|
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有帐号?立即注册
x
欢迎大家来到仓酷云论坛!此剧本用于新装Linux的相干设置事情,好比禁失落iptable和SElinux及ipv6,优化体系内核,停失落一些没需要启动的体系办事等。此剧本特别适全多量新装置的Centsos系列的办事器,剧本代码以下所示(此剧本在Centos5.5_x64下已经由过程):
#!/bin/bash
#Createdbykerryhu
#MAIL:king_819@163.com
#BLOG:http://kerry.blog.51cto.com
cat<<EOF
+--------------------------------------------------------------+
|===WelcometoCentosSysteminit===|
+--------------------------------------------------------------+
+--------------------------bykerry----------------------------+
EOF
#setntp
yum-yinstallntp
echo"*3***/usr/sbin/ntpdate210.72.145.44>/dev/null2>&1">>/etc/crontab
servicecrondrestart
#setulimit
echo"ulimit-SHn102400">>/etc/rc.local
#setlocale
#true>/etc/sysconfig/i18n
#cat>>/etc/sysconfig/i18n<<EOF
#LANG="zh_CN.GB18030"
#SUPPORTED="zh_CN.GB18030:zh_CN:zh:en_US.UTF-8:en_US:en"
#SYSFONT="latarcyrheb-sun16"
#EOF
#setsysctl
true>/etc/sysctl.conf
cat>>/etc/sysctl.conf<<EOF
net.ipv4.ip_forward=0
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.default.accept_source_route=0
kernel.sysrq=0
kernel.core_uses_pid=1
net.ipv4.tcp_syncookies=1
kernel.msgmnb=65536
kernel.msgmax=65536
kernel.shmmax=68719476736
kernel.shmall=4294967296
net.ipv4.tcp_max_tw_buckets=6000
net.ipv4.tcp_sack=1
net.ipv4.tcp_window_scaling=1
net.ipv4.tcp_rmem=4096873804194304
net.ipv4.tcp_wmem=4096163844194304
net.core.wmem_default=8388608
net.core.rmem_default=8388608
net.core.rmem_max=16777216
net.core.wmem_max=16777216
net.core.netdev_max_backlog=262144
net.core.somaxconn=262144
net.ipv4.tcp_max_orphans=3276800
net.ipv4.tcp_max_syn_backlog=262144
net.ipv4.tcp_timestamps=0
net.ipv4.tcp_synack_retries=1
net.ipv4.tcp_syn_retries=1
net.ipv4.tcp_tw_recycle=1
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_mem=94500000915000000927000000
net.ipv4.tcp_fin_timeout=1
net.ipv4.tcp_keepalive_time=1200
net.ipv4.ip_local_port_range=102465535
EOF
/sbin/sysctl-p
echo"sysctlsetOK!!"
#closectrl+alt+del
sed-i"s/ca::ctrlaltdel:/sbin/shutdown-t3-rnow/#ca::ctrlaltdel:/sbin/shutdown-t3-rnow/"/etc/inittab
#setpurview
chmod600/etc/passwd
chmod600/etc/shadow
chmod600/etc/group
chmod600/etc/gshadow
#disableipv6
cat<<EOF
+--------------------------------------------------------------+
|===WelcometoDisableIPV6===|
+--------------------------------------------------------------+
EOF
echo"aliasnet-pf-10off">>/etc/modprobe.conf
echo"aliasipv6off">>/etc/modprobe.conf
/sbin/chkconfig--level35ip6tablesoff
echo"ipv6isdisabled!"
#disableselinux
sed-i/SELINUX/s/enforcing/disabled//etc/selinux/config
echo"selinuxisdisabled,youmustreboot!"
#vim
sed-i"8s/^/aliasvi=vim/"/root/.bashrc
echosyntaxon>/root/.vimrc
#zh_cn
sed-i-es/^LANG=.*/LANG="en"//etc/sysconfig/i18n
#init_ssh
ssh_cf="/etc/ssh/sshd_config"
sed-i-e74s/^/#/-i-e76s/^/#/$ssh_cf
#sed-i"s/#Port22/Port65535/"$ssh_cf
sed-i"s/#UseDNSyes/UseDNSno/"$ssh_cf
#client
sed-i-e44s/^/#/-i-e48s/^/#/$ssh_cf
servicesshdrestart
echo"sshisinitisok.............."
#chkser
#tunoffservices
#--------------------------------------------------------------------------------
cat<<EOF
+--------------------------------------------------------------+
|===WelcometoTunoffservices===|
+--------------------------------------------------------------+
EOF
#---------------------------------------------------------------------------------
foriin`ls/etc/rc3.d/S*`
do
CURSRV=`echo$i|cut-c15-`
echo$CURSRV
case$CURSRVin
crond|irqbalance|microcode_ctl|network|random|sshd|syslog|local)
echo"Baseservices,Skip!"
;;
*)
echo"change$CURSRVtooff"
chkconfig--level235$CURSRVoff
service$CURSRVstop
;;
esac
done
echo"serviceisinitisok.............."
本剧本摘录自《构建高可用Linux办事器》(机器产业出书社)一书,转载贫苦说明出处,感谢。
本文出自“弹琴煮酒”博客,请务必保存此出处http://andrewyu.blog.51cto.com/1604432/724103
欢迎大家来到仓酷云论坛! |
|