zoukankan      html  css  js  c++  java
  • CentOS system Initialization

    CentOS系统初始化的常用命令脚本

    #!/bin/bash
    
    close_selinux(){
        sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
        sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
        setenforce 0
    }
    
    hostname_update(){
        read -p "Please input the new hostname: " SERVER_HOSTNAME
        kernel=`uname -r | awk -F'.' '{print $1}'`
        if [ $kernel == '2' ];then
            sed -i "/HOSTNAME/d" /etc/sysconfig/network
            sed -i "/NETWORKING=yes/aHOSTNAME=${SERVER_HOSTNAME}" /etc/sysconfig/network
        elif [ $kernel == '3' ];then
            echo "${SERVER_HOSTNAME}" > /etc/hostname
        else
            echo 'The kernel version is not recognized !!!'
            exit 1
        fi
        CURRENT_HOSTNAME=`hostname`
        sed -i "s/${CURRENT_HOSTNAME}/${SERVER_HOSTNAME}/g" /etc/hosts
    }
    
    create_user(){
        read -p 'Please input the username: ' username
        read -p 'Please input the password: ' password
        useradd $username
        echo "$username" | passwd --stdin "$password"
        read -p 'Does the user for sodu level?[y/n]' is_sudo
        if [ is_sudo == 'y' -o is_sudo == 'yes' ];then
            root_all=`cat /etc/sudoers | grep 'ALL=(ALL)' | grep root`
            sed -i "/$root_all/a${user_name}    ALL=(ALL)       ALL" /etc/sudoers
        fi
    }
    
    install_tool(){
        yum update -y
        yum install iptables-services vim wget dos2unix git tree lvm2 lsb net-tools openssh-clients vim-enhanced zip unzip telnet lsof ntsysv lrzsz -y
        yum install gcc gcc* gcc-c++ ntp make imake cmake automake autoconf compat* apr* nasm* python-devel bison-devel zlib zlib-devel glibc glibc-devel glib2 libxml glib2-devel libxml2 libxml2-devel bzip2 bzip2-devel libXpm libXpm-devel libidn libidn-devel libtool libtool-ltdl-devel* libmcrypt libmcrypt-devel libevent-devel libmcrypt* libicu-devel libxslt-devel postgresql-devel libaio libaio-devel curl curl-devel perl perl-Net-SSLeay  perl-Time-HiRespcre perl-ExtUtils-MakeMaker perl-DBD-MySQL.* pcre pcre-devel ncurses ncurses-devel openssl openssl-devel openldap openldap-devel openldap-clients openldap-servers krb5 krb5-devel e2fsprogs e2fsprogs-devel libjpeg libpng libjpeg-devel libjpeg-6b libjpeg-devel-6b libpng-devel libtiff-devel freetype freetype-devel fontconfig-devel gd gd-devel expat-devel gettext-devel kernel package screen sysstat flex bison cpio nss_ldap pam-devel compat-libstdc++-33 --skip-broken -y
    }
    
    profile_config(){
        echo "" >> /etc/profile
        echo "" >> /etc/rc.local
        sed -i /HISTSIZE/d /etc/profile
        echo 'HISTSIZE=10000' >> /etc/profile
        echo "HISTTIMEFORMAT=" | `whoami` | %F | %T | "" >> /etc/profile
        echo "alias ll='ls -l --time-style="+%Y-%m-%d %H:%M:%S"'" >> /etc/profile
        echo "alias date='date "+%Y-%m-%d %H:%M:%S.%A"'" >> /etc/profile
        echo "PS1='[e[37;40m][[e[33;40m]u[e[37;40m]@[e[32;40m]h [e[37;40m]:[e[35;40m]w[e[37;40m]]\$ '" >> /etc/profile
        echo "echo '============================================================'" >> /etc/profile
        echo 'cat /etc/redhat-release' >> /etc/profile
        echo "echo '============================================================'" >> /etc/profile
        echo 'df -Th' >> /etc/profile
        echo "echo '============================================================'" >> /etc/profile
        echo 'date' >> /etc/profile
        echo "echo '============================================================'" >> /etc/profile
        echo 'ulimit -SHn 655350' >> /etc/profile
        echo 'ulimit -SHn 655350' >> /etc/rc.local
        sed -i 's/net.ipv4.tcp_max_syn_backlog = 1024/net.ipv4.tcp_max_syn_backlog = 2048/g' /etc/sysctl.conf
        echo 'net.ipv4.tcp_tw_recycle = 1' >> /etc/sysctl.conf
        echo 'net.ipv4.tcp_tw_reuse = 1' >> /etc/sysctl.conf
        sysctl -p
    }
    
    crontab_config(){
        echo '############################ OM #############################' >> /var/spool/cron/root
        echo '# update the system patch(week7-05:10)' >> /var/spool/cron/root
        echo '10 05 * * 7     yum update -y' >> /var/spool/cron/root
        echo '# release the memory resource(day-05:50)' >> /var/spool/cron/root
        echo '59 06 * * *     echo 1 > /proc/sys/vm/drop_caches' >> /var/spool/cron/root
    }
    
    mail_config(){
        echo 'set from=yange@xihua888.com' >> /etc/mail.rc
        echo 'set smtp=smtp.exmail.qq.com' >> /etc/mail.rc
        echo 'set smtp-auth-user=yange@xihua888.com' >> /etc/mail.rc
        echo 'set smtp-auth-password=123456' >> /etc/mail.rc
        echo 'set smtp-auth=login' >> /etc/mail.rc
    }
    
    sshport_config(){
        echo 'Port 32822' >> /etc/ssh/sshd_config 
        service sshd restart
    }
    
    iptables_config(){
        iptables -F -t nat
        iptables -X -t nat
        iptables -Z -t nat
        iptables -X
        iptables -F
        iptables -A INPUT -p tcp -m tcp --dport 32822 -j ACCEPT
        iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
        iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
        iptables -A INPUT -i lo -j ACCEPT
        iptables -A INPUT -p icmp -j ACCEPT
        iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
        iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
        iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
        iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
        iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP
        iptables -A INPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP
        iptables -A INPUT -p tcp -m tcp --tcp-flags PSH,ACK PSH -j DROP
        iptables -A INPUT -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP
        iptables -P INPUT DROP
        iptables -P OUTPUT ACCEPT
        iptables -P FORWARD DROP
        service iptables save
        service iptables restart
    }
    
    main(){
        close_selinux;
        hostname_update;
        create_user;
        install_tool;
        profile_config;
        crontab_config;
        mail_config;
        sshport_config;
        iptables_config;
        if [ $? -eq 0 ];then
            echo 'server initialization is complate sucessfully'
        fi
    }
    
    main
    
  • 相关阅读:
    106. Construct Binary Tree from Inorder and Postorder Traversal
    105. Construct Binary Tree from Preorder and Inorder Traversal
    449. Serialize and Deserialize BST
    114. Flatten Binary Tree to Linked List
    199. Binary Tree Right Side View
    173. Binary Search Tree Iterator
    98. Validate Binary Search Tree
    965. Univalued Binary Tree
    589. N-ary Tree Preorder Traversal
    eclipse设置总结
  • 原文地址:https://www.cnblogs.com/yange/p/8078452.html
Copyright © 2011-2022 走看看