1
cp /etc/selinux/config /etc/selinux/config.bak
sed -i 's/SELINUX=permissive/SELINUX=disabled/' /etc/selinux/config
2
service postfix stop
service ip6tables stop
service acpid stop
service autofs stop
service rhsmcertd stop
service rhnsd stop
/etc/init.d/bluetooth stop
chkconfig ip6tables off
chkconfig acpid off
chkconfig autofs off
chkconfig mdmonitor off
chkconfig rhnsd off
chkconfig rhsmcertd off
chkconfig bluetooth off
chkconfig postfix off
3
cp /etc/profile /etc/profile.bak
echo 'TMOUT=300' >> /etc/profile
echo 'readonly TMOUT' >> /etc/profile
8
useradd -u 1002 mauser
echo '!QAZ2wsx' |passwd --stdin mauser
4
cp /etc/pam.d/su /etc/pam.d/su.bak
sed -i 's/auth required pam_wheel.so use_uid/#auth required pam_wheel.so use_uid/' /etc/pam.d/su
5
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
sed -i '/^#PermitRootLogin/aPermitRootLogin no' /etc/ssh/sshd_config
cp /etc/login.defs /etc/login.defs.bak
vim /etc/login.defs
PASS_MAX_DAYS 90
PASS_MIN_DAYS 0
PASS_WARN_AGE 14
9
cp /etc/pam.d/login /etc/pam.d/login.bak
sed -i '/#%PAM/aauth required pam_tally2.so deny=5 unlock_time=300' /etc/pam.d/login
cp /etc/pam.d/sshd /etc/pam.d/sshd.bak
sed -i '/#%PAM/aauth required pam_tally2.so deny=5 unlock_time=300' /etc/pam.d/sshd