Linux & Unix | 2005/01/27 23:13
#----------------------------------------------------------------------------------------
#!/bin/sh
# Title : Change Permission.
#
chmod 700 /usr/bin/finger
chmod 700 /usr/bin/ftp
chmod 700 /usr/bin/nslookup
chmod 700 /usr/bin/gcc
chmod 700 /usr/bin/suidperl
chmod 700 /usr/bin/whereis
chmod 700 /usr/bin/cc
chmod 700 /usr/bin/chage
chmod 700 /usr/bin/chfn
chmod 700 /usr/bin/sperl5.00503
chmod 700 /usr/bin/c++
chmod 700 /usr/bin/make
chmod 755 /usr/bin/man
chmod 700 /usr/bin/nslookup
chmod 700 /usr/bin/pstree
chmod 700 /usr/bin/rlog
chmod 700 /usr/bin/rlogin
chmod 700 /usr/bin/talk
chmod 700 /usr/bin/which
chmod 700 /usr/bin/who
chmod 700 /usr/bin/write
chmod 700 /usr/bin/wall
chmod 700 /usr/bin/w
chmod 700 /usr/sbin/usernetctl
chmod 700 /sbin/netreport
chmod 750 /sbin/ifconfig
chmod 700 /bin/mount
chmod 700 /bin/umonut
chmod 750 /bin/mail
chmod 750 /bin/ps
chmod 750 /bin/df
chmod 750 /bin/dmesg
chmod 700 /etc/fstab
chmod 700 /etc/exports
chmod 700 /etc/hosts
chmod 700 /etc/hosts.deny
chmod 700 /etc/hosts.allow
chmod -R 700 /etc/sysconfig/
chmod -R 700 /var/log/
chgrp wheel /sbin/ifconfig
chgrp wheel /bin/ps
chgrp wheel /bin/netstat
chgrp wheel /bin/dmesg
chgrp wheel /bin/df
chgrp wheel /usr/bin/w
chgrp wheel /usr/bin/who
chgrp wheel /usr/bin/finger
chgrp wheel /usr/bin/last
chgrp wheel /usr/bin/top
chattr +i /etc/mail/sendmail.cf or /etc/sendmail.cf
chattr +i /etc/mail/local-host-names
chattr +i /etc/mail/aliases or /etc/aliases
chattr +i /etc/mail/access
chattr +i /etc/services
chmod 4750 /sbin/dump
#----------------------------------------------------------------------------------------
userdel adm & userdel lp & userdel sync & userdel shutdown
userdel halt & userdel news & userdel uucp & userdel operator
userdel games & userdel gopher & userdel ftp
#----------------------------------------------------------------------------------------
groupdel adm ; groupdel lp ; groupdel news ; groupdel uucp
groupdel games ; groupdel games ; groupdel dip
groupdel pppusers ; groupdel slipusers
#----------------------------------------------------------------------------------------
#----------------------------------------------------------------------------------------
# Changing permission for Apache server main directories.
# Readjust setting
#----------------------------------------------------------------------------------------
ApacheDir=/usr/local/apache;
#----------------------------------------------------------------------------------------
chmod 755 ${ApacheDir}/bin; chown root.root ${ApacheDir}/bin;
chmod 755 ${ApacheDir}/conf; chown root.root ${ApacheDir}/conf;
chmod 755 ${ApacheDir}/logs; chown root.root ${ApacheDir}/logs;
chmod 751 ${ApacheDir}/cgi-bin; chown root.root ${ApacheDir}/cgi-bin;
chmod 511 ${ApacheDir}/bin/httpd; chown root.root ${ApacheDir}/bin/httpd;
chmod 640 ${ApacheDir}/bin/htpasswd; chown root.nobody ${ApacheDir}/bin/htpasswd;
chmod 640 ${ApacheDir}/conf/httpd.conf; chown root.nobody ${ApacheDir}/conf/httpd.conf;
#----------------------------------------------------------------------------------------
# Remove unnecesary pakages.
#----------------------------------------------------------------------------------------
# rpm -e --nodeps anacron apmd dhcpcd dosfstools eject hotplug ipchains ksymoops
#!/bin/sh
# Title : Change Permission.
#
chmod 700 /usr/bin/finger
chmod 700 /usr/bin/ftp
chmod 700 /usr/bin/nslookup
chmod 700 /usr/bin/gcc
chmod 700 /usr/bin/suidperl
chmod 700 /usr/bin/whereis
chmod 700 /usr/bin/cc
chmod 700 /usr/bin/chage
chmod 700 /usr/bin/chfn
chmod 700 /usr/bin/sperl5.00503
chmod 700 /usr/bin/c++
chmod 700 /usr/bin/make
chmod 755 /usr/bin/man
chmod 700 /usr/bin/nslookup
chmod 700 /usr/bin/pstree
chmod 700 /usr/bin/rlog
chmod 700 /usr/bin/rlogin
chmod 700 /usr/bin/talk
chmod 700 /usr/bin/which
chmod 700 /usr/bin/who
chmod 700 /usr/bin/write
chmod 700 /usr/bin/wall
chmod 700 /usr/bin/w
chmod 700 /usr/sbin/usernetctl
chmod 700 /sbin/netreport
chmod 750 /sbin/ifconfig
chmod 700 /bin/mount
chmod 700 /bin/umonut
chmod 750 /bin/mail
chmod 750 /bin/ps
chmod 750 /bin/df
chmod 750 /bin/dmesg
chmod 700 /etc/fstab
chmod 700 /etc/exports
chmod 700 /etc/hosts
chmod 700 /etc/hosts.deny
chmod 700 /etc/hosts.allow
chmod -R 700 /etc/sysconfig/
chmod -R 700 /var/log/
chgrp wheel /sbin/ifconfig
chgrp wheel /bin/ps
chgrp wheel /bin/netstat
chgrp wheel /bin/dmesg
chgrp wheel /bin/df
chgrp wheel /usr/bin/w
chgrp wheel /usr/bin/who
chgrp wheel /usr/bin/finger
chgrp wheel /usr/bin/last
chgrp wheel /usr/bin/top
chattr +i /etc/mail/sendmail.cf or /etc/sendmail.cf
chattr +i /etc/mail/local-host-names
chattr +i /etc/mail/aliases or /etc/aliases
chattr +i /etc/mail/access
chattr +i /etc/services
chmod 4750 /sbin/dump
#----------------------------------------------------------------------------------------
userdel adm & userdel lp & userdel sync & userdel shutdown
userdel halt & userdel news & userdel uucp & userdel operator
userdel games & userdel gopher & userdel ftp
#----------------------------------------------------------------------------------------
groupdel adm ; groupdel lp ; groupdel news ; groupdel uucp
groupdel games ; groupdel games ; groupdel dip
groupdel pppusers ; groupdel slipusers
#----------------------------------------------------------------------------------------
#----------------------------------------------------------------------------------------
# Changing permission for Apache server main directories.
# Readjust setting
#----------------------------------------------------------------------------------------
ApacheDir=/usr/local/apache;
#----------------------------------------------------------------------------------------
chmod 755 ${ApacheDir}/bin; chown root.root ${ApacheDir}/bin;
chmod 755 ${ApacheDir}/conf; chown root.root ${ApacheDir}/conf;
chmod 755 ${ApacheDir}/logs; chown root.root ${ApacheDir}/logs;
chmod 751 ${ApacheDir}/cgi-bin; chown root.root ${ApacheDir}/cgi-bin;
chmod 511 ${ApacheDir}/bin/httpd; chown root.root ${ApacheDir}/bin/httpd;
chmod 640 ${ApacheDir}/bin/htpasswd; chown root.nobody ${ApacheDir}/bin/htpasswd;
chmod 640 ${ApacheDir}/conf/httpd.conf; chown root.nobody ${ApacheDir}/conf/httpd.conf;
#----------------------------------------------------------------------------------------
# Remove unnecesary pakages.
#----------------------------------------------------------------------------------------
# rpm -e --nodeps anacron apmd dhcpcd dosfstools eject hotplug ipchains ksymoops
1차 출처 : phpschool 정찬호님
2차 출처 : 환건님 블로그
"Linux & Unix" 분류의 다른 글
| vmware를 이용하여 가상 linux 환경 구축시 가상 OS의 시간이 실제보다 더 ... (0) | 2008/07/30 |
| mysql의 root 패스워드를 분실했을 경우 (0) | 2006/03/19 |
| 특정 사용자 죽이기 (0) | 2006/02/17 |
| MySQL 4.0.x 에서 4.1.x 업그레이드시 euckr 과 utf8 포맷 변환 및 DB유지,... (0) | 2006/01/31 |
| MySQL error - Can't open file: "something.MYD" (errno : 145) (0) | 2005/12/26 |
Trackback Address : http://metalpen.net/blog/trackback/157
