標籤:初始化 centos 指令碼
#!/bin/bashecho "這個是系統初始化指令碼,請謹慎運行!"input_fun(){ OUTPUT_VAR=$1 INPUT_VAR="" while [ -z $INPUT_VAR ];do read -p "$OUTPUT_VAR" INPUT_VAR done echo $INPUT_VAR}input_again(){MYHOSTNAME=$(input_fun "please input the hostname:")DOMAINNAME=$(input_fun "please input the domainname:")CARD_TYPE=$(input_fun "please input card type(eth0):")IPADDR=$(input_fun "please input ip address(192.168.100.1):")NETMASK=$(input_fun "please input netmask(255.255.255.0):")GATEWAY=$(input_fun "please input gateway(192.168.100.1):")MYDNS1=$(input_fun "please input DNS1(114.114.114.114):")MYDNS2=$(input_fun "please input DNS2(8.8.4.4):")}input_againMAC=$(ifconfig $CARD_TYPE | grep "HWaddr" | awk -F[" "]+ ‘{print $5}‘)#SET COMPUTER NAMEcat >/etc/sysconfig/network <<ENDFNETWORK=yesHOSTNAME=$MYHOSTNAMEENDFcat >/etc/sysconfig/network-scripts/ifcfg-$CARD_TYPE <<ENDFDEVICE=$CARD_TYPEBOOTPROTO=staticHWADDR=$MACNM_CONTROLLED=yesONBOOT=yesTYPE=EthernetIPV6INIT=noIPADDR=$IPADDRNETMASK=$NETMASKGATEWAY=$GATEWAYENDF/etc/init.d/network restartcat >/etc/hosts <<ENDF127.0.0.1 $MYHOSTNAME $MYHOSTNAME.$DOMAINNAME localhost$IPADDR $MYHOSTNAME $MYHOSTNAME.$DOMAINNAME localhostENDFcat >/etc/resolv.conf <<ENDFdomain $DOMAINNAME search $DOMAINNAME nameserver $MYDNS1 nameserver $MYDNS2 ENDF#關閉SEKINUXsed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g‘ /etc/sysconfig/selinux setenforce 0#修改檔案開啟數echo "* soft nofile 66666" >> /etc/security/limits.conf echo "* hard nofile 66666" >> /etc/security/limits.conf #最佳化核心參數cat >> /etc/sysctl.conf << ENDFnet.ipv4.tcp_max_syn_backlog = 65536net.core.netdev_max_backlog = 32768net.core.somaxconn = 32768net.core.wmem_default = 8388608net.core.rmem_default = 8388608net.core.rmem_max = 16777216net.core.wmem_max = 16777216net.ipv4.tcp_timestamps = 0net.ipv4.tcp_synack_retries = 2net.ipv4.tcp_syn_retries = 2net.ipv4.tcp_tw_recycle = 1#net.ipv4.tcp_tw_len = 1net.ipv4.tcp_tw_reuse = 1net.ipv4.tcp_mem = 94500000 915000000 927000000net.ipv4.tcp_max_orphans = 3276800net.ipv4.ip_local_port_range = 1024 65535ENDFsysctl -p #關閉系統不用的服務for server in `chkconfig --list |grep 3:on|awk ‘{ print $1}‘`do chkconfig --level 3 $server offdonefor server in crond network rsyslog sshddo chkconfig --level 3 $server ondone#增加使用者並sudo提權user_add(){ USERNAME=$(input_fun "please input new user name:") useradd $USERNAME passwd $USERNAME}user_addchmod +w /etc/sudoersecho "$USERNAME ALL=(ALL) ALL" >>/etc/sudoerschmod -w /etc/sudoers#設定時間時區同步yum -y install ntpdate/usr/sbin/ntpdate time.nist.govecho "*/5 * * * * root /usr/sbin/ntpdate time.nist.gov 1> /dev/null 2>&1" >> /var/spool/cron/root#配置SSHDsed -i ‘/^#Port/s/#Port 22/Port 65535/g‘ /etc/ssh/sshd_configsed -i ‘/^#UseDNS/s/#UseDNS yes/UseDNS no/g‘ /etc/ssh/sshd_configsed -i ‘s/#PermitRootLogin yes/PermitRootLogin no/g‘ /etc/ssh/sshd_configsed -i ‘s/#PermitEmptyPasswords no/PermitEmptyPasswords no/g‘ /etc/ssh/sshd_configiptables -A INPUT -p tcp --dport 65535 -j ACCEPT/etc/init.d/sshd restart
本文出自 “楓林晚” 部落格,請務必保留此出處http://fengwan.blog.51cto.com/508652/1430307