echo '#######克隆机清空文件#####' 1>>~/install.ok 2>>install.bug
echo '>/etc/udev/rules.d/70-persistent-net.rules' >>/etc/rc.local
tail -1 /etc/rc.local 1>>~/install.ok 2>>install.bug
echo '#######修改主机名#####' 1>>~/install.ok 2>>install.bug
hostname zhang
sed -i 's#HOSTNAME=.*#HOSTNAME=zhang#g' /etc/sysconfig/network
cat /etc/sysconfig/network 1>>~/install.ok 2>>install.bug
echo '#######关闭selinux#####' 1>>~/install.ok 2>>install.bug
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
grep SELINUX=disabled /etc/selinux/config 1>>~/install.ok 2>>install.bug
setenforce 0
getenforce 1>>~/install.ok 2>>install.bug
echo '#######关闭selinux#####' 1>>~/install.ok 2>>install.bug
iptables -F
iptables -L 1>>~/install.ok 2>>install.bug
/etc/init.d/iptables save
echo '#######新建用户sudo授权#####' 1>>~/install.ok 2>>install.bug
useradd zhang
id zhang 1>>~/install.ok 2>>install.bug
echo '123456'|passwd --stdin zhang
echo 'zhang ALL=(ALL) NOPASSWD: ALL' >>/etc/sudoers
visudo -c 1>>~/install.ok 2>>install.bug
echo '#######更改yum源安装常用软件#####' 1>>~/install.ok 2>>install.bug
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
ls /etc/yum.repos.d/CentOS-Base.repo.backup 1>>~/install.ok 2>>install.bug
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
yum install lrzsz tree sysstat -y
rpm -qa lrzsz tree nmap sysstat 1>>~/install.ok 2>>install.bug
echo '#######grep变色#####' 1>>~/install.ok 2>>install.bug
echo 'grep="grep --color=auto"' >>/etc/profile
. /etc/profile
grep 'grep="grep --color=auto"' /etc/profile 1>>~/install.ok 2>>install.bug
echo '#######定时更新时间#####' 1>>~/install.ok 2>>install.bug
echo '*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1' >>/var/spool/cron/root
crontab -l 1>>~/install.ok 2>>install.bug
echo '#######精简开机启动项#####' 1>>~/install.ok 2>>install.bug
for n in `chkconfig --list|grep "3:on"|awk '{print $1}'`; do chkconfig $n off; done
chkconfig --list|egrep 'crond|network|rsyslog|sshd|sysstat'|awk '{print "chkconfig "$1" on"}'|bash
chkconfig --list|grep "3:on" 1>>~/install.ok 2>>install.bug
echo '#######清理临时邮件队列#####' 1>>~/install.ok 2>>install.bug
mkdir /server/scripts -p
ls -l /server/scripts/ 1>>~/install.ok 2>>install.bug
echo '#bin bash \
find /var/spool/postfix/maildrop -type f|xargs rm -f' >/server/scripts/clean_mail.sh
cat /server/scripts/clean_mail.sh 1>>~/install.ok 2>>install.bug
echo '#clean /var/spool/postfix/maildrop \
00 00 * * * /bin/sh /server/scripts/clean_mail.sh' >>/var/spool/cron/root
crontab -l 1>>~/install.ok 2>>install.bug
cp /etc/ssh/sshd_config{,.f1.ori}
ls /etc/ssh/sshd_config.f1.ori 1>>~/install.ok 2>>install.bug
echo '#######ssh安全#####' 1>>~/install.ok 2>>install.bug
sed -ir '13 iPort 52113\nPermitRootLogin no\nPermitEmptyPasswords no\nUseDNS no\nGSSAPIAuthentication no' /etc/ssh/sshd_config
sed -n 13,17p /etc/ssh/sshd_config 1>>~/install.ok 2>>install.bug
echo '#######锁定重要文件#####' 1>>~/install.ok 2>>install.bug
chattr +i /etc/passwd
chattr +i /etc/inittab
chattr +i /etc/group
chattr +i /etc/shadow
chattr +i /etc/gshadow
lsattr +i /etc/passwd 1>>~/install.ok 2>>install.bug
lsattr +i /etc/inittab 1>>~/install.ok 2>>install.bug
lsattr +i /etc/group 1>>~/install.ok 2>>install.bug
lsattr +i /etc/shadow 1>>~/install.ok 2>>install.bug
lsattr +i /etc/gshadow 1>>~/install.ok 2>>install.bug
echo '#######清空内核系统名#####' 1>>~/install.ok 2>>install.bug
>/etc/issue
>/etc/redhat-release