| 1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- #!/bin/bash
- # Ensure /tmp exists and has the proper permissions before
- # checking for security updates
- # https://github.com/digitalocean/marketplace-partners/issues/94
- if [[ ! -d /tmp ]]; then
- mkdir /tmp
- fi
- chmod 1777 /tmp
- apt-get -y update
- apt-get -y upgrade
- rm -rf /tmp/* /var/tmp/*
- history -c
- cat /dev/null > /root/.bash_history
- unset HISTFILE
- apt-get -y autoremove
- apt-get -y autoclean
- find /var/log -mtime -1 -type f -exec truncate -s 0 {} \;
- rm -rf /var/log/*.gz /var/log/*.[0-9] /var/log/*-????????
- rm -rf /var/lib/cloud/instances/*
- rm -f /root/.ssh/authorized_keys /etc/ssh/*key*
- touch /etc/ssh/revoked_keys
- chmod 600 /etc/ssh/revoked_keys
- # Securely erase the unused portion of the filesystem
- GREEN='\033[0;32m'
- NC='\033[0m'
- printf "\n${GREEN}Writing zeros to the remaining disk space to securely
- erase the unused portion of the file system.
- Depending on your disk size this may take several minutes.
- The secure erase will complete successfully when you see:${NC}
- dd: writing to '/zerofile': No space left on device\n
- Beginning secure erase now\n"
- dd if=/dev/zero of=/zerofile &
- PID=$!
- while [ -d /proc/$PID ]
- do
- printf "."
- sleep 5
- done
- sync; rm /zerofile; sync
- cat /dev/null > /var/log/lastlog; cat /dev/null > /var/log/wtmp
|
