CentOS 6.X system initialization script

   Copyright statement: This article is an original article by Shaon Puppet. Please indicate the original address for reprinting. Thank you very much. https://blog.csdn.net/wh211212/article/details/52817795

#! /bin/bash 

#################################################

- - Info

Initialization CentOS 6.x script

#################################################

Changelog

20160601 shaonbean initial creation

#################################################

Auther: [email protected]

#################################################

Check if user is root

if [ $(id -u) != "0" ]; then
echo "Error: You must be root to run this script, please use root to initialization OS"
exit 1
fi

echo "+------------------------------------------------------------------------+"
echo "| To initialization the system for security and performance |"
echo "+------------------------------------------------------------------------+"

check host && network

check_hosts()
{
hostname=hostname
if grep -Eqi '^127.0.0.1[[:space:]]*localhost' /etc/hosts; then
echo "Hosts: ok."
else
echo "127.0.0.1 localhost.localdomain $hostname" >> /etc/hosts
fi
ping -c1 www.aniu.tv
if [ $? -eq 0 ] ; then
echo "DNS...ok"
echo "nameserver 8.8.8.8" >> /etc/resolv.conf
else
echo "DNS...fail"
echo -e "nameserver 8.8.8.8\nnameserver 114.114.114.114" > /etc/resolv.conf
fi
}

Set time zone synchronization

set_timezone()
{
echo "Setting timezone..."
rm -rf /etc/localtime
ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

install ntp

echo "[+] Installing ntp..."
yum install ntpdate -y
/usr/sbin/ntpdate pool.ntp.org
echo '*/5 * * * * /usr/sbin/ntpdate pool.ntp.org > /dev/null 2>&1' > /var/spool/cron/root;chmod 600 /var/spool/cron/root
/sbin/service crond restart
}

update os

update(){
yum -y update

change yum source

cd /etc/yum.repos.d/

mkdir bak

mv ./*.repo bak

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo

yum clean all && yum makecache

yum -y install wget vim unzip openssl-devel gcc gcc-c++ sysstat iotop openssh-clients telnet lsof
echo "yum update && yum install common command ......... succeed."
}

selinux()
{
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
echo "disbale selinux ..................succeed."
}

xen_hwcap_setting()

#{

if [ -s /etc/ld.so.conf.d/libc6-xen.conf ]; then

sed -i 's/hwcap 1 nosegneg/hwcap 0 nosegneg/g' /etc/ld.so.conf.d/libc6-xen.conf

fi

#}

Modify file open number,define 1024

/etc/security/limits.conf

limits_config()
{
cat >> /etc/security/limits.conf <<EOF

ulimit -n 8192

echo "ulimit -SHn 65535" >> /etc/rc.local
}

ulimit -n 8192

Shut off system service

stop_server()
{
echo "stop not nessccery services!"
for server in chkconfig --list |grep 3:on|awk '{ print $1}'
do
chkconfig --level 3 $server off
done

for server in crond network rsyslog sshd lvm2-monitor sysstat netfs blk-availability udev-post
do
chkconfig --level 3 $server on
done
}

define sshd

sshd_config(){

sed -i '/^#Port/s/#Port 22/Port 54077/g' /etc/ssh/sshd_config

sed -i '/^#UseDNS/s/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config

sed -i 's/#PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config

sed -i 's/#PermitEmptyPasswords no/PermitEmptyPasswords no/g' /etc/ssh/sshd_config
/etc/init.d/sshd restart
echo "set sshd && restat sshd succedd!"
}

iptables

iptables(){

disable iptables

/etc/init.d/iptables stop
chkconfig --level 3 iptables off

disable ipv6

echo "alias net-pf-10 off" >> /etc/modprobe.d/modprobe.conf
echo "alias ipv6 off" >> /etc/modprobe.d/modprobe.conf
echo "NETWORKING_IPV6=no" >> /etc/sysconfig/network
chkconfig --level 3 ip6tables off
/etc/init.d/ip6tables stop
echo "iptables is stop && ipv6 is disabled!"
}

other(){

initdefault

sed -i 's/^id:.*$/id:3:initdefault:/' /etc/inittab
/sbin/init q

PS1

echo 'PS1="[\e[37;40m][[\e[32;40m]\u[\e[37;40m]@\h [\e[35;40m]\W[\e[0m]]\$ [\e[33;40m]"' >> /etc/profile

echo "TMOUT=7200" >> /etc/profile

Record command

sed -i 's/^HISTSIZE=.*$/HISTSIZE=1000/' /etc/profile

echo "export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });user=$(whoami); echo $(date "+%Y-%m-%d %H:%M:%S"):$user:`pwd`/:$msg ---- $(who am i); } >> /tmp/`hostname`.`whoami`.history-timestamp'" >> /root/.bash_profile

wrong password five times locked 180s

sed -i '4a auth required pam_tally2.so deny=5 unlock_time=180' /etc/pam.d/system-auth

forbiden ctl-alt-delete

sed -i 's/exec /sbin/shutdown -r now "Control-Alt-Delete pressed"/#exec /sbin/shutdown -r now "Control-Alt-Delete pressed"/g' /etc/init/control-alt-delete.conf

source /etc/profile
}

delete_user()
{

delete no use user

echo "delete not use user"
echo ""
for user in adm lp sync shutdown halt uucp operator gopher
do userdel $user ; done
}

sysctl_add(){
cat >> /etc/sysctl.conf << EOF

appends

net.ipv4.tcp_synack_retries = 0
net.ipv4.tcp_max_syn_backlog = 20480
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 10
fs.file-max = 819200
net.core.somaxconn = 65536
net.core.rmem_max = 1024123000
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 165536
net.ipv4.ip_local_port_range = 10000 65535
EOF

set kernel parameters work

sysctl -p
}

main function

main(){
check_hosts
set_timezone
selinux
update
limits_config
stop_server
sshd_config
iptables
other
delete_user
sysctl_add
}

execute main functions

main

echo "+------------------------------------------------------------------------+"
echo "| To initialization system all completed !!! |"
echo "+------------------------------------------------------------------------+"

Recommended Posts

CentOS 6.X system initialization script
A centos initialization script
CentOS system optimization script, unfinished
CentOS 7.X system installation and optimization
centos system management
01 CentOS 7.6 switch system language
CentOS7.5-1804 system kernel upgrade
CentOS system startup process
VirtualBox install CentOS system
CentOS 6.X install VirtualBox-5.1
Centos7 install mongodb 4.x
Centos7.2 system optimization original
Centos system process management
Centos various time [system time/hardware time]
Install ElasticSearch 7.x on CentOS 7
Install docker on Centos system
Centos6 install mysql 5.7.x series
Detailed method of installing Kernel 5.x kernel version on CentOS 8 system
Centos backend system setup record
Centos6 system boot loading process
Linux centos system boot process
CentOS 6 automatically installs RabbitMQ script
View CentOS version information
View CentOS version information
A centos initialization script
CentOS system optimization script, unfinished
CentOS 6 automatically installs RabbitMQ script
CentOS 6.X system initialization script
CentOS server initialization setting detailed instructions
CentOS 6.x compile and install Nginx
CentOS7.2 install lepus database monitoring system
Install Centos7 operating system in Docker
001. Installation of enterprise-level CentOS7.6 operating system