CentOS 6.5 最小化安装系统初始化脚本

Home » 编程开发 » CentOS 6.5 最小化安装系统初始化脚本

#!/bin/bash#:***********************************************#:Program:centos6_init_shell#:#:Author:ylhb#:#:History:2016-08-24#:#:Version:3.0#:***********************************************cat <<EOF +————————————————————–+ |=== Welcome to System init ===| +————————————————————–+EOFDATE=`date +%Y_%m_%d:%H_%M_%S`INIT_LOG="system_init_$DATE.log"#1.del_user_group_configUSER=(adm lp shutdown halt uucp operator games gopher)for i in `echo ${USER[*]}`doif grep -qs "$i" /etc/passwd;then/usr/sbin/userdel $ielseecho "$i is no exist"fidoneGROUP=(adm lp dip)for ii in `echo ${GROUP[*]}`doif grep -qs "$ii" /etc/group;then/usr/sbin/groupdel $iielseecho "$ii is no exist"fidoneif [ "$?" == "0" ];thenecho "$DATE [del_user_group_config] is [success]" >> /root/${INIT_LOG}fi#2.add_users_config#指定UID,密码不能明文显示/usr/sbin/useradd -u 1001 -m -G 10 ylhbsed -i '/ylhb/s#\!\!\$6\$bThzZvdb\$sJVzJ\.BKw11111111111111111111ty87MCdQ4co1111111NUjRlbEgboQAcpy3XMG80#g' /etc/shadowUSER1=(ylhb)for yl in `echo ${USER1[*]}`doif grep -qs "$yl" /etc/passwd;thenecho "$DATE $yl is added success" >>/root/${INIT_LOG}fidone#3.sudoer_configsed -i 's/Defaults requiretty/#Defaults requiretty/g' /etc/sudoersecho -e "User_Alias SYSADMINS = ylhb" >> /etc/sudoersecho -e "SYSADMINSALL=(ALL)NOPASSWD: ALL" >> /etc/sudoersecho "$DATE [sudoer_config] is [success]" >>/root/${INIT_LOG}#4.limits_configecho "*soft nofile65535" >>/etc/security/limits.confecho "*hard nofile65535" >>/etc/security/limits.confecho "*soft noproc65535" >>/etc/security/limits.confecho "*hard noproc65535" >>/etc/security/limits.confsed -i '/1024/s/1024/65535/g' /etc/security/limits.d/90-nproc.confecho "$DATE [limits_config] is [success]" >>/root/${INIT_LOG}#5.sysctl_configecho "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.confecho "net.ipv4.tcp_fin_timeout = 30" >> /etc/sysctl.confecho "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.confecho "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.confecho "net.ipv4.tcp_max_syn_backlog = 4096" >> /etc/sysctl.confecho "net.core.netdev_max_backlog = 10240" >> /etc/sysctl.confecho "net.ipv4.icmp_echo_ignore_broadcasts = 1" >> /etc/sysctl.confecho "net.core.somaxconn = 2048" >> /etc/sysctl.confecho "net.core.wmem_default = 8388608" >> /etc/sysctl.confecho "net.core.rmem_default = 8388608" >> /etc/sysctl.confecho "net.core.rmem_max = 16777216" >> /etc/sysctl.confecho "net.core.wmem_max = 16777216" >> /etc/sysctl.confecho "net.ipv4.conf.all.rp_filter = 1" >> /etc/sysctl.confecho "net.ipv4.tcp_keepalive_time = 300" >> /etc/sysctl.confecho "net.ipv4.tcp_synack_retries = 2" >> /etc/sysctl.confecho "net.ipv4.tcp_syn_retries = 2" >> /etc/sysctl.confecho "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.confecho "net.ipv4.ip_local_port_range = 5000 65000 " >> /etc/sysctl.confsysctl -pecho "$DATE [sysctl_config] is [success]" >>/root/${INIT_LOG}#6.history_configecho "export HISTSIZE=2000" >> /etc/profilesource /etc/profileecho "$DATE [history_config] is [success]" >>/root/${INIT_LOG}#7.pass_length and login count limitsed -i '25s/99999/90/g' /etc/login.defssed -i '27s/5/8/g' /etc/login.defssed -i '5i authrequired/lib64/security/pam_tally2.so deny=3 unlock_time=300' /etc/pam.d/system-auth#8.disable_selinux_configsed -i 's/SELINUX=.*/SELINUX=disabled/' /etc/selinux/configsetenforce 0echo "$DATE [disable_selinux_config] is [success]" >>/root/${INIT_LOG}#9.ntp_configntp_config_count=`crontab -l | grep ntpdate|wc -l`if [ ${ntp_config_count} -eq 0 ];thencat<<EOF >>/var/spool/cron/root*/5 * * * * /usr/sbin/ntpdate -s 1.1.1.1 >/dev/null 2>&1EOFfiif [ $? = 0 ];thenecho "$DATE [ntp_config] is [success]" >>/root/${INIT_LOG}fi#10.maxlogins_configecho "ylhb-maxlogins5" >> /etc/security/limits.confecho "$DATE [maxlogins_config] is [success]" >>/root/${INIT_LOG}#11.disbled_ipv6_configcat >>/etc/modprobe.d/disableipv6.conf << EOFalias net-pf-10 offoptions ipv6 disable=1EOFecho "$DATE [disble_ipv6_config] is [success]" >>/root/${INIIT_LOG}#12.character_configcat >> /etc/sysconfig/i18n << EOFLANG="en_US.UTF-8"SYSFONT="latarcyrheb-sun16"EOF#13.disable_service_configfor i in auditd blk-availability ip6tables iptables lvm2-monitor netfs udev-postdochkconfig $i offiptables -Fiptables -Xdoneecho "$DATE [disable_service_config] is [success]" >>/root/${INIT_LOG}#15.DNS configMASK=`ifconfig | grep -w "inet" | grep -v 127.0.0.1|awk -F':' '{print $2}'|sed 's/ Bcast$//g'| awk -F'.' '{print $1"."$2}'`echo $MASKif [ $MASK = "1.1" -o $MASK = "1.2" ]thencat > /etc/resolv.conf << EOFnameserver 1.1.1.1nameserver 1.1.1.2nameserver 1.1.1.3EOFelse:fi#16.sshd_configsed "s/#Port 22/Port 22/g" /etc/ssh/sshd_config -ised "s/^#Protocol 2/Protocol 2/g" /etc/ssh/sshd_config -ised "s/#UseDNS yes/UseDNS no/g" /etc/ssh/sshd_config -ised 's/#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config -ised 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config -ised 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/ssh_config -i/etc/init.d/sshd restartecho "$DATE [sshd_config] is [success]" >>/root/${INIT_LOG}#17.yum resource configmv /etc/yum.repos.d/* /tmp/wget -P /etc/yum.repos.d/ {CentOS-Base.repo,epel.repo}yum clean allyum install vim gcc gcc-c++ openssl-devel python-devel lrzsz tree ftp telnet -yread -p "Do you want to reboot the system?" wantcase $want inyes)echo "reboot now!"reboot;;no)echo "init over!";;*)echo "please useage yes or no! thanks";;esac

我喜欢旅游,喜欢离开自己过腻歪的城市,

CentOS 6.5 最小化安装系统初始化脚本

相关文章:

你感兴趣的文章:

标签云:

亚洲高清电影在线, 免费高清电影, 八戒影院夜间, 八戒电影最新大片, 出轨在线电影, 午夜电影院, 在线影院a1166, 在线电影院, 在线观看美剧下载, 日本爱情电影, 日韩高清电影在线, 电影天堂网, 直播盒子app, 聚合直播, 高清美剧, 高清美剧在线观看 EhViewer-E站, E站, E站绿色版, qqmulu.com, qq目录网, qq网站目录,