最近看了下公司之前的CentOS6的开机配置脚本,简单调整了下:
#!/bin/bash #createdbymolewan #setenv exportPATH=$PATH:/bin:/sbin:/usr/sbin hostname=$1 if[$UID!="0"];then echo"Pleaserunasroot" exit1 fi Usage(){ echo$"USAGRE:/bin/bash$0hostname" exit1 } if["$#"-ne"1"];then Usage fi #definecmdvar SERVICE=`whichservice` CHKCONFIG=`whichchkconfig` functionmod_yum(){ ping-c2-w2mirrors.aliyun.com>/dev/null2>&1 if[$?-eq0];then wget-O/etc/yum.repos.d/CentOS-Base.repohttp://mirrors.aliyun.com/repo/Centos-6.repo wget-O/etc/yum.repos.d/epel.repohttp://mirrors.aliyun.com/repo/epel-6.repo yuminstall-yvimlsoftelnetlrzszwgetopenssh-clientsunix2dosdos2unixgccgcc-c++openssl-developenssl-perlbc yumcleanall else echo"yourmustchecknetwork" exit1 fi } functiondisable_selinux(){ sed-i's/SELINUX=enforcing/SELINUX=disabled/g'/etc/sysconfig/selinux setenforce0>/dev/null2>$1 } functiondisable_iptables(){ /sbin/iptables-F&&/sbin/iptables-X&&/sbin/iptables-Z /etc/init.d/iptablessave /etc/init.d/iptablesstop&&chkconfigiptablesoff } functionleast_service(){ exportLANG=en chkconfig|awk'{print"chkconfig",$1,"off"}'|bash chkconfig|egrep"crond|sshd|network|rsyslog|sysstat"|awk'{print"chkconfig","on"}'|bash } functioncharset(){ cp/etc/sysconfig/i18n/etc/sysconfig/i18n.bak echo'LANG="zh_CN.UTF-8"'>/etc/sysconfig/i18n source/etc/sysconfig/i18n } functionntp_time_sync(){ ntpdate-u202.120.2.101&&hwclock-w>/dev/null2>&1 echo"0523***/usr/sbin/ntpdate-u202.120.2.101">>/var/spool/cron/root } functioncom_line_set(){ if[`egrep"TMOUT|HISTSIZE|ISTFILESIZE"/etc/profile|wc-l`-lt3] then echo'exportTMOUT=300'>>/etc/profile echo'exportHISTSIZE=5'>>/etc/profile echo'exportHISTFILESIZE=5'>>/etc/profile source/etc/profile fi } functionopen_file_set(){ if[`grep65535/etc/security/limits.conf|wc-l`-lt1] then echo'*-nofile65535'>>/etc/security/limits.conf tail-1/etc/security/limits.conf fi } functionset_kernel(){ cat>>/etc/sysctl.conf<<EOF net.ipv4.tcp_fin_timeout=2 net.ipv4.tcp_tw_resue=1 net.ipv4.tcp_tw_recycle=1 net.ipv4.tcp_syncookies=1 net.ipv4.tcp_keepalive_time=600 net.ipv4.ip_local_port_range=400065000 net.ipv4.tcp_max_syn_backlog=16384 net.ipv4.icmp_echo_ignore_broadcasts=1 net.ipv4.icmp_ignore_bogus_error_responses=1 net.ipv4.conf.all.accept_source_route=0 net.ipv4.conf.default.accept_source_route=0 net.ipv4.tcp_rmem=4096873808388608 net.ipv4.tcp_wmem=4096873808388608 EOF sysctl-p } functionset_sercurity_limits.conf(){ echo''>>/etc/security/limits.conf echo'*softnofile65535'>>/etc/security/limits.conf echo'*hardnofile65535'>>/etc/security/limits.conf echo'*softnproc65535'>>/etc/security/limits.conf echo'*hardnproc65535'>>/etc/security/limits.conf } functionset_ssh(){ sed-i'/#Port22/Port5272/g'/etc/sysconfig/sshd_config sed-i'/#UseDNSyes/a\UseDNSno'/etc/ssh/sshd_config sed-i's/#GSSAPIAuthenticationno/GSSAPIAuthenticationno/g'/etc/ssh/sshd_config sed-i's/GSSAPIAuthenticationyes/#GSSAPIAuthenticationyes/g'/etc/ssh/sshd_config /etc/init.d/sshdreload } functionset_hostname(){ echo'NETWORKING=yes'>>/etc/sysconfig/network echo"HOSTNAME=${hostname}">>/etc/sysconfig/network } functionctrl_alt_del_deny(){ sed-i's/startoncontrol-alt-delete/#startoncontrol-alt-delete/g'/etc/init/control-alt-delete.conf } functionshutdown_ipv6(){ echo'aliasnet-pf-10off'>>/etc/modprobe.d/dist.conf echo'aliasipv6off'>>/etc/modprobe.d/dist.conf } functionalter_bootmenu_time(){ sed-i'/timeout=5/d'/boot/grub/menu.lst sed-i'/default/a\timeout=1'/boot/grub/menu.lst } main(){ mod_yum disable_selinux disable_iptables least_service charset ntp_time_sync com_line_set open_file_set set_kernel set_sercurity_limits.conf set_ssh set_hostname ctrl_alt_del_deny shutdown_ipv6 alter_bootmenu_time } main