A global startup script for all machines. Has two main functions:
sets up the main printer and makes sure it is always set up.
takes off SUID and GUID bits on binaries that don't need them set.
#!/bin/bash # # /usr/local/startup-script # # made for the 12 lab machines in Dunn Hall 3rd floor lab # # Eric Thern, Jan 19, 2002 # accompanied by ks.cfg also made for the lab installs # # August 2002 - Update for some extra 7.3 binaries # July 2003 - Update to include RedHat 9 binaries # # # import the settings.xml file for printing # /usr/sbin/printconf-tui --Ximport < /usr/local/dunn358printer.xml cd / # # take off some GUID's # chmod -R g-s /var/mailman/ chmod g-s /var/log/mailman chmod g-s /var/spool/mailman chmod g-s /var/spool/mailman/qfiles chmod g-s /var/spool/slrnpull/out.going chmod g-s /var/ftp/pub chmod g-s /usr/bin/wall chmod g-s /usr/bin/write chmod g-s /usr/bin/kdesud chmod g-s /usr/bin/slrnpull chmod g-s /usr/bin/cu chmod g-s /usr/bin/uuname chmod g-s /usr/sbin/utempter chmod g-s /usr/sbin/uucico chmod g-s /usr/sbin/uuxqt chmod g-s /sbin/netreport chmod g-s /usr/bin/lockfile chmod g-s /usr/sbin/sendmail.sendmail chmod g-s /usr/sbin/postdrop chmod g-s /usr/sbin/postqueue # # take off some SUID's # chmod u-s /usr/bin/suidperl chmod u-s /usr/bin/sperl5.6.1 chmod u-s /usr/bin/chage chmod u-s /usr/bin/gpasswd chmod u-s /usr/bin/at chmod u-s /usr/bin/passwd chmod u-s /usr/bin/kon chmod u-s /usr/bin/newvc chmod u-s /usr/bin/chfn chmod u-s /usr/bin/chsh chmod u-s /usr/bin/newgrp chmod u-s /usr/bin/crontab chmod u-s /usr/bin/lppasswd chmod u-s /usr/bin/kcheckpass chmod u-s /usr/bin/ssh chmod u-s /usr/bin/rcp chmod u-s /usr/bin/rlogin chmod u-s /usr/bin/rsh chmod u-s /usr/bin/inndstart chmod u-s /usr/bin/rnews chmod u-s /usr/bin/startinnfeed chmod u-s /usr/bin/sudo chmod u-s /usr/bin/nwsfind chmod u-s /usr/bin/uucp chmod u-s /usr/bin/cu chmod u-s /usr/bin/uuname chmod u-s /usr/bin/uustat chmod u-s /usr/bin/uux # # if vmware is installed, you want these to be +s # #chmod u-s /usr/bin/vmware #chmod u-s /usr/bin/vmware-ping chmod u-s /usr/lib/mc/bin/cons.saver chmod u-s /usr/lib/mc/cons.saver chmod u-s /usr/lib/amanda/calcsize chmod u-s /usr/lib/amanda/killpgrp chmod u-s /usr/lib/amanda/rundump chmod u-s /usr/lib/amanda/runtar chmod u-s /usr/lib/amanda/dumper chmod u-s /usr/lib/amanda/planner chmod u-s /usr/sbin/ping6 chmod u-s /usr/sbin/traceroute6 chmod u-s /usr/sbin/usernetctl chmod u-s /usr/sbin/userhelper chmod u-s /usr/sbin/traceroute chmod u-s /usr/sbin/suexec chmod u-s /usr/sbin/amcheck chmod u-s /usr/sbin/uucico chmod u-s /usr/sbin/uuxqt # # need X ;) # #chmod u-s /usr/X11R6/bin/XFree86 chmod u-s /bin/ping # # you want to mount/unmount things # #chmod u-s /bin/mount #chmod u-s /bin/umount # # here's one that i've thought about a lot... # do you really need su when you can: # 1) log in remotely with SSH # 2) log in locally as root # # I don't really think so, but, uh, whatever. # #chmod u-s /bin/su chmod u-s /sbin/pwdb_chkpwd chmod u-s /sbin/unix_chkpwd chmod u-s /sbin/cardctl chmod u-s /usr/bin/ncplogin chmod u-s /usr/bin/ncpmap chmod u-s /usr/bin/desktop-create-kmenu chmod u-s /usr/lib/news/bin/inndstart chmod u-s /usr/lib/news/bin/startinnfeed chmod u-s /usr/lib/mgetty+sendfax/faxq-helper chmod u-s /usr/libexec/openssh/ssh-keysign chmod u-s /usr/sbin/userisdnctl