Centos init script

System initialization script can be unified, automatic configuration, reduce manpower.

Here is a brief talk about Yum installation and source code compilation and installation, please correct me. I have been insisting on Yum installation for the following reasons

First, easy to install, do not need to spend more energy to consider the problem of dependency

Second, the configuration is unified, convenient later maintenance, automation and so on

Third, convenient upgrade

Four, okay, I'm a vegetable chicken, I admit it. 650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0039.gif "alt=" j_0039.gif "/>

see its blog post

#!/bin/bash #  #Change  yum source rpm -uvh  http://dl.fedoraproject.org /pub/epel/6/i386/epel-release-6-8.noarch.rpmsed -i  ' 1,10{s/^#//g;s/^mirrorlist/#mirrorlist/g;} '  /etc/yum.repos.d/epel.repoyum clean all yum makecache  #Set  wrong  password locksed -i  ' 1a auth required pam_tally2.so deny=3 lock_time= 300 even_deny_root root_unlock_time=300 '  /etc/pam.d/sshd  #Install  tools&update  system yum -y install vim htop ntpdate wgetyum -y  groupinstall  "Development tools"   "develoment libraries " yum -y update  echo  "0 0 * * * /usr/bin/yum -y update > /dev/null"   >> /var/spool/cron/root#Selinux setenforce 0 sed -i  ' S/^selinux=.*/selinux =disabled/g '  /etc/selinux/config  #Time  ntpdate ntp.api.bz hwclock -w  echo  "*/15 * *  * * /usr/sbin/ntpdate ntp.api.bz > /dev/null " >> /var/spool/ cron/root#record command sed -i  ' S/^histsize=.*$/histsize=100/'  /etc/profile  echo  "Export prompt_command= ' { msg=\$ (history 1 | { read x y;  echo \ $y;  }); user=\$ (WhoAmI);  echo \$ (date \ "+%y-%m-%d %h:%m:%s\"): \ $user : \ ' pwd\ '/:\ $msg  ---- \$ (who am i);  } >> /tmp/\ ' hostname\ '. \ ' Whoami\ '. History-timestamp ' " >> /root/.bash_profile  #Iptables  service iptables stop  && chkconfig iptables off

A simple explanation is as follows:

①set Wrong password lock Please use carefully, I set is all users (including root), password error more than 5 times will be locked, when the server is malicious login will cause the administrator can not log in, must be logged in TTY. I will be in a later blog post script Way to ban the malicious login IP

②record command will record the user's changes made after landing, convenient audit, path/tmp/\ ' hostname\ '. \ ' whoami\ '. History-timestamp

③ the internal server shuts down the firewall, security measures need to be done on the hardware firewall.

If there is any mistake, please do not hesitate to correct me.

This article is from the "Talk" blog, please be sure to keep this source http://jixing.blog.51cto.com/821242/1629543

Centos init script