summaryrefslogtreecommitdiff
path: root/s4_vm.sh
blob: d9becfe65ffbc0fd95e640032b0ec71ec3edbb30 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
#!/bin/bash
# File: /root/s4_vm.sh
# Package: deployscripts
# Author: bgstack15
# Startdate: 2015
# Title: Template Script 4: General Settings
# Purpose: Do initial hard-coded configs
# History: 2016-05-19 given original headers
#    2016-10-26 fixed freebsd variables
# Usage: ./s4[tab][enter]
# Reference: Original vm.sh script by user1
# Improve:

eval flavor=$( grep -iE "^\s*ID=" /etc/os-release 2>/dev/null | sed 's/^.*=//;' )
if test -z "${flavor}"; then test "$( uname -s )" = "FreeBSD" && flavor=freebsd; fi

case "${flavor}" in
   centos|redhat)
      templatename=centos7alpha
      keyfile=/etc/pki/tls/private/localhost.key
      certfile=/etc/pki/tls/certs/localhost.crt
      ;;
   ubuntu|debian) 
      templatename=ubuntu16alpha
      keyfile=/etc/ssl/private/localhost.key
      certfile=/etc/ssl/certs/localhost.crt
      ;;
   freebsd)
      templatename=freebsd10alpha
      keyfile=/etc/ssl/localhost.key
      certfile=/etc/ssl/localhost.crt
      ;;
   *) echo "Assuming centos directory layout for certificates..."
      templatename=unspecified0alpha
      keyfile=/etc/pki/tls/private/localhost.key
      certfile=/etc/pki/tls/certs/localhost.crt
      ;;
esac

rm -rf /root/.viminfo
history -w
history -c

cat /dev/null >/root/.bash_history

printf "Regenerating the ssh key...\n"
rm -rf /root/.ssh/id_rsa*
ssh-keygen -qt rsa -f /root/.ssh/id_rsa -P ""

printf "Changing password for user \"root\"\n"
passwd

#ntpd update example-dc1.example.com
ntpd -gq 1>/dev/null 2>&1

chmod +x /etc/cron.daily/0*logwatch 2>/dev/null || {
   #probably freebsd
   /root/updateval.sh /etc/crontab "^#*.*\t.*\t\*\t\*.*root.*\/usr\/local\/sbin\/logwatch\.pl$" "15\t4\t\*\t\*\t\*\troot\t\/usr\/local\/sbin\/logwatch\.pl" --apply
}

# clears these files without removing pointer, to prevent corruption
[[ -f /var/log/dmesg ]] && /bin/cat /dev/null >/var/log/dmesg
[[ -f /var/log/lastlog ]] && /bin/cat /dev/null >/var/log/lastlog
[[ -f /var/log/messages ]] && /bin/cat /dev/null >/var/log/messages
[[ -f /var/log/secure ]] && /bin/cat /dev/null >/var/log/secure
[[ -f /var/log/wtmp ]] && /bin/cat /dev/null >/var/log/wtmp
[[ -f /var/log/yum.log ]] && /bin/cat /dev/null >/var/log/yum.log
[[ -f /var/log/grubby ]] && /bin/cat /dev/null >/var/log/grubby
[[ -f /var/log/maillog ]] && /bin/cat /dev/null >/var/log/maillog
[[ -f /var/log/mail.log ]] && /bin/cat /dev/null >/var/log/mail.log
[[ -f /var/log/boot.log ]] && /bin/cat /dev/null >/var/log/boot.log
[[ -f /var/log/auth.log ]] && /bin/cat /dev/null >/var/log/auth.log
[[ -f /var/log/syslog ]] && /bin/cat /dev/null >/var/log/syslog
[[ -f /var/log/dpkg.log ]] && /bin/cat /dev/null >/var/log/dpkg.log
[[ -f /var/log/kern.log ]] && /bin/cat /dev/null >/var/log/kern.log

# deletes extra files
/bin/rm -f /var/log/*-???????? /var/log/*.gz /var/log/dmesg.old 2>/dev/null
/bin/rm -rf /var/log/anaconda 2>/dev/null

# suppress extraneous "dm-0: WRITE SAME failed. Manually zeroing" error
# Reference: http://www.it3.be/2013/10/16/write-same-failed/
thispath=$( find /sys | grep max_write_same_blocks | head -n 1 )
[[ -n "${thispath}" ]] && cat <<EOF > /etc/tmpfiles.d/write_same.conf
# Type Path        Mode UID  GID  Age Argument
w ${thispath}  -   -   -   -  0
EOF

#printf "Making new certificate for this host. Press enter to begin...\n"
#read foo
#openssl req -x509 -nodes -days 1095 -newkey rsa:2048 -keyout /etc/pki/tls/private/localhost.key -out /etc/pki/tls/certs/localhost.crt
expect /root/.makecert.exp "$( hostname )" "${keyfile}" "${certfile}"

case "${flavor}" in
   ubuntu)
      grep -liIE "${templatename}" /etc/* 2>/dev/null | xargs -n1 sed -i -e "s/ubuntu16alpha/$( hostname -s )/g;"
      update-grub >/dev/null 2>&1
   ;;
   *) [ ]
   ;;
esac
bgstack15