Based on some articles on the reference Web, a system-initialized shell script is summarized.
#!/bin/bashcat << eof+---------------------------------------------------------------------------+| Initialize for the CentOS 6_installed. |+---------------------------------------------------------------------------+eoffunction Format () {#sleep 1 #echo -E "\033[42;37m ########### finished ########### \033[0m\n" echo-e "\033[32m Install Success!!! \033[0m\n "}########################################################################### Set time time zone/timing sync settings echo" set Time. " /bin/cp-f/usr/share/zoneinfo/asia/shanghai/etc/localtime &>/dev/nullyum-y install ntpdate &>/dev/ Nullntpdate 0.centos.pool.ntp.org &>/dev/nullhwclock-wformat############################################# ############################## Create log creates the script to run the log echo "create log file." date1= ' date + '%F%h:%m "' Log=/var/log/sysinitinfo.logecho $DATE 1 >> $LOGecho"--------------------------------- ---------">> $LOGformat ############################################################################ Disabled SELinux Disables Selinuxecho "Disabled SELinux." Sed-i ' s/^selinux=enforcing/selinux=disabled/'/etc/sysconfig/selinuxformat##################################### ####################################### Stop iptables disables Iptablesecho "Stop iptables." Service iptables Stop &>/dev/nullchkconfig--level 235 iptables offformat##################################### ####################################### Disable ipv6 Disable Ipv6echo "Disable IPv6." Cat << EOF >/etc/modprobe.confalias net-pf-10 offalias ipv6 offeofchkconfig--level 2235 ip6tables offformat#### ###################################################################### #Set History Commands set command Chronicle parameters echo "set History commands. " Sed-i ' s/histsize=1000/histsize=100/'/etc/profilesed-i "8 s/^/alias vi= ' vim '/"/root/.bashrcgrep ' HISTFILESIZE '/etc/ BASHRC &>/dev/null if [$?-ne 0] thencat << EOF >>/ETC/BASHRCHISTFILESIZE=4000HISTSIZE=4000HISTTIMEF Ormat= '%f/%T ' eoffisource/etc/bashrcformat########################################################################### set Vimecho "Set Vim." Cat << EOF > ~/.vimrcset number set laststatus=2set shiftwidth=4set tabstop=4set noexpandtabset softtabstop=4set Cmdheight=3set cursorlineset formatoptions=tcrqn Set encoding=utf-8 syntax oncolorscheme desertcolor Ron Set background= Darkset Ruler Set rulerformat=%20 (%2*%<%f%=\%m%r\%3l\%c\%p%%%) Set statusline=%f%m%r%h%w\ [format=%{&ff}]\ [TY pe=%y]\ [pos=%l,%v][%p%%]\%{strftime (\ "%d/%m/%y\-\%h:%m\")}nmap z:x<cr> nmap sp:set Paste<cr>iEOFformat ########################################################################### Epel upgrade Epel source echo "Install Epel" RPM-UVH http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm &>/dev/nullsed-i "s/^# Base/base/g "/etc/yum.repos.d/epel.reposed-i" s/^mirr/#mirr/g "/etc/yum.repos.d/epel.repoformat################## ######################################################## #Yum Install Development Tools Installation Development package group and Software Essentials echo "Install development tools (It'll be a moment)" Yum Groupinstall -Y "Development tools" &>/dev/nullyum install-y bind-utils lrzsz wget gcc gcc-c++ vim htop OpenSSL &>/dev /nullformat########################################################################### Yum update bash and OpenSSL Upgrade Bash/opensslecho "Update bash and OpenSSL" yum-y Update bash OpenSSL &>/dev/nullformat######################## #################################################### set SSH SSH login policy echo "set sshd." Sed-i "s/^ #PermitEmptyPasswords/permitemptypasswords/"/etc/ssh/sshd_configsed-i "s/^ #LoginGraceTime 2m/ Logingracetime 6m/"/etc/ssh/sshd_configgrep" Usedns No "/etc/ssh/sshd_config &>/dev/nullif [$?-ne 0]thenecho" U Sedns No ">>/etc/ssh/sshd_config fiformat################################################################## ########## Set Default init 3 sets the system defaults to initialize echo "default init 3." Sed-i ' s/^id:5:initdefault:/id:3:initdefault:/'/etc/inittabformat########################################################################## #echo "Tunoff services." For i in ' ls/etc/rc3.d/s* ' does servers= ' echo $i |cut-c 15-' echo $serverscase $servers in Crond | Irqbalance | Microcode_ctl | Network | Random | Postfix | sshd | Rsyslog | Local | Smart | Cpuspeed | mysqld | httpd | ntpd | PHP-FPM | Nginx) echo-e "\033[31m Base services, skip!\033[0m";; *) echo-e "\033[31m change $servers to off\033[0m" Chkconfig--level 235 $servers offservice $servers stop;; esacdoneformat############################################################################ Del Unnecessary users Remove unnecessary user echo "Del unnecessary users." For USERS in ADM LP sync shutdown halt mail news uucp operator Games gopherdo grep $USERS/etc/passwd &>/dev/nul L if [$?-eq 0] Then Userdel $USERS &>/dev/null fidoneformat#################################### ######################################## Del UnnecessaryGroups Delete unnecessary user groups echo "Del unnecessary groups." For GRP in ADM LP Mail news UUCP games Gopher mailnull Floppy dip pppusers popusers slipusers daemondo grep $GRP/etc/g Roup &>/dev/null If [$-eq 0] then Groupdel $GRP &>/dev/null fidoneformat############## ############################################################## Disabled reboot by Keys Ctlaltdelete Disable the Ctlaltdelete restart function echo "Disabled reboot by Keys Ctlaltdelete" Sed-i ' s/^exec/#exec/'/etc/init/ control-alt-delete.confformat############################################################################ Set Ulimit Set file Handles echo "set Ulimit 1000000" Cat << EOF >/etc/security/limits.conf* soft nofile 1000000* ha Rd nofile 1000000* Soft nproc 102400* hard nproc 102400eofsed-i ' s/102400/1000000/'/etc/security/limits. d/90-nproc.confformat############################################################################ Set Login Message sets the information that is displayed when you sign in echo "Set login message." echo "This Is isn't a public server ' >/etc/issueecho ' This was not a public server ' >/etc/redhat-releaseformat################# ########################################################### record SUID and SGID files date2= ' date + '%F ' echo ' record SUID and SGID files. " echo "SUID---" >/var/log/susg_ "$DATE 2". Logfind/-path '/proc '-prune-o-perm-4000 >>/var/log/susg_ "$DATE 2 ". Logecho"------------------------------------------------------">>/var/log/susg_" $DATE 2 ". Logecho" SGID-- -">>/var/log/susg_" $DATE 2 ". Logfind/-path '/proc '-prune-o-perm-2000 >>/var/log/susg_" $DATE 2 ". Logform at############################################################################ Disabled crontab Send mail Disable sending mail to root when performing a scheduled task echo "Disable crontab send mail." Sed-i ' s/^mailto=root/mailto= '/'/etc/crontab sed-i ' s/^mail\.\*/mail\.err/'/etc/rsyslog.confformat############## ############################################################## Set NTP Client sets Time service clients echo "set NTP ClieNT. " SED () {cp-p/etc/ntp.conf/etc/ntp.conf.bak sed-i '/^server/d '/etc/ntp.conf sed-i '/^includefile/i\server 0 . centos.pool.ntp.org iburst '/etc/ntp.conf sed-i '/0.centos.pool.ntp.org/a\server 1.centos.pool.ntp.org iburst '/etc/ ntp.conf sed-i '/1.centos.pool.ntp.org/a\server 2.centos.pool.ntp.org iburst '/etc/ntp.conf sed-i '/2.centos.pool . Ntp.org/a\server 3.centos.pool.ntp.org iburst '/etc/ntp.conf chkconfig--level/ntpd on &>/dev/null}rpm-q NTP &>/dev/nullif [$?-eq 0]then sedelse yum-y install NTP &>/dev/null sedfiformat############ ################################################################ set sysctl.conf setting kernel parameters echo "set sysctl.conf" # The backlog of LISTEN functions in Web applications restricts the net.core.somaxconn of kernel parameters to 128 by default, and Nginx-defined ngx_listen_backlog defaults to 511, so it must be adjusted to 2048cat << EOF >/etc/sysctl.confnet.core.somaxconn = 2048 net.core.wmem_default = 262144net.core.rmem_max = 16777216net.core.wmem_max = 16777216net.ipv4.tcp_rmem =4096 4096 16777216net.ipv4.tcp_wmem = 4096 4096 16777216net.ipv4.tcp_mem = 786432 2097152 3145728net.ipv4.tcp_max_syn_ Backlog = 16384net.core.netdev_max_backlog = 20000net.ipv4.tcp_fin_timeout = 15net.ipv4.tcp_tw_reuse = 1net.ipv4.tcp_ tw_recycle = 1net.ipv4.tcp_max_orphans = 131072net.ipv4.ip_local_port_range = 1024x768 65535net.ipv4.ip_forward = 0net.ipv4.conf.default.rp_filter = 1net.ipv4.conf.default.accept_source_route = 0KERNEL.SYSRQ = 0kernel.core_uses_ PID = 1net.ipv4.tcp_syncookies = 1net.bridge.bridge-nf-call-ip6tables = 0net.bridge.bridge-nf-call-iptables = 0net.bridge.bridge-nf-call-arptables = 0KERNEL.MSGMNB = 65536kernel.msgmax = 65536kernel.shmmax = 4294967295kernel.shmall = 26843545EOFmodprobe Bridge & >/dev/null/sbin/sysctl-p & >/dev/nullformat##### ####################################################################### Set nginx Syntax mkdir-p ~/.vim/syntax & & CD ~/.vim/syntaxwget Http://www.vim.org/scripts/download_script.php?src_id=14376-O Nginx.vim>/dev/nullecho "au bufread,bufnewfile/etc/nginx/vhosts/*.conf set Ft=nginx" > ~/.vim/filetype.vim
Shell script for initializing the system under CentOS
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
