Simple configuration and optimization of the CentOS6.3 system after installation

A new, minimized package installed CentOS 6.3 system, as a local Web server use, is now recording the entire process configuration NetEase 163 of the Yum Source

1. download the repo file

:Http://mirrors.163.com/.help/CentOS6-Base-163.repo

2. back up and replace the system's repo file

[[Email protected] ~] #cd/etc/yum.repos.d/

[[Email protected] ~] #mv Centos-base.repo Centos-base.repo.bak

[[Email protected] ~] #mv/root/centos6-base-163.repo Centos-base.repo

Note: If you download directly in /etc/yum.repos.d/ directory, do not let . Repo more files than 1 , such as: Centos6-base-163.repo , Centos-base.repo will go wrong

3. performing the yum source update

[[Email protected] ~] #yum Clean All

[[Email protected] ~] #yum Makecache

Optimized system

First, update the system to the latest

[Email protected]]# yum Update

Second, install the necessary packages

[Email protected]~] #yuminstall Lrzsz sysstat–y

In addition, if you drop the package group you want to install at the time of installation, you can perform the following command to install it here.

[[Email protected]~] #yumgroupinstall "Development Tools"

[[Email protected]~] #yumgroupinstall "X software Development"

Third, clean the boot-up service

Turn off all start-up services:

[[Email protected]~]# for test in ' chkconfig--list|grep 3:on|awk ' {print '} ';d o chkconfig--level 3 $testoff;d One

Open crond,network,rsyslog,sshd start-up service

[[email protected] ~]# for test in Crond network Rsyslog sshd;do chkconfig--level 3 $test on;done

To view processing results:

[Email protected] ~]# chkconfig--list|grep 3:on

Crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off

Network 0:off 1:off 2:on 3:on 4:on 5:on 6:off

Rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off

sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

Four, change the SSH login configuration

[email protected] ~]# Cp/etc/ssh/sshd_config/etc/ssh/sshd_config.back # Backup configuration file

[Email protected] ~]# Vim/etc/ssh/sshd_config

########## #by test###########################

Port 11111

Permitrootlogin no #root user is not allowed to log in remotely

Permitemptypasswords no # password is blank no login

Usedns no # do not use DNS

##############################################

[[email protected] ~]#/etc/init.d/sshd restart # after reboot takes effect

Five, will need to have Root user name of the permission to join sudo hang up so that users can log in by their own ordinary account, Root permissions to manage the entire system.

[[email protected] ~] #visudo # equivalent to direct editing /etc/sudoer, using the command method more secure, recommended

in the middle of the file, add the user name that requires root permission, in the following format:

# allow ROOT to run any commands anywhere

Root all= (All) all

Test all= (All) All # indicates that test can have full system administrator privileges

General user environment variable problem and solution

Compare The default PATH environment variables under root and test users

[Email protected] ~]# Echo$path

/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin

[Email protected] ~]$ Echo$path

/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/test/bin

After comparison, we find that the average user has several key environment variables /usr/local/sbin:/sbin:/usr/sbin: The reason why the execution command cannot be found (unless full path is executed)

Workaround:

edit The ~/.bash_profile environment variable fileto add:/usr/local/sbin:/sbin:/usr/sbin: added to the PATH environment variable, Note: Colons are separated between each path

[Email protected] ~]$ Vim./.bash_profile

[[email protected] ~] $source./.bash_profile # make the added content take effect

[Email protected] ~]$ Echo$path

/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin:/home/test/bin:/home/test/bin:/usr/local/sbin:/ Sbin:/usr/sbin

Vi. Change of Chinese display

by means of a quick command /etc/sysconfig/i18n Add the following command:

[Email protected] ~]# echo ' lang= ' ZH_CN. GB18030 "' >/etc/sysconfig/i18n

[[email protected] ~] #source/etc/sysconfig/i18n # make the changes effective

Vii. Increasing server file descriptors

[email protected] ~]# vim/etc/security/limits.conf (the default size is 1024x768 )

*-Nofile 65535

Note: Once the configuration is complete, re-login to view

[[Email protected] ~] #ulimit-N

65535

Eight, adjust the kernel parameter file /etc/sysctl.conf

Net.ipv4.tcp_fin_timeout= 2

Net.ipv4.tcp_tw_reuse= 1

Net.ipv4.tcp_tw_recycle= 1

Net.ipv4.tcp_syscookies= 1

Net.ipv4.tcp_keepalive_time= 600

Net.ipv4.ip_local_port_range= 4000

net.ipv4.tcp_max_syn_backlog= 16384

net,ipv4.tcp_max_tw_buckets= 360000

net.ipv4.route.gc_timeout= 100

Net.ipv4.tcp_syn_retries= 1

Net.ipv4.tcp_synack_retries=1

net.ipv4.ip_conntrack_max= 25000000

net.ipv4.netfilter.ip_conntrack_max=25000000

net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=180

net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait=120

Net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait=60

net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait=120

This article is from the "———— Learning log ————" blog, so be sure to keep this source http://huzhouren.blog.51cto.com/9698516/1587586

Simple configuration and optimization of the CentOS6.3 system after installation