Linux Server Initialization Optimization script

linux  Server Initialization optimization Script----------------------------------------------------------------------------------------# !/bin/bash## writes by tian## ver 1.1.0 at 20180705# Close  ctrl +  alt + del  (linux 6.x ) echo  "Off  ctrl + alt + del &NBSP, sed -i , s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/#ca:: ctrlaltdel:\/ sbin\/shutdown -t3 -r now/'  /etc/inittabsed -i  ' s/^id:5:initdefault:/id:3: initdefault:/'  /etc/inittab#linux 7  Forbidden  ctrl + alt + delrm -f  /usr/lib/systemd/system/ctrl-alt-del.target# above based on your server version set server # shutdown ipv6echo  "Close IPv6 ..." echo  " Alias net-pf-10 off " >> /etc/modprobe.confecho " Alias ipv6 off "  >> /etc/modprobe.conf/sbin/chkconfig --level 35 ip6tables offecho -e  "\033[031m ipv6 is disabled.\033[0m "#关闭selinuxecho  " close SELINUX ... "sed -i  '/^selinux=/c\selinux=disabled '  /etc/selinux/config# temporarily closed setenforce 0echo -e  "\033[31m the temporary  closure of  selinux, if you need,you must reboot.\033[0m "#关闭防火墙echo   "Close iptables ..." service iptables stop/sbin/chkconfig --live 35 iptables  offecho  "Close  firewalld " Systemctl stop firewalldsystemctl disabled firewalld #更新yum源 #yum -y install wgetecho  "Back up yum source ..." Mv /etc/yum.repos.d/centos-base.repo  /etc/yum.repos.d/centos-base.repo.backup#sys_ver= ' cat /etc/redhat-release |awk  ' {print  $3} '  | awk -F  '. '   ' {print $1} ' sys_ver= ' cat /etc/redhat-release | awk -f  '. '   ' {print $1} ' | awk  ' {print $4} ' if [  $sys _ver -eq 6 ];then& NBsp;       wget -o /etc/yum.repos.d/centos-base.repo http:// Mirrors.aliyun.com/repo/centos-6.repo        yum clean all         yum makecacheelif [  $sys _ver -eq 7  ];then        wget -o /etc/yum.repos.d/ centos-base.repo http://mirrors.aliyun.com/repo/centos-7.repo          yum clean all        yum makecachefi# Install the base library echo  "Install the base environment and libraries ..." yum -y install  "Development tools" Yum -y install  lsof lrzsz ntpdate gcc gcc-c++ autoconf libjpeg libjpeg-devel  libpng libpng-devel freetype freetype-devel                     libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2  glib2-devel bzip2 bzip2-devel ncurses ncurses-devel                    curl curl-devel  e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel  openssl  openssl-devel nss_ldap                    openldap openldap-devel  openldap-clients  openldap-servers libxslt-devel                  libevent-devel ntp  libtool-ltdl bison libtool  vim-enhanced##  The following is an optional item # in  ' chkconfig --list | awk  ' {if  ($1~/^$/)  {exit 0;}  else {print $1}} '; do chkconfig  $i  off; done# to open the prerequisite startup Project #for i in {crond,sshd,network, Rsyslog};d o chkconfig --level 3  $i  on;done#####   Set the time zone with 2 versions of usage, I didn't make a judgment, Comment out the unused version according to your own situation   #设置时区   (linux 6.x) Zone_time () {#install &NBSP;NTPYUM&NBSP;-Y&NBSP;INSTALL&NBSP;NTP  ntpdate#time zoneif [  ' date +%z '  !=  ' +0800 '  ]; then      rm -rf /etc/localtime     ln -sf /usr/share/ Zoneinfo/asia/shanghai /etc/localtimecat > /etc/sysconfig/clock << eofzone= " Asia/shanghai "utc=falsearc=falseeoffi#start ntpd server/etc/init.d/ntpd startchkconfig  ntpd onecho  "Present time zone:" ' Date +%z ' echo -e  "\033[31m time  zone ok \033[0m "} #设置时区   (linux 7.x) zone_7_time () {# install ntpyum -y  install ntp ntpdate# time zoneif [  ' date +%z '  !=  ' +0800 '  ]; thenrm -f  /etc/localtimeln -sf /usr/share/zoneinfo/asia/shanghai /etc/localtimecat > / Etc/sysconfig/clock << erzone= "Asia/shanghai" utc=falsearc=falseerfi# start ntp  serversystemctl start ntpdsystemctl enabld ntpd.serviceecho  "Present time  Zone: "' Date +%z ' echo -e " \033[31m linux 7 time zone ok \033[0m "}# ######  above is the time zone settings   has 2 versions, choose according to your own situation. ##  no need to, beautify the prompt # Modify the bash prompt string #echo  "change bash prompt string ..." #echo   ' ps1= ' \[\e[37;40m\][\[\e[32;40m\]\u \[\e[37;40m\]@\h \[\e[36;40m\]\w\[\e[0m\]]\\$  "'  >> ~/.bashrc#source .bashrc# Change the character set (linux 6.x  character set)/bin/cp /etc/sysconfig/i18n /etc/sysconfig/i18n.bakecho  ' LANG= ' en_US. UTF-8 "'  >/etc/sysconfig/i18n#linux 7  character set  character_insTall () {#安装中文支持yum  -y install kde-l10n-chineseyum -y reinstall glibc-commonsed  -i  '/^lang=/c\lang= ' ZH_CN. UTF-8 "'  /etc/locale.confsource /etc/locale.conf} #修改文件打开数echo  " Number of changes to File open ... "cat >>  /etc/security/limits.conf <<EOF* soft nproc 65535* hard nproc  65535* soft nofile 65535* hard nofile 65535eofecho  "ulimit -SHn  65535 " >> /etc/rc.local# optimize kernel parameters echo " optimize kernel parameters ... "sed -i " s/net.ipv4.tcp_ Syncookies.*$/net.ipv4.tcp_syncookies = 1/g '  /etc/sysctl.confcat >> /etc/ Sysctl.conf << endfnet.ipv4.tcp_max_syn_backlog = 65536net.core.netdev_max_backlog  =  32768net.core.somaxconn = 32768net.core.wmem_default =  8388608net.core.rmem_default = 8388608net.core.rmem_max = 16777216net.core.wmem_max =  16777216net.ipv4.tcp_timestamps = 0net.ipv4.tcp_synack_retries = 2net.ipv4.tcp_syn_retries  = 2net.ipv4.tcp_tw_recycle = 1#net.ipv4.tcp_tw_len = 1net.ipv4.tcp_tw_reuse =  1net.ipv4.tcp_fin_timeout = 30net.ipv4.tcp_mem = 94500000 915000000  927000000net.ipv4.tcp_max_orphans = 3276800net.ipv4.ip_local_port_range = 1024   65535endfsysctl -p# optimized SSH parameters echo  "optimized ssh ..." sed -i  '/^ #UseDNS/s/#UseDNS  yes/usedns  no/g '  /etc/ssh/sshd_config#sed -i  ' s/#PermitEmptyPasswords  no/permitemptypasswords  no/g '  /etc/ssh/sshd_config/etc/init.d/sshd restart

Linux Server Initialization Optimization script