CentOS7系统初始化脚本

[[email protected] ~]# cat optimize.sh
#!/bin/bash
# Optimize the system after installation
PASSWD=reid
NETIP=192.168.56.11
PROTOBOOT=static
HOSTNAME=linux-node1.example.com
DNS1=192.168.56.2
NTPSERVER=ntp1.aliyun.com
YUMREPO=http://mirrors.aliyun.com/repo/Centos-7.repo
EPELREPO=http://mirrors.aliyun.com/repo/epel-7.repo
SSH_PORT=22122
# in case of some bad behaviours
CHATTR=chenhao
# Open the port for iptabeles input or maybe stop iptables
PORTS=80,22,21,8088
# record the system user,ip addresse,shell command and detail
HISTDIR=/usr/etc/.history

# the welcome info
cat << EOF
+------------------------------------------------------------------+
|     **********  Welcome to CentOS 7.x System init  **********    |
+------------------------------------------------------------------+
EOF
[ `whoami` != "root" ] && echo "please use root" && exit 1
function format() {
    echo -e "\033[32m Success!!!\033[0m\n"
    echo "#########################################################"
}

###change the root passwd
echo "set root passwd"
echo $PASSWD | passwd root --stdin &> /dev/null
format

###change network setting
echo ""> /etc/sysconfig/network-scripts/ifcfg-eth0
echo "TYPE=Ethernet"  >> /etc/sysconfig/network-scripts/ifcfg-eth0
echo "NAME=eth0"  >> /etc/sysconfig/network-scripts/ifcfg-eth0
echo "DEVICE=eth0" >> /etc/sysconfig/network-scripts/ifcfg-eth0
echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-eth0
echo "BOOTPROTO=$PROTOBOOT"  >> /etc/sysconfig/network-scripts/ifcfg-eth0
echo "IPADDR=$NETIP"  >> /etc/sysconfig/network-scripts/ifcfg-eth0
echo "NETMASK=255.255.255.0"  >>  /etc/sysconfig/network-scripts/ifcfg-eth0
#systemctl restart network
format

#stop NetworkManager
systemctl stop NetworkManager
systemctl diable NetworkManager
format

###add route
route add default gateway $DNS1
echo "route add default gateway $DNS1" >/etc/profile.d/add-route.sh
format

###change the hostname
echo "set hostname"
hostname $HOSTNAME && echo "$HOSTNAME" > /etc/hostname
format

###change the dns
echo "set DNS"
echo "" > /etc/resolv.conf
echo "nameserver $DNS1" > /etc/resolv.conf
#echo "nameserver $DNS2" >> /etc/resolv.conf
ping -c 3 www.baidu.com &> /dev/null || echo "Network is unreachable" || exit 3
format

###diable selinux
echo "disable selinux"
[ `getenforce` != "Disabled" ] && setenforce 0 &> /dev/null && sed -i s/"^SELINUX=.*$"/"SELINUX=disabled"/g /etc/sysconfig/selinux
format

###update yum repo
echo "set yum mirrors"
cd /etc/yum.repos.d/
mv CentOS-Base.repo CentOS-Base.repo.bak
curl -o /etc/yum.repos.d/CentOS-Base.repo $YUMREPO &> /dev/null
curl -o /etc/yum.repos.d/epel.repo $EPELREPO &> /dev/null
mv /var/cache/yum /tmp
yum clean all &> /dev/null && yum makecache &> /dev/null
format

###install the basic command
yum install vim wget openssl-devel ntpdate make gcc-c++  ncurses-devel net-snmp sysstat lrzsz zip unzip tree net-tools lftp -y
#yum -y groupinstall "Development Tools" "Server Platform Development" &> /dev/null
format

### change ssh port
#echo "set sshd"
#cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
#sed -i s/"^Port 22"/"Port $SSH_PORT"/g /etc/ssh/sshd_config
#sed -i s/"^UseDNS yes"/"UseDNS no"/g /etc/ssh/sshd_config
#service sshd restart &> /dev/null

###lock the important file($CHATTR -i to disable)
#echo "chattr files"
#chattr +i /etc/passwd
#chattr +i /etc/inittab
#chattr +i /etc/group
#chattr +i /etc/shadow
#chattr +i /etc/gshadow
#chattr +i /etc/resolv.conf
#chattr +i /etc/hosts
#chattr +i /etc/fstab
#mv /usr/bin/chattr /usr/bin/$CHATTR

###character set
echo "set LANG"
#sed -i s/"^LANG=.*$"/"LANG=zh_CN.UTF-8"/ /etc/locale.conf
#source /etc/locale.conf

###update timezone
echo "set ntptime"
cat /usr/share/zoneinfo/Asia/Shanghai > /etc/localtime
ntpdate $NTPSERVER &> /dev/null
echo "*/5 * * * * /usr/sbin/ntpdate $NTPSERVER  &>/dev/null" >> /etc/crontab
hwclock -w
format

###set the system limit
echo "Set ulimit 65535"
cat << EOF > /etc/security/limits.conf
*    soft    nofile  65535
*    hard    nofile  65535
*    soft    nproc 65535
*    hard    nproc 65535
EOF
sed -i ‘s/65535/1024000/g‘ /etc/security/limits.d/90-nproc.conf
format

###system audit and trouleshooting
echo "set history"
cat >> /etc/profile.d/system-audit.sh << EOF
USER_IP=`who -u am i 2>/dev/null| awk ‘{print $NF}‘|sed -e ‘s/[()]//g‘`
if [ -z $USER_IP ]
then
USER_IP=`hostname`
fi
if [ ! -d $HISTDIR ]
then
mkdir -p $HISTDIR
chmod 777 $HISTDIR
fi
if [ ! -d $HISTDIR/${LOGNAME} ]
then
mkdir -p $HISTDIR/${LOGNAME}
chmod 300 $HISTDIR/${LOGNAME}
fi
export HISTSIZE=2000
DT=`date +%Y%m%d_%H%M%S`
export HISTFILE="$HISTDIR/${LOGNAME}/${USER_IP}.history.$DT"
export HISTTIMEFORMAT="[%Y.%m.%d %H:%M:%S] "
chmod 600 $HISTDIR/${LOGNAME}/*.history* 2>/dev/null

ulimit -SHn 65535
ulimit -SHu unlimited
ulimit -SHd unlimited
ulimit -SHm unlimited
ulimit -SHs unlimited
ulimit -SHt unlimited
ulimit -SHv unlimited
EOF
source /etc/profile.d/system-audit.sh
format

###show the system info
echo "Set login message."
echo "This is Product Server" > /etc/issue
format

###iptables setting
echo "set iptables"
systemctl stop firewalld
systemctl disable firewalld
format
#iptables -F
#iptables -A INPUT -p tcp -m multiport --dports $SSH_PORT,$PORTS -j ACCEPT
#iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
#iptables -A INPUT -i lo -j ACCEPT
#iptables -A OUTPUT -m state --state NEW,ESTABLISHED -j ACCEPT
#iptables -P INPUT DROP
#iptables -P FORWARD DROP
#iptables -P OUTPUT ACCEPT
#service iptables save &> /dev/null

# reboot the system after setting
reboot

原文地址：https://www.cnblogs.com/reid21/p/9195557.html

时间： 2024-10-08 15:41:52

CentOS7系统初始化脚本的相关文章

centos7 系统初始化脚本

现在自己的本地虚拟机系统,直接安装的是centos7.2 mini版,安装完成发现好多东西都没有安装,所以写了一个简单的系统初始化脚本,让自己可以省一些力气,哈哈人懒主要是. 下面贴出写的脚本,脚本里面有好多地方写的不是特别完善,希望大家给出意见,让我来完善它. #!/bin/bash function readme(){echo ==========编写一个关于centos7 最小化系统安装后需要设置的东西 ==========echo ==========1.默认执行dhclient,获

linux系统监控工具汇总及几个小脚本，系统初始化脚本

重要性能监测工具:top.vmstat.w.uptime.ps.free.iostat.netstat./proc等需要监视Linux服务器的性能?大多数Linux发行版都集成了一些监视工具.这些工具可以获取有关系统活动的信息的详细指标.通过这些工具,你可以发现产生系统性能问题可能存在原因.下面讨论的是一些最基本的命令,它涉及到系统分析和调试服务器等一些问题,如:1. 找出系统瓶颈问题.2. 磁盘 (储存) 瓶颈问题.3. CPU和内存瓶颈问题.4. 网络瓶颈问题.#

简单的 centos7&rhel7 系统初始化脚本

1 #!/bin/bash 2 #描述: 基于RHEL7&centos7的初始化配置 3 4 #读取用户输入的ip 5 read -p "输入你当前Linux的IP地址:" LAST 6 7 #截取网卡名称 8 ETH=` ifconfig | head -1 | awk -F ":" '{print $1}'` 9 10 #截取ip地址的前三位 + '2' 作为网关地址 11 GATE="`echo $LAST | awk -F ".&

centos 6/7 系统初始化脚本

#!/bin/bash 初始化系统脚本适用centos6 和centos7 # PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/binexport PATHcur_dir=$(pwd)gcc_version=rpm -qa gcc | awk -F '[-]' '{print $2}' VERSION=cat /etc/issue | grep '6.'if [ "$VERSION" == &qu

一键linux系统初始化脚本

一.前言一般我们在安装新的系统时,系统的一些默认配置对我们来说是不行的,所以我们要自定义初始化系统. 二.需求1)设置时区并把同步时间加入计划任务2)禁用selinux3)清空原防火墙默认策略只保留ssh4)历史命令显示操作时间级用户5)创建ALL权限用户并禁止root远程登录6)禁止定时任务发送邮件7)设置最大打开文件数8)减少swap使用9)系统内核参数优化10)安装系统性能分析工具及其他常常用工具注意:安装新系统最好最小化安装. 三.脚本正文#!/bin/bash #设置时区并同步时间ln

CentOS6系统初始化脚本

#!/bin/bash ### Usage: This script use to config linux system #获取IP地址 172.16.100.100 outip=`ifconfig eth1 |grep inet|cut -f 2 -d ":" |cut -f 1 -d " "|awk -F "." '{print $4}'` #定义系统主机名 hostname=dbbak$outip.mstuc.cn1 #修改yum源 #

系统初始化脚本—安装zabbix_agentd

$ more /opt/auth.sh #!/bin/bash # 远程执行脚本 for IP in `cat /opt/IP.txt`;do sshpass -p '密码' ssh [email protected]$IP "sh /root/init.sh" done 注:sshpass命令需要手动安装 $ yum install sshpass -y $ more init.sh #!/bin/bash #********************************

LINUX 系统初始化脚本

#!/bin/bash ######the system first start configuretion #####for install ####copy right by donglei############## #1.配置sysctl mv /etc/sysctl.conf /etc/sysctl.bak echo "############################the new config for sysctl ########### net.ipv4.ip_forwa

给公司个别安装好的系统环境处理-相当half系统初始化脚本shell

#!/bin/bash# Used for other system-environment update! echo -e '\n\033[35m~~请使用root权限运行此脚本~~\033[0m\n'read -n 1 -p "Sure?(y/n):" sureechoif [ $sure == 'y' ]then echo -e '\n\033[32mcontinue......\033[0m\n'else exit 126fiecho -e "\033[34m[请输入