Home > Others

Basic Settings Script

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more > 

#!/bin/shsz= ' uname -a|grep  "x86_64" |wc -l ' if [  $sz  -ne 1 ]then        echo  "System hardware-platform error"        exit 1fiecho  "-------------------------------------------------------------------- --"echo " close some services "{chkconfig --level 3 abrtd offchkconfig - -level 3 acpid offchkconfig --level 3 atd offchkconfig --level 3  auditd offchkconfig --level 3 autofs offchkconfig --level 3  avahi-daemon offchkconfig --level 3 certmonger offchkconfig --level 3  Cgconfig offchkconfig --level 3 cgred offchkconfig --level 3 cpuspeed  offchkconfig --level 3 cups offchkconfig --level 3 haldaemon  Offchkconfig --level 3 ip6tables offchkconfig --level 3 ipsec offchkconfig --level 3  kdump offchkconfig --level 3 lvm2-monitor offchkconfig --level 3  mdmonitor offchkconfig --level 3 messagebus offchkconfig --level 3  netconsole offchkconfig --level 3 netfs offchkconfig --level 3  nfs offchkconfig --level 3 nfslock offchkconfig --level 3 ntpd  offchkconfig --level 3 ntpdate offchkconfig --level 3 oddjobd  offchkconfig --level 3 portreserve offchkconfig --level 3 postfix  offchkconfig --level 3 psacct offchkconfig --level 3 quota_nld  offchkconfig --level 3 rdisc offchkconfig --level 3 restorecond  Offchkconfig --level 3 rhnsd offchkconfig --level 3 rhsmcertd offchkconfig --level 3 rpcbind  offchkconfig --level 3 rpcgssd offchkconfig --level 3 rpcidmapd  offchkconfig --level 3 rpcsvcgssd offchkconfig --level 3 saslauthd  Offchkconfig --level 3 smartd offchkconfig --level 3 sssd offchkconfig  --level 3 sysstat offchkconfig --level 3 udev-post offchkconfig  --level 3 bluetooth  offchkconfig --level 3 qpidd  offchkconfig  --level 3 ypbind offchkconfig --level 3 irqbalance offchkconfig  --level 3 blk-availability offchkconfig --level 3 libvirt-guests  Offchkconfig --level 3 firstboot off} > /dev/null 2>&1chkconfig  --list |grep  "3:on" &Nbsp; >> /root/installecho  "-------------------------------------------------------------- --------"echo " config the iptables "sz= ' grep " 161 " /etc/sysconfig/iptables|wc -l" if [  $sz  -eq 0 ];then{cat << ' Huiye ' # firewall configuration  written by system-config-securitylevel# Manual customization of this  File is not recommended.*filter:input accept [0:0]:forward accept [0:0]:o utput accept [0:0]:rh-firewall-1-input - [0:0]-a input -j  Rh-firewall-1-input-a forward -j rh-firewall-1-input-a rh-firewall-1-input -i lo  -j ACCEPT-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j  accept-a rh-firewall-1-input -s 172.20.0.0/16  -j accept-a  Rh-firewall-1-input -m state --state&nbsP Established,related -j accept-a rh-firewall-1-input -m state --state new  -m tcp -p tcp --dport 22 -j accept-a rh-firewall-1-input -j  reject --reject-with icmp-host-prohibitedcommithuiye} > /etc/sysconfig/ iptablessed -i  ' 245a echo  "2621400"  > /proc/sys/net/netfilter/nf_conntrack_ Max '  /etc/init.d/iptablesfiecho  '------------------------------------------------------------------- ---"echo " config the hosts.allow "sz= ' grep " 222.240.x.x " /etc/hosts.allow|wc -l" if [  $sz  -eq 0 ];then{cat << ' Huiye ' # #lansshd: 172.20.0.0/255.255.0.0sshd : 172.40.0.0/255.255.0.0huiye} > /etc/hosts.allowchattr +i /etc/hosts.denyfi/usr/sbin/ ntpdate clock.isc.org echo  "------------------------------------------------------------------- ---"echo " config rc. Local "sz= ' grep " proc " /etc/rc.d/rc.local|wc -l ' if [  $sz  -eq 0 ];then{ cat << ' Huiye ' echo  "1"  >/proc/sys/net/ipv4/tcp_syncookiesecho  "1"  > / proc/sys/net/ipv4/tcp_synack_retriesecho  "1"  > /proc/sys/net/ipv4/tcp_syn_retriesecho  " 4096000 ">  /proc/sys/net/ipv4/route/max_sizeecho " 8192 " > /proc/sys/net/core/ somaxconnecho  "2621400"  > /proc/sys/net/netfilter/nf_conntrack_maxecho  " >"  /proc/sys/net/netfilter/nf_conntrack_tcp_timeout_establishedecho  "1048576"  > /sys/ module/nf_conntrack/parameters/hashsize echo  "1024 65534"  > /proc/sys/net/ipv4/ip_ local_port_range/usr/sbin/ntpdate clock.isc.org/usr/local/snmpd/sbin/snmpd -c /usr/local/snmpd/ snmpd.conf  -p /var/run/snmpd/usr/local/irq.pyhuiye} >> /etc/rc.d/ rc.localfiecho  "*&NBSP;&Nbsp;soft  nofile 65536 " >> /etc/security/limits.confecho " *   hard nofile 65536 " >> /etc/security/limits.confecho "-------------------------- --------------------------------------------"echo " Config crontab "sz= ' grep " monitor-base "  /var/spool/cron/root|wc -l ' if [  $sz  -eq 0 ];then{cat << ' Huiye ' 1  0 * * * /usr/sbin/ntpdate clock.isc.org &1 1 * * *  /usr/sbin/ntpdate ntp.cc.sandai.net &*/5 * * * * /sbin/iptables -z #*/5 * * * * /usr/local/monitor-base/o.sh >/dev/null 2>&1  &huiye} > /var/spool/cron/rootfiecho  "-------------------------------------------------- --------------------"echo " Keep ipv6 "if [ ! -f /etc/modprobe.d/ipv6-off.conf   ];then{cat << ' Huiye ' alias net-pf-10 offoptions ipv6 disable=1#alias ipv6  offhuiye} >> /etc/modprobe.d/ipv6-off.confgrep  "Networking_ipv6"  /etc/sysconfig/ network | | echo  "Networking_ipv6=no"  >> /etc/sysconfig/network sed -i  ' S/networking_ Ipv6=yes/networking_ipv6=no/g '  /etc/sysconfig/networkfi#sudo configcp  /etc/sudoers   /etc/sudoers_backupecho  "monitor all = /sbin/route, /sbin/ip, /sbin/ Ifconfig, /bin/ping, /usr/bin/net, /sbin/iptables,  /sbin/ethtool, /sbin/service ,  /sbin/fdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount, /usr/bin/ Reboot, /sbin/shutdown, /sbin/modprobe " >> /etc/sudoerssz= ' cat  /etc/ Sudoers|grep monitor|wc -l ' st= '/usr/sbin/visudo -c|grep ok|wc -l ' if  [   $st &NBSP;-GT&Nbsp;0 -a  $sz  -gt 0 ]; thenecho  "update sudouser success!!!"  >> /root/installelseecho  "Update sudouser fail!!!"  >> /root/installfiecho  "---------------------------------------------------------------- ------"echo " Modify the fstab "cp /etc/fstab /etc/fstab_distsed -i  '/UUID/  s/defaults/defaults,noatime/g '  /etc/fstab#sed -i  ' s/label=\/usr\/local         \/usr\/local               ext3    defaults        1 2 /label=\/usr\/local        \/usr\/local               ext3    defaults,noatime         1 2/g " /etc/fstab#sed -i  "s/label=\/data              \/data                    ext3    defaults         1 2/label=\/data             \/ data                    ext3    defaults,noatime        1  2/g " /etc/fstab#for i in {1..15}# $do #sed -i " s/LABEL=\/data$i             \/data$i                   ext3    defaults       &nbSp; 1 2/label=\/data$i            \/data $i                    Ext3    defaults,noatime        1 2/g " / etc/fstab# $done #root alias rmsz= ' cat /home/root1/.bashrc |grep  "Alias" |grep  "rm" |wc -l ' if [  $sz  -ge 1 ]; thenecho  "Root1 alias had been  update success!! " elsesed -i  "/user specific aliases and functions/a alias rm= ' rm - I ' \nalias cp= ' cp -i ' \nalias mv= ' mv -i ' "  /home/root1/.bashrcecho " root1  alias updated success!  "fi# crontab aliasfor bashrc in /home/ root1/.bashrc /root/.bashrc;do    grep  "Alias crontab= ' CRONTAB&NBsp;-i '   $BASHRC  >/dev/null && echo  $BASHRC  alias crontab  already done before ! "  | |      {         sed -i  "/user  specific aliases and functions/ a alias crontab= ' Crontab -i ' " $ bashrc &&         grep  "alias crontab=" Crontab -i ' "  $BASHRC  >/dev/null &&          echo  "$BASHRC  alias crontab succeed !"      }done#config yum echo  "config yum --------------------- ----------------------------------------------"MV&NBSP;/ETC/YUM.REPOS.D/CENTOS-BASE.REPO&NBSP;/ETC/YUM.REPOS.D /centos-base.repo.backupwget http://centos.yum.sandai.net/.help/centos-base6.repo -o /etc/ Yum.repos.d/centos-base.reporpm -ivh http://centos.yum.sandai.net/.help/epel-release-6-8.noarch.rpm mv / etc/yum.repos.d/epel.repo  /etc/yum.repos.d/epel.repo_backupwget http://centos.yum.sandai.net/. Help/epel6.repo -o /etc/yum.repos.d/epel.repoyum clean all;yum makecacheyum -y  install sysstat vnstat telnet jwhois vim lshw   Yum-plugin-priorities openipmi  ipmitool  iptraf xinetd iperf#yum -y  update kernelwget http://centos.yum.sandai.net/centos/6.4/updates/x86_64/packages/ kernel-2.6.32-358.23.2.el6.x86_64.rpm -o /tmp/kernel-2.6.32-358.23.2.el6.x86_64.rpmwget http:// centos.yum.sandai.net/centos/6.4/updates/x86_64/packages/kernel-firmware-2.6.32-358.23.2.el6.noarch.rpm - o /tmp/kernel-firmware-2.6.32-358.23.2.el6.noarch.rpm wget http://centos.yum.sandai.net/centos/ 6.4/updates/x86_64/packages/kernel-devel-2.6.32-358.23.2.el6.x86_64.rpm -o /tmp/kernel-devel-2.6.32-358.23.2.el6.x86_64.rpmcd /tmp/;  rpm -ivh kernel-2.6.32-358.23.2.el6.x86_64.rpm kernel-firmware-2.6.32-358.23.2.el6.noarch.rpm  kernel-devel-2.6.32-358.23.2.el6.x86_64.rpm [ ! -s  /etc/yum.repos.d/ centos-base.repo ] && echo  "config yum fail!"  >> /root/install/usr/sbin/ntpdate clock.isc.org#config xinetd.confecho  "Config  xinetd.conf-------------------------------------------------------------"cp /etc/xinetd.conf / etc/xinetd.conf_backupsed -i  '/cps/ s/50 10/500 10/g '  /etc/xinetd.conf sed  -i  '/instances/ s/50/500/g '  /etc/xinetd.conf sed -i  '/per_source/ s/ 10/200/g '  /etc/xinetd.conf echo  '-------------------------------------------------------------- --------"echo " Sleep for 5 secoNds before reboot "echo " ' Date ' " >> /root/installsleep 5reboot


This article is from the "Xiangjiang River Blowing Crazy" blog, please make sure to keep this source http://xjcf00.blog.51cto.com/10170403/1642556

Basic Settings Script

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More