系统初始化脚本-centos6

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131

#!/bin/bash #检测是否为root用户 if [ $UID -ne 0 ];then echo "Must be root can do this." exit 9 fi #检测网络 echo "检测网络中......" /bin/ping www.baidu.com -c 2 &>/dev/null if [ $? -ne 0 ];then echo "现在网络无法通信，准备设置网络" read -p 'pls enter your ip: ' IP read -p 'pls enter your gateway: ' GW read -p 'pls enter your netmask: ' NM read -p 'pls enter your netcard: ' NC echo "IPADDR=$IP" >> /etc/sysconfig/network-scripts/ifcfg-$NC echo "NETMASK=$NM" >> /etc/sysconfig/network-scripts/ifcfg-$NC echo "GATEWAY=$GW" >> /etc/sysconfig/network-scripts/ifcfg-$NC echo "DNS1=114.114.114.114" >> /etc/sysconfig/network-scripts/ifcfg-$NC echo "DNS2=8.8.8.8" >> /etc/sysconfig/network-scripts/ifcfg-$NC sed -i 's/dhcp/static/g' /etc/sysconfig/network-scripts/ifcfg-$NC sed -i 's/ONBOOT=no/ONBOOT=yes/g' /etc/sysconfig/network-scripts/ifcfg-$NC /etc/init.d/network restart echo -e "\033[031m network is configure ok.\033[0m" else echo -e "\033[031m network is ok.\033[0m" fi #关闭 ctrl + alt + del echo "关闭 ctrl + alt + del ......." sed -i "s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/" /etc/inittab sed -i 's/^id:5:initdefault:/id:3:initdefault:/' /etc/inittab #关闭ipv6 echo "关闭IPv6....." echo "alias net-pf-10 off" >> /etc/modprobe.conf echo "alias ipv6 off" >> /etc/modprobe.conf /sbin/chkconfig --level 35 ip6tables off echo -e "\033[031m ipv6 is disabled.\033[0m" #关闭selinux echo "关闭SElinux......" sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config echo -e "\033[31m selinux is disabled,if you need,you must reboot.\033[0m" #更新yum源 echo "备份yum源......" mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo yum clean all yum makecache #安装基础库 echo "安装基础环境和库......" #yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel nss_ldap openldap openldap-devel openldap-clients openldap-servers libxslt-devel libevent-devel ntp libtool-ltdl bison libtool vim-enhanced yum install -y vim-enhanced iproute net-tools util-linux-ng gcc-c++ make cmake libxml2-devel openssl-devel \ screen git mailx dos2unix lrzsz dstat xinetd rsync tree bind-utils ncurses-devel autoconf automake zlib* fiex* libxml* \ ntpdate curl wget zip unzip gcc man perl-Net-SSLeay perl-IO-Socket-SSL libmcrypt* libtool-ltdl-devel* \ dstat tcpdump telnet salt-minion iptables-services bind-utils mtr python-devel #设置时钟同步 echo "设置时钟同步......" echo "*/5 * * * * root /usr/sbin/ntpdate time7.aliyun.com &>/dev/null" >> /etc/crontab #修改Bash提示符字符串 echo "改Bash提示符字符串......" echo 'PS1="\[\e[37;40m\][\[\e[32;40m\]\u\[\e[37;40m\]@\h \[\e[36;40m\]\w\[\e[0m\]]\\$ "' >> ~/.bashrc source .bashrc #修改文件打开数 echo "修改文件打开数......" cat >> /etc/security/limits.conf <<EOF * soft nproc 65535 * hard nproc 65535 * soft nofile 65535 * hard nofile 65535 EOF echo "ulimit -SH 65535" >> /etc/rc.local #优化内核参数 echo "优化内核参数....." sed -i 's/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g' /etc/sysctl.conf cat >> /etc/sysctl.conf << ENDF net.ipv4.tcp_max_syn_backlog = 65536 net.core.netdev_max_backlog = 32768 net.core.somaxconn = 32768 net.core.wmem_default = 8388608 net.core.rmem_default = 8388608 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_synack_retries = 2 net.ipv4.tcp_syn_retries = 2 net.ipv4.tcp_tw_recycle = 1 #net.ipv4.tcp_tw_len = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_mem = 94500000 915000000 927000000 net.ipv4.tcp_max_orphans = 3276800 net.ipv4.ip_local_port_range = 1024 65535 ENDF sysctl -p #创建普通用户 read -p "what's your system admin user and password? " U P useradd $U echo "$P" | passwd $U --stdin sed -i 's/#auth sufficient pam_wheel.so trust use_uid/auth sufficient pam_wheel.so trust use_uid/g' /etc/pam.d/su usermod -G wheel $U #优化ssh参数 echo "优化ssh....." sed -i '/^#UseDNS/s/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config sed -i 's/#PermitEmptyPasswords no/PermitEmptyPasswords no/g' /etc/ssh/sshd_config /etc/init.d/sshd restart #vim设置 cat >> /root/.vimrc << EOF set fenc=utf-8 "设定默认解码 set fencs=utf-8,usc-bom,euc-jp,gb18030,gbk,gb2312,cp936 set nocp "或者 set nocompatible 用于关闭VI的兼容模式 set ai "或者 set autoindent vim使用自动对齐，也就是把当前行的对齐格式应用到下一行 set si "或者 set smartindent 依据上面的对齐格式，智能的选择对齐方式 set tabstop=4 "设置tab键为4个空格 set sw=4 "或者 set shiftwidth 设置当行之间交错时使用4个空格 set ruler "设置在编辑过程中,于右下角显示光标位置的状态行 set incsearch "设置增量搜索,这样的查询比较smart set showmatch "高亮显示匹配的括号 set matchtime=5 "匹配括号高亮时间(单位为 1/10 s) set ignorecase "在搜索的时候忽略大小写 syntax on EOF