From 0d130bc7b728478363a8b3ce772b0f4a9675eeec Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Thu, 29 Mar 2018 14:51:49 +0200 Subject: [PATCH] Implementing disable_root_login_pw() and install_clamav() in bin/postinst --- bin/postinst | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 57 insertions(+), 1 deletion(-) diff --git a/bin/postinst b/bin/postinst index 92c2815..8e074db 100644 --- a/bin/postinst +++ b/bin/postinst @@ -272,7 +272,7 @@ tweak_grub() { grub2-editenv list echo "Removing quiet from '${grub_cfg}' ..." - sed --in-place=".bak.$( date -r ${grub_cfg} +'%Y-%m-%d_%H:%M:%S' )" -e 's/^\(GRUB_CMDLINE_LINUX=.*\)[ ]quiet\(.*\)/\1\2/' "${grub_cfg}" + sed --in-place -e 's/^\(GRUB_CMDLINE_LINUX=.*\)[ ]quiet\(.*\)/\1\2/' "${grub_cfg}" echo "Recreating /boot/grub2/grub.cfg ..." grub2-mkconfig -o /boot/grub2/grub.cfg @@ -406,9 +406,20 @@ misc_packages() { } +#----------------------------------------------------------- +remove_ipv6_localhost() { + + echo + log "Removing ::1 from /etc/hosts ..." + + sed -i -e '/^::1/ d' /etc/hosts + +} + #----------------------------------------------------------- create_motd() { + echo local url="${COBBLER_URL}/custom/pp-scripts/mk_create_motd.ksh" echo @@ -506,11 +517,21 @@ install_openvm_tools() { #----------------------------------------------------------- remove_uek_packages() { + echo + log "Switch kernel in /etc/sysconfig/kernel ..." + + sed -i -e 's/^\(DEFAULTKERNEL=\).*/\1kernel/i' /etc/sysconfig/kernel + echo log "Removing UEK packages ..." yum remove -y *-uek-* + echo + log "Removing firmware packages ..." + + rpm -qa | grep -- -firmware | xargs --no-run-if-empty yum remove -y + } #----------------------------------------------------------- @@ -628,6 +649,37 @@ set_root_pw() { } +#----------------------------------------------------------- +disable_root_login_pw() { + + echo + log "Disabling SSH access for root with password ..." + + perl -p -i -e 's/^\s*#?\s*PermitRootLogin\s.*/PermitRootLogin without-password/i' /etc/ssh/sshd_config + +} + +#----------------------------------------------------------- +install_clamav() { + + echo + log "Installing and configuring ClamAV ..." + + yum install -y clamav clamav-update + + echo "Tweaking /etc/freshclam.conf ..." + + sed -e '/^#*Example/ d' \ + -e 's/^[ ]*DatabaseMirror[ ].*/DatabaseMirror clamav.pixelpark.com/i' \ + -e 's/\(#PrivateMirror mirror2.mynetwork.com\)/\1\nPrivateMirror clamav.pixelpark.com/i' \ + -i /etc/freshclam.conf + + echo + log "Running freshclam ..." + freshclam --verbose + +} + #----------------------------------------------------------- main() { @@ -643,6 +695,7 @@ main() { install_pp_tcsh_env make_pp_dirs misc_packages + remove_ipv6_localhost create_motd install_legato_networker install_ntp @@ -650,8 +703,11 @@ main() { remove_uek_packages disable_floppy set_root_pw + disable_root_login_pw dist_upgrade + install_clamav install_puppet + remove_ipv6_localhost tweak_grub -- 2.39.5