LINUX 系统初始化脚本

rfsdw · 发表于 2014-9-2 08:53:50

#!/bin/bash
######the system first start configuretion #####for install
####copy right by donglei##############
#1、配置sysctl
mv /etc/sysctl.conf  /etc/sysctl.bak
echo "############################the new config for sysctl ###########
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
kern.maxfiles = 65536
kern.maxfilesperproc = 32768
net.core.rmem_default = 262144
net.core.wmem_default = 262144
net.core.rmem_max = 262144
net.core.wmem_max = 262144
net.inet.udp.checksum = 1
net.inet.tcp.syncookies = 1
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_keepalive_time = 30
net.ipv4.tcp_keepalive_probes = 2
net.ipv4.tcp_keepalive_intvl = 2
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_tw_reuse = 1
kernel.sem = 250 32000 100 128
fs.file-max = 65536
net.ipv4.ip_local_port_range = 1024 65000" >> /etc/sysctl.conf
chmod 644 /etc/sysctl.conf
#2、配置ipv6
echo "##########ipv6-disabled###########
alias net-pf-10 off
alias ipv6 off" >> /etc/modprobe.d/dist.conf
echo "##############ipv6-disabled#########
NETWORKING_IPV6=no" >> /etc/sysconfig/network
/sbin/chkconfig ip6tables off
#3、配置系统时钟
echo "##############system_clock###########
01 * * * * root ntpdate 172.17.1.150; hwclock --systohc" >>/etc/crontab
#4、配置bash环境,每次命令行显示当前位置和时间，当前只针对root设置
echo "export  PS1='\033[1;33m\H \033[1;34m[\w] \033[1;35m\D{%D %T}\n\[\033[1;36m\]\u@pts/\l \[\033[00m\]\$ '" >> /root/.bashrc
#5、配置系统服务启动项
for i in `ls /etc/rc3.d/S*`
do
servi=`echo $i|cut -c 15-`
case $servi in
cpuspeed | crond | irqbalance | microcode_ctl | sendmail)
;;
*)
echo "change $servi to off" >>./log.log
chkconfig $servi off
service $servi stop
;;
esac
done
#6、配置系统默认语言环境
mv /etc/sysconfig/i18n  /etc/sysconfig/i18n.bak
echo "#########set new language by admin#######
LANG="zh_CN.UTF-8"
SUPPORTED="zh_CN.UTF-8:zh_CN:zh:en_US.UTF-8:en_US:en"
SYSFONT="latarcyrheb-sun16" " >/etc/sysconfig/i18n
chmod 644 /etc/sysconfig/i18n
#7、配置selinux
sed -i -e 's/^SELINUX=.*/LANG="SELINUX=disabled/' -e 's/^SELINUXTYPE=.*/SELINUXTYPE=disabled/' /etc/sysconfig/selinux
#8、关闭iptables
service iptables stop
chkconfig iptables off
#9、配置root用户不能直接登录系统
mv /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
grep -Ev '^$|^#' /etc/ssh/sshd_config.bak >/etc/ssh/sshd_config
chmod 600 /etc/ssh/sshd_config
sed /PermitRootLogin/d /etc/ssh/sshd_config
sed /ClientAliveCountMax/d /etc/ssh/sshd_config
echo "######ssh security config#######
PermitRootLogin no
ClientAliveCountMax 10 " >>/etc/ssh/sshd_config
service sshd restart

账号		自动登录	找回密码
密码			立即注册

大疆运维招人啦，

C++ :try 语句块和异常处理

C++的多态

Red Hat RHCE 8 (EX294) Cert Guide

Java/C++ 区别：看完这一篇，就够用！

别再用过时库了！这 13 个顶级 C++ 库才是

c++ size_t 和 int 的区别

[经验分享] LINUX 系统初始化脚本

相关帖子

浏览过的版块

扫码加入运维网微信交流群