Tips-Of-Mine/Hardening-Linux-Debian-Ubuntu
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Hardening-Linux-Debian-Ubuntu/test/modules/custom_prompt.sh

191 lines
5.9 KiB
Bash
Raw Blame History

#!/bin/bash
# =============================================================================
# Custom prompt configuration module
# =============================================================================
# Set script directory
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
# Source common functions and variables
source "./common.sh"
# Function to configure custom banner
configure_custom_banner() {
log_message "INFO" "Configuring custom banner"
# Create custom banner file
local banner_file="/etc/banner"
log_message "INFO" "Creating custom banner file"
cat > "$banner_file" << 'EOF'
_______ _ ____ __ __ __ _
|__ __(_) / __ \ / _| | \/ (_)
| | _ _ __ ___ ___| | | | |_ ___| \ / |_ _ __ ___
| | | | '_ \/ __|___| | | | _|___| |\/| | | '_ \ / _ \
| | | | |_) \__ \ | |__| | | | | | | | | | | __/
|_| |_| .__/|___/ \____/|_| |_| |_|_|_| |_|\___|
| |
|_|
AVERTISSEMENT : L'accès à ce système est réservé aux utilisateurs
dûment autorisés.
Toute tentative d'accès, d'accès à ce système sans autorisation ou
de maintien frauduleux dans ce système fera l'objet de poursuites
conformément à la politique de Tips-Of-Mine.
Tout utilisateur autorisé est informé et reconnaît que ses actions
peuvent être enregistrées, conservées et auditées conformément aux
chartes/politiques internes de aux chartes/politiques internes de
Tips-Of-Mine.
EOF
chmod +x "$banner_file"
local file="/etc/ssh/sshd_config"
local line=`grep -n "#Banner none" $file | cut -d ":" -f 1`
#echo $line
# Vérification de la présence de la ligne AuthorizedKeysFile
if [ -z "$line" ]; then
echo "#Banner none" | tee -a $file
else
sed -i ''$line'c\Banner /etc/banner' $file > /dev/null || handle_error "Échec de "
fi
#
line=`grep -n "#Banner none" $file | cut -d ":" -f 1` || handle_error "Échec de "
log_message "SUCCESS" "Custom banner file created at $banner_file"
# Source the prompt file to apply immediately
source "$banner_file"
}
# Function to configure custom profile
configure_custom_profile() {
log_message "INFO" "Configuring custom profile"
# Create custom profile file
local profile_file="/etc/profile.d/custom-profile.sh"
log_message "INFO" "Creating custom profile file"
cat > "$profile_file" << 'EOF'
#!/bin/bash
# Custom secure server profile
# Generated by security hardening script
# Set some useful aliases
alias ll='ls -la'
alias l='ls -l'
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
alias grep='grep --color=auto'
alias ls='ls --color=auto'
EOF
chmod +x "$profile_file"
log_message "SUCCESS" "Custom profile file created at $profile_file"
# Source the profile file to apply immediately
source "$profile_file"
}
# Function to configure custom prompt
configure_custom_prompt() {
log_message "INFO" "Configuring custom prompt"
# Create custom prompt file
local prompt_file="/etc/update-motd.d/00-basic"
log_message "INFO" "Creating custom prompt file"
cat > "$prompt_file" << 'EOF'
#!/bin/bash
# get load averages
IFS=" " read LOAD1 LOAD5 LOAD15 <<<$(awk '{ print $1,$2,$3 }' /proc/loadavg)
# get free memory
IFS=" " read USED AVAIL TOTAL <<<$(free -htm | awk '/Mem/ { print $3,$7,$2 }')
# get processes
PROCESS=$(ps -eo user=|sort|uniq -c | awk '{ print $2 " " $1 }')
PROCESS_ALL=$(echo "$PROCESS"| awk {'print $2'} | awk '{ SUM += $1} END { print SUM }')
PROCESS_ROOT=$(echo "$PROCESS" | awk '/root/ { print $2}')
PROCESS_USER=$(echo "$PROCESS" | awk '!/root/ { SUM += $2} END { print SUM }')
# get processors
PROCESSOR_NAME=$(awk -F": " '/model name/ { print $2 }' /proc/cpuinfo | head -1)
PROCESSOR_COUNT=$(grep -ioPc 'processor\t:' /proc/cpuinfo)
# colors
WHITE="\e[0;39m"
GREEN="\e[1;32m"
RED="\e[1;31m"
dim="\e[2m"
undim="\e[0m"
echo -e "${W}System info:
$WHITE Hostname$dim····$undim: $WHITE${HOSTNAME}
$WHITE Distro$dim······$undim: $WHITE$(grep "PRETTY_NAME" /etc/*release | cut -d "=" -f 2- | sed 's/"//g')
$WHITE Kernel$dim······$undim: $WHITE$(uname -sr)
$WHITE Uptime$dim······$undim: $WHITE$(uptime -p)
$WHITE Load$dim········$undim: $GREEN$LOAD1$WHITE (1m), $GREEN$LOAD5$WHITE (5m), $GREEN$LOAD15$WHITE (15m)
$WHITE Processes$dim···$undim: $GREEN$PROCESS_ROOT$WHITE (root), $GREEN$PROCESS_USER$WHITE (user), $GREEN$PROCESS_ALL$WHITE (total)
$WHITE CPU$dim·········$undim: $WHITE$PROCESSOR_NAME ($GREEN$PROCESSOR_COUNT$WHITE vCPU)
$WHITE Memory$dim······$undim: $GREEN$USED$WHITE used, $GREEN$AVAIL$WHITE avail, $GREEN$TOTAL$WHITE total"
# config
max_usage=90
bar_width=50
# disk usage: ignore zfs, squashfs & tmpfs
printf "\nDisk usage:\n"
while read line; do
# get disk usage
usage=$(echo "$line" | awk '{print $2}' | sed 's/%//')
used_width=$((($usage*$bar_width)/100))
# color is green if usage < max_usage, else red
if [ "${usage}" -ge "${max_usage}" ]; then
color=$RED
else
color=$GREEN
fi
# print green/red bar until used_width
bar="[${color}"
for ((i=0; i<$used_width; i++)); do
bar+="="
done
# print dimmmed bar until end
bar+="${W}${dim}"
for ((i=$used_width; i<$bar_width; i++)); do
bar+="·"
done
bar+="${undim}]"
# print usage line & bar
echo "${line}" | awk '{ printf("%-31s%+3s used out of %+4s\n", $1, $2, $3); }' | sed -e 's/^/ /'
echo -e "${bar}" | sed -e 's/^/ /'
done < <(df -H -x zfs -x squashfs -x tmpfs -x devtmpfs -x overlay -x nfs -x nfs4 -x cifs --output=target,pcent,size | tail -n+2)
printf "\n"
EOF
chmod +x "$prompt_file"
log_message "SUCCESS" "Custom prompt file created at $prompt_file"
# Source the prompt file to apply immediately
source "$prompt_file"
}
# Main execution for custom prompt
configure_custom_banner
configure_custom_profile
configure_custom_prompt
log_message "SUCCESS" "Custom prompt configuration completed"
Reference in New Issue View Git Blame Copy Permalink