最近看了下公司之前的CentOS6的开机配置脚本,简单调整了下:
#!/bin/bash
#createdbymolewan
#setenv
exportPATH=$PATH:/bin:/sbin:/usr/sbin
hostname=$1
if[$UID!="0"];then
echo"Pleaserunasroot"
exit1
fi
Usage(){
echo$"USAGRE:/bin/bash$0hostname"
exit1
}
if["$#"-ne"1"];then
Usage
fi
#definecmdvar
SERVICE=`whichservice`
CHKCONFIG=`whichchkconfig`
functionmod_yum(){
ping-c2-w2mirrors.aliyun.com>/dev/null2>&1
if[$?-eq0];then
wget-O/etc/yum.repos.d/CentOS-Base.repohttp://mirrors.aliyun.com/repo/Centos-6.repo
wget-O/etc/yum.repos.d/epel.repohttp://mirrors.aliyun.com/repo/epel-6.repo
yuminstall-yvimlsoftelnetlrzszwgetopenssh-clientsunix2dosdos2unixgccgcc-c++openssl-developenssl-perlbc
yumcleanall
else
echo"yourmustchecknetwork"
exit1
fi
}
functiondisable_selinux(){
sed-i's/SELINUX=enforcing/SELINUX=disabled/g'/etc/sysconfig/selinux
setenforce0>/dev/null2>$1
}
functiondisable_iptables(){
/sbin/iptables-F&&/sbin/iptables-X&&/sbin/iptables-Z
/etc/init.d/iptablessave
/etc/init.d/iptablesstop&&chkconfigiptablesoff
}
functionleast_service(){
exportLANG=en
chkconfig|awk'{print"chkconfig",$1,"off"}'|bash
chkconfig|egrep"crond|sshd|network|rsyslog|sysstat"|awk'{print"chkconfig","on"}'|bash
}
functioncharset(){
cp/etc/sysconfig/i18n/etc/sysconfig/i18n.bak
echo'LANG="zh_CN.UTF-8"'>/etc/sysconfig/i18n
source/etc/sysconfig/i18n
}
functionntp_time_sync(){
ntpdate-u202.120.2.101&&hwclock-w>/dev/null2>&1
echo"0523***/usr/sbin/ntpdate-u202.120.2.101">>/var/spool/cron/root
}
functioncom_line_set(){
if[`egrep"TMOUT|HISTSIZE|ISTFILESIZE"/etc/profile|wc-l`-lt3]
then
echo'exportTMOUT=300'>>/etc/profile
echo'exportHISTSIZE=5'>>/etc/profile
echo'exportHISTFILESIZE=5'>>/etc/profile
source/etc/profile
fi
}
functionopen_file_set(){
if[`grep65535/etc/security/limits.conf|wc-l`-lt1]
then
echo'*-nofile65535'>>/etc/security/limits.conf
tail-1/etc/security/limits.conf
fi
}
functionset_kernel(){
cat>>/etc/sysctl.conf<<EOF
net.ipv4.tcp_fin_timeout=2
net.ipv4.tcp_tw_resue=1
net.ipv4.tcp_tw_recycle=1
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_keepalive_time=600
net.ipv4.ip_local_port_range=400065000
net.ipv4.tcp_max_syn_backlog=16384
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_ignore_bogus_error_responses=1
net.ipv4.conf.all.accept_source_route=0
net.ipv4.conf.default.accept_source_route=0
net.ipv4.tcp_rmem=4096873808388608
net.ipv4.tcp_wmem=4096873808388608
EOF
sysctl-p
}
functionset_sercurity_limits.conf(){
echo''>>/etc/security/limits.conf
echo'*softnofile65535'>>/etc/security/limits.conf
echo'*hardnofile65535'>>/etc/security/limits.conf
echo'*softnproc65535'>>/etc/security/limits.conf
echo'*hardnproc65535'>>/etc/security/limits.conf
}
functionset_ssh(){
sed-i'/#Port22/Port5272/g'/etc/sysconfig/sshd_config
sed-i'/#UseDNSyes/a\UseDNSno'/etc/ssh/sshd_config
sed-i's/#GSSAPIAuthenticationno/GSSAPIAuthenticationno/g'/etc/ssh/sshd_config
sed-i's/GSSAPIAuthenticationyes/#GSSAPIAuthenticationyes/g'/etc/ssh/sshd_config
/etc/init.d/sshdreload
}
functionset_hostname(){
echo'NETWORKING=yes'>>/etc/sysconfig/network
echo"HOSTNAME=${hostname}">>/etc/sysconfig/network
}
functionctrl_alt_del_deny(){
sed-i's/startoncontrol-alt-delete/#startoncontrol-alt-delete/g'/etc/init/control-alt-delete.conf
}
functionshutdown_ipv6(){
echo'aliasnet-pf-10off'>>/etc/modprobe.d/dist.conf
echo'aliasipv6off'>>/etc/modprobe.d/dist.conf
}
functionalter_bootmenu_time(){
sed-i'/timeout=5/d'/boot/grub/menu.lst
sed-i'/default/a\timeout=1'/boot/grub/menu.lst
}
main(){
mod_yum
disable_selinux
disable_iptables
least_service
charset
ntp_time_sync
com_line_set
open_file_set
set_kernel
set_sercurity_limits.conf
set_ssh
set_hostname
ctrl_alt_del_deny
shutdown_ipv6
alter_bootmenu_time
}
main 原文链接:https://www.f2er.com/centos/376354.html