给公司个别安装好的系统环境处理-相当half系统初始化脚本shell

#!/bin/bash
# Used for other system-environment update!

echo -e ‘\n\033[35m~~请使用root权限运行此脚本~~\033[0m\n‘
read -n 1 -p "Sure?(y/n):" sure
echo
if [ $sure == ‘y‘ ]
then
echo -e ‘\n\033[32mcontinue......\033[0m\n‘
else
exit 126
fi
echo -e "\033[34m[请输入nginx配置文件所在目录路径]：\033[0m" && read nginx_conf_dir
echo -e "\033[34m[请输入php配置文件所在目录路径]：\033[0m" && read php_conf_dir

sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g‘ /etc/sysconfig/selinux
setenforce 0
for i in {adm,games,lp,operator,systemd-network,dbus,polkitd,halt}
do /usr/sbin/userdel -r $i
done
/usr/sbin/useradd -M www;/usr/sbin/useradd -M ops
openssl rand -base64 8 >/home/ops.pass;openssl rand -base64 8 >/home/www.pass
cat /home/ops.pass | passwd --stdin ops
cat /home/www.pass | passwd --stdin www

mkdir -p /data/{bak,bin,logs,package,soft,store,tmp,upload,www}
echo ‘
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 62144
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 1024 65535
‘ >>/etc/sysctl.conf
sysctl -p
echo ‘
* soft nofile 65536
* hard nofile 65536
* soft nproc 2048
* hard nproc 4096
‘ >> /etc/security/limits.conf
sed -i ‘s/env_reset$/env_reset,pwfeedback/g‘ /etc/sudoers
echo ‘
ops ALL=(ALL) NOPASSWD: ALL
www ALL=(ALL) NOPASSWD: /bin/whoami,/usr/bin/pwd,!/usr/bin/chattr,!/usr/bin/yum,!/usr/bin/chmod,!/usr/bin/rm
‘ >> /etc/sudoers
/usr/bin/chattr +i /etc/passwd /etc/shadow /etc/group /etc/gshadow /etc/inittab
#args1:是nginx配置文件目录
sed -i ‘s/^#user nobody;/user www;/g‘ $nginx_conf_dir
#args2:是php-fpm配置文件目录
sed -i ‘s/^user = nobody$/user = www/g;s/^group = nobody$/group = www/g‘ $php_conf_dir

原文地址：https://www.cnblogs.com/immense/p/11402817.html