• centos系统初始化脚本


    #!/bin/bash   
    #========================================================================== 
    #   FILE: Init.sh 
    #  
    #   DESCRIPTION: This script is used to install usual libs, 
    #   close unnecessary services,optimize kernel parameters and so on 
    #  
    #   REVISION: 1.0  
    #==========================================================================
    
    set -o nounset                          # Treat unset variables as an error
    
    # VARIABLES DEFINED
    # SRV_ON="acpid crond iptables kdump messagebus network ntpd readahead_early rsyslog sshd sysstat salt-minion"
    SRV_ON="acpid crond kdump messagebus network ntpd readahead_early rsyslog sshd sysstat salt-minion"
    
    SRV_TEMP="/tmp/chkconfig_list.tmp" 
    
    INSTALL_LIBS="gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel libxslt-devel libevent-devel libtool-ltdl bison libtool vim-enhanced salt-minion"
    
    DONE="e[0;32m33[1mdonee[m" 
    
    # check os version
    platform=`uname -i`
    if [ $platform != "x86_64" ];then
    	echo "this script is only for 64bit Operating System!"
    exit 1
    fi
    
    cat << EOF
    +---------------------------------------+
    |   your system is CentOS 6 x86_64      |
    |      start optimizing.......          |
    +---------------------------------------
    EOF
    
    # add the third-party epel repo
    rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
    
    # lock user
    passwd -l dbus
    passwd -l vcsa
    passwd -l games
    passwd -l nobody
    passwd -l avahi
    passwd -l haldaemon
    passwd -l gopher
    passwd -l ftp
    passwd -l mailnull
    passwd -l pcap
    passwd -l mail
    passwd -l shutdown
    passwd -l halt
    passwd -l uucp
    passwd -l operator
    passwd -l sync
    passwd -l adm
    passwd -l lp
    
    # install usual libs
    yum -y install ${INSTALL_LIBS} 1>/dev/null 
    echo -e "Install the usual libs ${DONE}." 
    #echo "* 4 * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1" >> /var/spool/cron/root
    sed -i 's/#master: salt/master: salt.enai.corp/' /etc/salt/minion
    service salt-minion restart
    
    # directory path
    mkdir -p /data/scripts/shell
    
    # set static route
    
    # mount share
    
    # set the file limit
    echo "ulimit -SHn 65535" >> /etc/rc.local
    cat >> /etc/security/limits.conf << EOF
    *           soft   nofile       65535
    *           hard   nofile       65535
    *           soft   nproc        65535
    *           hard   nproc        65535
    EOF
    
    # set ssh
    sed -i 's/#Port 22/Port 28290/' /etc/ssh/sshd_config
    sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
    service sshd restart
    
    # tune kernel parametres
    cat >> /etc/sysctl.conf << EOF
    net.ipv4.tcp_tw_reuse = 1
    net.ipv4.tcp_tw_recycle = 1
    net.ipv4.tcp_fin_timeout = 1
    EOF
    /sbin/sysctl -p
    
    # stop some crontab
    mkdir /etc/cron.daily.bak
    mv /etc/cron.daily/makewhatis.cron /etc/cron.daily.bak
    
    # close all services and set necessary services on  
    chkconfig  --list | awk '{print $1}' > ${SRV_TEMP} 
     
    # close all services  
    while read SERVICE 
    do 
        chkconfig --level 345 ${SERVICE} off 1>/dev/null  
    done < ${SRV_TEMP} 
     
    # open necessary services  
    for SRVS in ${SRV_ON} 
    do 
        if [ -e /etc/init.d/${SRVS} ] 
        then  
            chkconfig --level 345 ${SRVS} on 1>/dev/null 
        else 
            echo -e "Service ${SRVS} is e[0;31m33[1mnot exitse[m." 
        fi 
         
    done 
    
    # disable the ipv6
    cat > /etc/modprobe.d/ipv6.conf << EOFI
    alias net-pf-10 off
    options ipv6 disable=1
    EOFI
    echo "NETWORKING_IPV6=off" >> /etc/sysconfig/network
    
    cat << EOF
    +-------------------------------------------------+
    |               optimizer is done                 |
    |   it's recommond to restart this server !       |
    +-------------------------------------------------+
    EOF
    
    # init done,and reboot system  
    echo -e "Do you want to e[0;31m33[1mreboote[m system now? [Y/N]:	 " 
    read REPLY 
    case $REPLY in  
        Y|y) 
            echo "The system will reboot now ..." 
            shutdown -r now  
            ;; 
        N|n) 
            echo "You must reboot later..." 
            source /etc/profile  
            ;; 
        *) 
            echo "You must input [Y/N]." 
            source /etc/profile  
            ;; 
    esac 
    
    
    ====
    cat > /etc/resolv.conf <<EOFD
    nameserver 10.19.177.116
    nameserver 10.19.31.157
    nameserver 114.114.114.114
    EOFD
    
    
    106.75.32.81
    
    hostname u04rdp01.yaya.corp
    
    sed -i 's#HOSTNAME=10-19-22-157##HOSTNAME=u04rdp01.yaya.corp#g' /etc/sysconfig/network
    sed -i 's##HOSTNAME=u04rdp01.yaya.corp#g' /etc/sysconfig/network

  • 相关阅读:
    s111 stark组件
    数据结构
    django基础
    15个值得开发人员关注的jQuery开发技巧和心得
    关于浏览器事件的思考
    关于浏览器事件的思考
    浅入javascript正则表达式的规则.
    JQuery常用功能的性能优化
    vim
    常用免费的WebService列表
  • 原文地址:https://www.cnblogs.com/reblue520/p/6239741.html
Copyright © 2020-2023  润新知