#!/bin/sh #********************************************** # /etc/ld.so.conf #********************************************** #echo "/usr/X11R6/lib" > /etc/ld.so.conf #echo "/usr/i486-linux-libc5/lib" >> /etc/ld.so.conf #/sbin/ldconfig #********************************************** # /etc/syslog.conf #********************************************** cd /etc if [ "$(grep "auth.* /var/log/secure" /etc/syslog.conf)" = "" ] ; then csplit -f auth syslog.conf /"var/log/secure"/+1 echo "auth.* /var/log/secure" >> auth00 cat auth01 >> auth00 mv auth00 syslog.conf rm auth01 fi #********************************************** # /etc/sshd_config #********************************************** cd /etc if [ "$(grep "SyslogFacility AUTH" /etc/sshd_config)" = "" ] ; then csplit -f ssh sshd_config /"SyslogFacility DAEMON"/ csplit -f sshagain ssh01 2 echo "SyslogFacility AUTH" >> ssh00 cat sshagain01 >> ssh00 mv ssh00 sshd_config rm ssh01 sshagain01 sshagain00 fi #********************************************** # /etc/hosts.deny #********************************************** cd /etc mv hosts.deny hosts.deny.orig cp /etc/$WORKGROUP/configfiles/hosts.deny /etc/hosts.deny #********************************************** # /etc/hosts.allow #********************************************** cd /etc mv hosts.allow hosts.allow.orig cp /etc/$WORKGROUP/configfiles/hosts.allow /etc/hosts.allow #********************************************** # Configure autorpm not to install by default #********************************************** cd /etc/autorpm.d mv autorpm.conf autorpm.conf.orig cp /etc/$WORKGROUP/configfiles/autorpm.conf autorpm.conf cp /etc/$WORKGROUP/configfiles/autorpm.conf.autoinstall autorpm.conf.autoinstall rm /etc/cron.daily/autorpm.conf cp /etc/$WORKGROUP/configfiles/autorpm.cron /etc/cron.daily/autorpm.cron cd /etc #********************************************** # Configure PCP so that it doesn't fail on startup. # and put a script to run it daily #********************************************** /usr/sbin/install-pcp-config generic cp /etc/$WORKGROUP/configfiles/pmlogger.cron /etc/cron.daily/pmlogger.cron #********************************************** # Edit /etc/hosts to add the short name #********************************************** sed -e 's/[ ]\([a-z0-9-]*\)\.fnal\.gov$/& \1/' /etc/hosts > /etc/hosts.tmp mv /etc/hosts /etc.hosts.old mv /etc/hosts.tmp /etc/hosts #********************************************** # Misc. Stuff #********************************************** rm -f /usr/man/man1/rec.1 rm -f /usr/man/man8/rpc.rquotad.8.gz #********************************************** # Force full Duplex #********************************************** echo options eepro100 options=0x30 >> /etc/conf.modules #********************************************** # Set up NIS. #********************************************** mv /etc/yp.conf /etc/yp.conf.orig cp /etc/$WORKGROUP/configfiles/yp.conf /etc/yp.conf mv /etc/nsswitch.conf /etc/nsswitch.conf.orig cp /etc/$WORKGROUP/configfiles/nsswitch.conf /etc/nsswitch.conf /sbin/chkconfig --level 345 autofs on /sbin/chkconfig --level 345 ypbind on /sbin/chkconfig --level 345 portmap on echo 'NISDOMAIN=fsun01.fnal.gov' >> /etc/sysconfig/network #********************************************** # Restart autofs at the end to fix problem # with it not starting properly. #********************************************** mv /etc/rc.d/rc3.d/S60afs /etc/rc.d/rc3.d/S97afs #********************************************** # Set up .forward. #********************************************** echo scs-root@fnal.gov > /root/.forward #********************************************** # Restrict logons. #********************************************** if ! [ "`tail -1 /etc/passwd`" = "+::0:0:::/usr/lib/rsh" ] ; then cp /etc/passwd /etc/passwd.orig cat /etc/$WORKGROUP/configfiles/tail.passwd >> /etc/passwd fi #********************************************** # Set the Disk Partioning rpm to run after reboot #********************************************** mv /etc/rc.d/rc.local /etc/rc.d/rc.local.orig cp /etc/$WORKGROUP/configfiles/rc.local /etc/rc.d/rc.local #********************************************** # Configure the fstab Mounts #********************************************** mkdir /usr/scratch mkdir /usr/scratch/sect1 mkdir /usr/scratch/sect2 if [ "$(grep "fsun01:/export/local/Linux+2" /etc/fstab)" = "" ] ; then echo fsun01:/export/local/Linux+2 /usr/local nfs bg,soft,intr >> /etc/fstab fi #sed -e '/hdc1/s:/local/stage1:/usr/scratch/sect1:' /etc/fstab >/etc/fstab.tmp #sed -e '/hdd1/s:/local/stage2:/usr/scratch/sect2:' /etc/fstab.tmp >/etc/fstab.tmp2 #mv /etc/fstab /etc/fstab.orig #mv /etc/fstab.tmp2 /etc/fstab #rm /etc/fstab.tmp #if [ "$(grep "fsun01:/export/tripwire" /etc/fstab)" = "" ] ; then # echo fsun01:/export/tripwire /var/tripwire nfs bg,intr >> /etc/fstab #fi #********************************************** # Enable kerberized telnet, ftp and rsh #********************************************** cd /etc cp /etc/inetd.conf /etc/inetd.conf.orig sed -e '/krb5/s:#telnet:telnet:' /etc/inetd.conf > /etc/inetd.conf.tmp mv /etc/inetd.conf.tmp /etc/inetd.conf #sed -e '/krb5/s:#ftp:ftp:' /etc/inetd.conf > /etc/inetd.conf.tmp #mv /etc/inetd.conf.tmp /etc/inetd.conf sed -e '/krb5/s:#kshell:kshell:' /etc/inetd.conf > /etc/inetd.conf.tmp mv /etc/inetd.conf.tmp /etc/inetd.conf sed -e '/krb5/s:#klogin:klogin:' /etc/inetd.conf > /etc/inetd.conf.tmp mv /etc/inetd.conf.tmp /etc/inetd.conf sed -e '/krb5/s:#eklogin:eklogin:' /etc/inetd.conf > /etc/inetd.conf.tmp mv /etc/inetd.conf.tmp /etc/inetd.conf #********************************************** # Copy in the SCS root .k5login #********************************************** cp /etc/$WORKGROUP/configfiles/SCS.k5login /root/.k5login #********************************************** # Configure lsf. #********************************************** ln -s /afs/fnal.gov/products/UNIX/lsf/v3.2/i386_linux22/etc/lsf.conf /etc/lsf.conf cp /etc/FnaluBatch/configfiles/lsf /etc/rc.d/init.d/lsf cd /etc/rc.d/rc3.d ln -s ../init.d/lsf S98lsf mkdir /tmp/lsf.log cd /etc #********************************************** # Configure some cronjobs to clean tmp # and scratch #********************************************** echo '#' >> /var/spool/cron/root echo '# Prune scratch areas' >> /var/spool/cron/root echo '#' >> /var/spool/cron/root echo '0 0-23 * * * find /usr/scratch/sect1/ -type f \( -ctime +7 \) -exec rm -f {} \;' >> /var/spool/cron/root echo '0 0-23 * * * find /usr/scratch/sect2/ -type f \( -ctime +7 \) -exec rm -f {} \;' >> /var/spool/cron/root #********************************************** # Remove Programs from startup. #********************************************** rpm -e gpm rpm -e kernel-pcmcia-cs /sbin/chkconfig --del sendmail /sbin/chkconfig --del kudzu /sbin/chkconfig --del identd /sbin/chkconfig --del apmd /sbin/chkconfig --add nfslock #/sbin/chkconfig --level 345 autofs on #/sbin/chkconfig --level 345 portmap on /sbin/chkconfig --level 345 rstatd on /sbin/chkconfig --level 345 xntpd on