#!/bin/bash
. /etc/init.d/functions
check_iptables(){
/etc/init.d/iptables status >/dev/null 2>&1
[ $? -ne 0 ] && action "Optimize iptables: " /bin/true || action "Optimize iptables: " /bin/false
}
check_selinux(){
selinux_status=`getenforce`
[ $selinux_status == 'Disabled' ] && action "Optimize selinux: " /bin/true || action "Optimize selinux: " /bin/false
}
check_addusers(){
egrep "admin|nginx|zabbix" /etc/passwd >>/dev/null 2>&1
[ $? -eq 0 ] && action "Add users: " /bin/true || action "Add users: " /bin/false
}
check_install(){
rpm -qa|egrep "gcc|gcc-c++|openssh-clients|wget|make|cmake|curl|finger|nmap|tcp_wrappers|expect|lrzsz|unzip|zip|xz|ntpdate|lsof|telnet|vim|tree" >/dev/null 2>&1
[ $? -eq 0 ] && action "Install softwares: " /bin/true || action "Install softwares: " /bin/false
}
check_repos(){
[ -d /etc/yum.repos.d/bak ] && action "Update repos: " /bin/true || action "Update repos: " /bin/false
}
check_time(){
date -R |grep +0800 >/dev/null 2>&1
[ $? -eq 0 ] && action "Setting timezone: " /bin/true || action "Setting timezone: " /bin/false
crond_num=`crontab -l|grep ntpdate|wc -l`
[ $crond_num -ge 1 ] && action "Sync time: " /bin/true || action "Sync time: " /bin/false
}
check_services(){
service_num=`chkconfig --list |grep 3:on|egrep "crond|network|rsyslog|sshd"|wc -l`
[ $service_num -eq 4 ] && action "Optimize services: " /bin/true || action "Optimize services: " /bin/false
}
check_history(){
[ $HISTSIZE -eq 10000 ] && action "Setting history: " /bin/true || action "Setting history: " /bin/false
}
check_kernel(){
conn_num=`ulimit -n`
[ $conn_num -eq 2097152 ] && action "Optimize kernel: " /bin/true || action "Optimize kernel: " /bin/false
}
check_hostname(){
[ $HOSTNAME != 'localhost.localdomain' ] && action "Change hostname: " /bin/true || action "Change hostname: " /bin/false
}
check_iptables
check_selinux
check_addusers
check_install
check_repos
check_time
check_services
check_history
check_kernel
check_hostname