歡迎您光臨本站 註冊首頁
開源互助社區>文檔>Linux

linux安裝后初始化腳本

←手機掃碼閱讀     火星人 @ 2014-03-08 , reply:0

以下腳本用於linux系統的初始化腳本,可以在伺服器系統安裝完畢之後立即執行.腳本結合各位大牛一些參數,已經在CentOS 5下通過.
使用方法:將其複製,保存為一個shell文件,比如init.sh.將其上傳到linux伺服器上,執行sh init.sh.建議大家在系統安裝后立即執行.
腳本內容:

  1. #!/bin/bash 
  2. #by LinuxEye 
  3. #BLOG: http://blog.linuxeye.com 
  4. #系統瘦身 
  5. yum -y groupremove "FTP Server" "Text-based Internet" "Windows File Server" "PostgreSQL Database" "News Server" "DNS Name Server" "Web Server" "Dialup Networking Support" "Mail Server" "Office/Productivity" "Ruby" "Office/Productivity" "Sound and Video" "X Window System" "X Software Development" "Printing Support" "OpenFabrics Enterprise Distribution"  
  6. #安裝依賴包 
  7. yum -y install gcc gcc-c   autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel nss_ldap openldap openldap-devel  openldap-clients openldap-servers libxslt-devel libevent-devel ntp  libtool-ltdl bison libtool vim-enhanced 
  8. #關閉不必要的服務 
  9. chkconfig --list | awk '{print "chkconfig " $1 " off"}' > /tmp/chkconfiglist.sh;/bin/sh /tmp/chkconfiglist.sh;rm -rf /tmp/chkconfiglist.sh         
                     
  10. chkconfig  crond on 
  11. chkconfig  irqbalance on 
  12. chkconfig  network on 
  13. chkconfig  sshd on 
  14. chkconfig  syslog on 
  15. chkconfig  iptables on 
  16. setenforce 0 
  17. sed -i 's/^SELINUX=.*$/SELINUX=disabled/g' /etc/sysconfig/selinux
  18. #i18n
    sed -i 's@LANG=.*$@LANG="en_US.UTF-8"@g' /etc/sysconfig/i18n 
  19. #修改啟動模式 
  20. sed -i 's/id:.*$/id:3:initdefault:/g' /etc/inittab  
  21. #關閉不需要的tty 
  22. sed -i 's/3:2345:respawn/#3:2345:respawn/g' /etc/inittab 
  23. sed -i 's/4:2345:respawn/#4:2345:respawn/g' /etc/inittab 
  24. sed -i 's/5:2345:respawn/#5:2345:respawn/g' /etc/inittab 
  25. sed -i 's/6:2345:respawn/#6:2345:respawn/g' /etc/inittab 
  26. sed -i 's/ca::ctrlaltdel/#ca::ctrlaltdel/g' /etc/inittab 
  27. /sbin/init q 
  28. #修改PS1 
  29. echo 'PS1="\[\e[37;40m\][\[\e[32;40m\]\u\[\e[37;40m\]@\h \[\e[35;40m\]\W\[\e[0m\]]\\$ \[\e[33;40m\]"' >> /etc/profile 
  30. #修改shell命令的history記錄個數 
  31. sed -i 's/HISTSIZE=.*$/HISTSIZE=        
                     100/g' /etc/profile 
  32. source /etc/profile 
  33. #記錄每個命令 
  34. mkdir /root/logs 
  35. echo "export PROMPT_COMMAND='{ msg=\$(history 1 | { read x y; echo \$y; });user=\$(whoami); echo \$(date \" %Y-%m-%d %H:%M:%S\"):\$user:\`pwd\`/:\$msg ---- \$(who am i); } >> \$HOME/logs/\`hostname\`.\`whoami\`.history-timestamp'" >> /root/.bash_profile 
  36. #密碼輸錯5次鎖定180s 
  37. sed -i '4a auth        required      pam_tally2.so deny=5 unlock_time=180' /etc/pam.d/system-auth 
  38. #alias設置 
  39. sed -i '7a alias vi=vim' /root/.bashrc  
  40. #調整Linux的最大文件打開數 
  41. echo "* soft nofile 60000" >> /etc/security/limits.conf 
  42. echo "* hard nofile 65535" >> /etc/security/limits.conf 
  43. echo "ulimit -SH 65535" >> /etc/rc.local 
  44. #關閉ipv6 
  45. sed -i 's/NETWORKING_IPV6=.*$/        
                         NETWORKING_IPV6=no/g' /etc/sysconfig/network  
  46. #網路參數調整 
  47. sed -i 's/net.ipv4.tcp_syncookies.*$/net.ipv4.tcp_syncookies = 1/g' /etc/sysctl.conf 
  48. echo 'net.ipv4.tcp_tw_reuse = 1' >> /etc/sysctl.conf 
  49. echo 'net.ipv4.tcp_tw_recycle = 1' >> /etc/sysctl.conf 
  50. echo 'net.ipv4.ip_local_port_range = 1024 65000' >> /etc/sysctl.conf 
  51. sysctl -p 
  52. #校正時間 
  53. /usr/sbin/ntpdate ntp.api.bz 
  54. echo '/usr/sbin/ntpdate ntp.api.bz > /dev/null 2>&1' > /var/spool/cron/root;chmod 600 /var/spool/cron/root 
  55. /sbin/service crond restart 
  56. #iptables配置 
  57. sed -i 's/IPTABLES_MODULES="ip_conntrack_netbios_ns"/#IPTABLES_MODULES="ip_conntrack_netbios_ns"/g' /etc/sysconfig/iptables-config         
                     
  58. cat > /etc/sysconfig/iptables << EOF 
  59. # Firewall configuration written by system-config-securitylevel 
  60. # Manual customization of this file is not recommended. 
  61. *filter 
  62. :INPUT DROP [0:0] 
  63. :FORWARD ACCEPT [0:0] 
  64. :OUTPUT ACCEPT [0:0] 
  65. -A INPUT -i lo -j ACCEPT 
  66. -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
  67. -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT 
  68. -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT 
  69. -A INPUT -p icmp -m limit --limit 100/sec --limit-burst 100 -j ACCEPT 
  70. -A INPUT -p icmp -m limit --limit 1/s --limit-burst 10 -j ACCEPT 
  71. # -A INPUT -p udp -m udp --dport 20 -j ACCEPT 
  72. COMMIT 
  73. EOF 
  74. /sbin/service atd start 
  75. echo "/sbin/service iptables stop" | at now 3minutes 
  76. /sbin/service iptables restart

本文出自 「linux運維筆記」 博客,請務必保留此出處http://linuxeye.blog.51cto.com/4371937/772738

[火星人 ] linux安裝后初始化腳本已經有471次圍觀

http://coctec.com/docs/linux/show-post-46968.html

熱門文章

  1. VMware 虛擬機(linux)增加根目錄磁碟空間
  2. Linux系統調用函數fork()用法詳解
  3. Linux和Unix系統的關係和區別詳細介紹
  4. linux下使用mount掛著網路磁碟
  5. 用ghost備份和還原Linux系統
  6. Raspberry Pi:完美的家用伺服器
  7. 5款替代微軟Visio的開源免費軟體
  8. 5 款 Ubuntu 系統監控工具
  9. 如何查找 Linux 死機原因?
  10. Df命令:查看Linux磁碟剩餘空間方法介紹

最新文章

  1. CentOS使用expect批量遠程執行腳本和命令
  2. 3000字掃盲shell基礎知識(新手必備)
  3. Linux 系統雙網卡綁定配置實現
  4. 在Ubuntu中實現人臉識別登錄的完整步驟
  5. Linux下9種優秀的代碼比對工具推薦小結
  6. Linux中fuser命令用法詳解
  7. Linux系統使用Fuser命令的方法
  8. Linux如何在Vim中更改顏色和主題
  9. 如何使用​win10內置的linux系統啟動spring-boot項目
  10. Linux 常用命令操作大全