this is what I have in there now, I've yet to test it (have to set up an FTP
or http server still) .... I've left the ## stuff out yet, but want to do
something like this, to semi-automate the workstation's RHN connection; if I
do an "up2date --register" from the %post script, will it wait for that to
finish before continuing (as I am expecting) or will that crash the script
(will it time out or something?) I'd like each machine to do an update post
install.
%post
rpm --import /usr/share/rhn/RPM-GPG-KEY
## echo "Registering computer with RedHat up2date...please complete all
fields."
## up2date --register
## echo "Done."
## echo "Updating package lists and kernel and kernel source:"
## up2date -p -nox
## up2date -d -i kernel
## up2date -d -i kernel-source
## echo "Done."
echo "Turning off NFS, LPD and Sendmail in Runlevels 2,3,4,5:"
chkconfig --level 2345 nfs off
chkconfig --level 2345 lpd off
chkconfig --level 2345 sendmail off
echo "Done."
echo "Setting up iptables rules:"
/sbin/iptables -I INPUT -p icmp --icmp-type echo-request -j DROP
/sbin/iptables -I INPUT -s 0/0 -p udp --dport 33435:33525 -j DROP
/sbin/iptables -I INPUT -p tcp --dport x11 -j DROP
/sbin/iptables-save > /etc/sysconfig/iptables
/sbin/iptables-save > /etc/sysconfig/iptables.rules
cd /etc/rc.d/
echo "iptables-restore < /etc/sysconfig/iptables.rules" >> ./rc.local
echo "Done."
exit
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
