#!/bin/bash

##############################################################################

# File Name    :    Linux system config

# description   :   This script is used to set linux system

# Author         :   simon

# Mail             :   24731701@qq.com

##############################################################################

. /etc/init.d/functions

IP=`/sbin/ifconfig|awk -F '[ :]+' 'NR==2{print $4}'`

# Defined result function

function Msg(){

        if [ $? -eq 0 ];then

             action "$1" /bin/true

        else

             action "$1" /bin/false

        fi

}

# Defined Close selinux Functions

function selinux(){

        [ if "/etc/selinux/config"  ] && {

            sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config

              setenforce 0

              Msg "Close selinux"

        }

}

# Defined add Ordinary users Functions

function AddUser(){

        id simon &>/dev/null

        if [ $? -ne 0 ];then

        useradd simon &>/dev/null

        echo "123456"|passwd --stdin simon &>/dev/null &&\

       sed -ir '98a simon    ALL=(ALL)    NOPASSWD:ALL' /etc/sudoers &&\

        visudo -c &>/dev/null

        Msg "AddUser simon"

        else

             echo "simon user is exist."

        fi

}

# Defined Hide the system version number Functions

function HideVersion(){

        [ -f "/etc/issue" ] && >/etc/issue

        [ -f "/etc/issue.net"] && > /etc/issue.net

        Msg "Hide sys info."

}

# Defined sshd config Functions

function sshd(){

    sshd_file=/etc/ssh/sshd_config

    if [ `grep "52113" $sshd_file|wc -l` -eq 0 ];then

    sed -ir "13 iPort 52113\nPermitRootLogin no\nPermitEmptyPasswords no\nUseDNS no\nGSSAPIAuthentication no" $sshd_file

    sed -i 's@#ListenAddress 0.0.0.0@ListenAddress '${IP}':52113@g' $sshd_file

    /etc/init.d/sshd restart > /dev/null 2>&1

    Msg "sshd config"

    fi

}

# Defined OPEN FILES Functions

function openfiles(){

        if [ `grep "nofile 65535" /etc/security/limits.conf|wc -l` -eq 0 ];then

             echo '*  -  nofile  65535' >> /etc/security/limits.conf

             ulimit -SHn 65535

             Msg "open files"

        fi

}

function hosts(){

        if [ ! -f /server/scripts/hosts ];then

           echo "/server/scripts/hosts is not exist,please solve this question"

            sleep 300

            exit 1

        fi

        /bin/cp /server/scripts/hosts  /etc/hosts

}

# Defined System Startup Services Functions

function boot(){

        export LANG=en

        for simon in `chkconfig --list|grep "3:on"|awk '{print $1}'|egrep -v "crond|network|rsyslog|sshd|sysstat"`

            do

               chkconfig $simon off

          done

          Msg "BOOT config"

}

# Deined Time Synchronization Functions

function Time(){

        grep "time.nist.gov" /var/spool/cron/root > /dev/null 2>&1

        if [ $? -ne 0 ];then

        echo "#time sync by simon at $(date +%F)" >>/var/spool/cron/root

        echo "*/5 * * * * /usr/sbin/ntpdate time.nist.gov &>/dev/null" >>/var/spool/cron/root

        fi

        Msg "Time Synchronization"

}

# Defined Kernel parameters Functions

function Kernel(){

    /bin/cp /etc/sysctl.conf  /etc/sysctl.conf.$RANDOM

    /bin/cp /server/scripts/sysctl.conf /etc/

    Msg "kernel"

}

function iptables(){

    /etc/init.d/iptables stop

    /etc/init.d/iptables stop

    Msg "iptables"

}

function hostname(){

    ip=`/sbin/ifconfig eth1|awk -F "[: ]+" 'NR==2 {print $4}'`

    name=`grep -w "$ip" /etc/hosts |awk '{print $2}'`

    sed -i 's/HOSTNAME=*/HOSTNAME='"$name"'/g' /etc/sysconfig/network

    /bin/hostname  $name

    Msg "hostname"

}

# Defined main Functions

function main(){

        AddUser

        HideVersion

        sshd

        openfiles

        hosts

        boot

        Time

        Kernel

        iptables

        hostname

}

main