#!/bin/bash
##############################################################################
# File Name : Linux system config
# description : This script is used to set linux system
# Author : simon
# Mail : 24731701@qq.com
##############################################################################
. /etc/init.d/functions
IP=`/sbin/ifconfig|awk -F '[ :]+' 'NR==2{print $4}'`
# Defined result function
function Msg(){
if [ $? -eq 0 ];then
action "$1" /bin/true
else
action "$1" /bin/false
fi
}
# Defined Close selinux Functions
function selinux(){
[ if "/etc/selinux/config" ] && {
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
setenforce 0
Msg "Close selinux"
}
}
# Defined add Ordinary users Functions
function AddUser(){
id simon &>/dev/null
if [ $? -ne 0 ];then
useradd simon &>/dev/null
echo "123456"|passwd --stdin simon &>/dev/null &&
sed -ir '98a simon ALL=(ALL) NOPASSWD:ALL' /etc/sudoers &&
visudo -c &>/dev/null
Msg "AddUser simon"
else
echo "simon user is exist."
fi
}
# Defined Hide the system version number Functions
function HideVersion(){
[ -f "/etc/issue" ] && >/etc/issue
[ -f "/etc/issue.net"] && > /etc/issue.net
Msg "Hide sys info."
}
# Defined sshd config Functions
function sshd(){
sshd_file=/etc/ssh/sshd_config
if [ `grep "52113" $sshd_file|wc -l` -eq 0 ];then
sed -ir "13 iPort 52113
PermitRootLogin no
PermitEmptyPasswords no
UseDNS no
GSSAPIAuthentication no" $sshd_file
sed -i 's@#ListenAddress 0.0.0.0@ListenAddress '${IP}':52113@g' $sshd_file
/etc/init.d/sshd restart > /dev/null 2>&1
Msg "sshd config"
fi
}
# Defined OPEN FILES Functions
function openfiles(){
if [ `grep "nofile 65535" /etc/security/limits.conf|wc -l` -eq 0 ];then
echo '* - nofile 65535' >> /etc/security/limits.conf
ulimit -SHn 65535
Msg "open files"
fi
}
function hosts(){
if [ ! -f /server/scripts/hosts ];then
echo "/server/scripts/hosts is not exist,please solve this question"
sleep 300
exit 1
fi
/bin/cp /server/scripts/hosts /etc/hosts
}
# Defined System Startup Services Functions
function boot(){
export LANG=en
for simon in `chkconfig --list|grep "3:on"|awk '{print $1}'|egrep -v "crond|network|rsyslog|sshd|sysstat"`
do
chkconfig $simon off
done
Msg "BOOT config"
}
# Deined Time Synchronization Functions
function Time(){
grep "time.nist.gov" /var/spool/cron/root > /dev/null 2>&1
if [ $? -ne 0 ];then
echo "#time sync by simon at $(date +%F)" >>/var/spool/cron/root
echo "*/5 * * * * /usr/sbin/ntpdate time.nist.gov &>/dev/null" >>/var/spool/cron/root
fi
Msg "Time Synchronization"
}
# Defined Kernel parameters Functions
function Kernel(){
/bin/cp /etc/sysctl.conf /etc/sysctl.conf.$RANDOM
/bin/cp /server/scripts/sysctl.conf /etc/
Msg "kernel"
}
function iptables(){
/etc/init.d/iptables stop
/etc/init.d/iptables stop
Msg "iptables"
}
function hostname(){
ip=`/sbin/ifconfig eth1|awk -F "[: ]+" 'NR==2 {print $4}'`
name=`grep -w "$ip" /etc/hosts |awk '{print $2}'`
sed -i 's/HOSTNAME=*/HOSTNAME='"$name"'/g' /etc/sysconfig/network
/bin/hostname $name
Msg "hostname"
}
# Defined main Functions
function main(){
AddUser
HideVersion
sshd
openfiles
hosts
boot
Time
Kernel
iptables
hostname
}
main