====== Redhat - Clean Up ======

===== Disable selinux =====

Edit **/etc/selinux/config**.

Change **SELINUX=enforcing** to **SELINUX=disabled**:

<file bash /etc/selinux/config>
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
</file>

----

===== Turn off Firewall =====

<code bash>
systemctl stop firewalld
systemctl disable firewalld
yum -y install net-tools
</code>

<WRAP info>
**NOTE:**  On some older versions the following might be needed:

<code bash>
service iptables save 
service iptables stop 
chkconfig iptables off
</code>

</WRAP>

----

===== Clean Up Script =====

<code bash /usr/src/cleanup.sh>
#!/bin/bash
 
echo "Clean Up"
yum clean all > /etc/machine-id
rm -f /etc/ssh/ssh_host_rm -rf /root/.ssh/
rm -f /root/anaconda-ks.cfg
rm -f /root/.bash_history
unset HISTFILE
rm -f /var/log/boot.log
rm -f /var/log/cron
rm -f /var/log/dmesg
rm -f /var/log/grubby
rm -f /var/log/lastlog
rm -f /var/log/maillog
rm -f /var/log/messages
rm -f /var/log/secure
rm -f /var/log/spooler
rm -f /var/log/tallylog
rm -f /var/log/wpa_supplicant.log
rm -f /var/log/wtmp
rm -f /var/log/yum.log
rm -f /var/log/audit/audit.log
rm -f /var/log/tuned/tuned.logroot
</code>

----

Make the Script Executable

<code bash>
cd /usr/src
chmod +x cleanup.sh
</code>

----

Run the Clean Up Script

<code bash>
./cleanup.sh
</code>

----

===== Clear History =====

<code bash>
cat /dev/null > ~/.bash_history && history -c && exit
</code>

----

===== Generalize the System Config =====

This prevents conflicts when using this setup as a template when creating different virtual machines deployed from the template.

<code bash>
sys-unconfig
</code>