AUDIT_CONFIG '^-f' 1
|
|
if [ $rtn -eq 1 ]; then
|
|
sed -i '/-f/s@[0-9]@1@' $AUDIT_CONFIG
|
|
elif [ $rtn -eq 2 ]; then
|
|
line=$(grep -n ^-b $AUDIT_CONFIG | cut -d: -f1)
|
|
num=`expr ${line} + 2`
|
|
sed -i "${num}a\-f 1" /etc/audit/audit.rules
|
|
fi
|
|
DATE=$(date +%Y%m%d)
|
|
sed -i.bak_$DATE '/kill/d' $AUDIT_CONFIG
|
|
echo "#trace kill">> $AUDIT_CONFIG
|
|
echo "#-a entry,always -F arch=b32 -F a1>0 -S kill">> $AUDIT_CONFIG
|
|
echo "#-a entry,always -F arch=b64 -F a1>0 -S kill">> $AUDIT_CONFIG
|
|
USER_NAME=$1
|
|
USER_HOME=$2
|
|
#if [ -z $1 ];then
|
|
# UNIT_NAME=guodiao
|
|
#else
|
|
# UNIT_NAME=$1
|
|
#fi
|
|
# copy new script
|
|
cp auditd.conf /etc/audit
|
|
cp audit.rules /etc/audit/audit.rules.${USER_NAME}
|
|
#sed -i "s#fujian#${UNIT_NAME}#g" /etc/audit/audit.rules.${USER_NAME}
|
|
sed -i "s#/home/d5000/fujian#${USER_HOME}#g" /etc/audit/audit.rules.${USER_NAME}
|
|
# restart deamon
|
|
/etc/init.d/auditd restart
|