#!/bin/bash
 #****************************************************************#
 # ScriptName: acfuninit.sh
 # version 1.1
 # Author: *****
 # Create Date: 2015-7-31
 # Modify Author:******
 # Modify Date: 2015-12-23
 # Function: acfun CentOS 6.7 init shell (use on kickstart)
 #***************************************************************#
 # 设置颜色参数
 GC="\033[1;32m"
 BC="\033[1;34m"
 RC="\033[1;31m"
 EC="\033[0m"
 __detect_result() {
     if [ $? -eq 0 ]; then
         echo -e "${GC}[  OK  ]${EC}"
         echo ""
     else
         echo -e "${RC}[FAILED]${EC}"
         echo ""
     fi
 }
 # 关闭图形界面
 clear;echo -en "${BC}Linux X11 is disabled...    ${EC}";sleep 1
 sed -i 's/id:5:initdefault:/id:3:initdefault:/g' /etc/inittab
 __detect_result
 # SSH 配置
 echo -en "${BC}SSH is config...    ${EC}";sleep 1
 sed -i 's/#ServerKeyBits 1024/ServerKeyBits 4096/g' /etc/ssh/sshd_config
 sed -i 's/#PermitRootLogin yes/PermitRootLogin without-password/g' /etc/ssh/sshd_config
 sed -i 's/#PermitEmptyPasswords no/PermitEmptyPasswords no/g' /etc/ssh/sshd_config
 sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
 sed -i 's/#Protocol 2,1/Protocol 2/g' /etc/ssh/sshd_config
 sed -i 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
 rm -fr /root/.ssh/ 2>/dev/null
 __detect_result
 # 添加系统管理员组
 echo -en "${BC}group & user is created...  ${EC}";sleep 1
 getent group xxadmin > /dev/null || groupadd -g 1000 xxadmin 2>/dev/null
 if [ $(grep -c "%xxadmin" /etc/sudoers) == 0 ]; then
     echo "%xxadmin   ALL=(ALL)  NOPASSWD: ALL" >> /etc/sudoers
 fi
 if [ $(grep -c "hostkeeper" /etc/passwd) == 0 ]; then
     useradd -u 1000 -g xxadmin -p '123456' -c "hostkeeper user" hostkeeper
 fi
 mkdir /home/hostkeeper/.ssh/ && echo 'ssh-rsa ********************************************
 -----END RSA PRIVATE KEY-----' > /home/hostkeeper/.ssh/id_rsa && chown -R hostkeeper:xxadmin /home/hostkeeper/.ssh && chmod 400 /home/hostkeeper/.ssh/*
 __detect_result
 # 字符编码设置为 UTF-8
 echo -en "${BC}LANG is en_US.UTF8...    ${EC}";sleep 1
 sed -i 's/LANG=.*/LANG="en_US.UTF-8"/g' /etc/sysconfig/i18n
 __detect_result
 # 清空 iptables 规则
 echo -en "${BC}iptables is optimize...    ${EC}";sleep 1
 iptables='/etc/sysconfig/iptables'
 if [ ! -f ${iptables} ] || [ $(grep -c '\-F' ${iptables}) == 0 ]; then
     sed -i 's/\-A FORWARD \-j REJECT \-\-reject\-with icmp\-host\-prohibited/\-A FORWARD \-j REJECT \-\-reject\-with icmp\-host\-prohibited\n\-F/g' $iptables
 fi
 __detect_result
 # 关闭 SElinux
 echo -en "${BC}Selinux is disabled...    ${EC}";sleep 1
 if [ $(getenforce) != 'Diabled' ]; then
     sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/sysconfig/selinux
     sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
 fi
 __detect_result
 # 配置 VIM
 #echo -en "${BC}vimrc is config...    ${EC}";sleep 1
 #echo "set paste" >> /etc/vimrc
 #echo "filetype on" >> /etc/vimrc
 #
 #__detect_result
 # 配置 security bash
 echo -en "${BC}acfun_bashenv.sh is config...    ${EC}";sleep 1
 cat > /etc/profile.d/acfun_bashenv.sh <<EOF
 # for security set
 alias chgrp='chgrp --preserve-root'
 alias chown='chown --preserve-root'
 alias chmod='chmod --preserve-root'
 alias rm='rm -i --preserve-root'
 # for history set
 HISTTIMEFORMAT='[%F %T] '
 HISTSIZE=2000
 # set vim set
 export EDITOR=vim
 alias vi='vim'
 EOF
 __detect_result
 # 配置 limit.conf
 echo -en "${BC}limits.conf is optimize...    ${EC}";sleep 1
 login='/etc/pam.d/login'
 if [ $(grep -c "pam_limits.so" ${login}) == 0 ]; then
     echo "session    required     pam_limits.so" >> ${login}
 fi
 limits='/etc/security/limits.conf'
 if [ $(grep -c "* soft nofile 655360" ${limits}) == 0 ]; then
     echo "* soft nofile 655360" >> ${limits}
     echo "* hard nofile 655360" >> ${limits}
     echo "* soft nproc  131072" >> ${limits}
     echo "* hard nproc  131072" >> ${limits}
     echo "# End of file" >> ${limits}
 fi
 nproc='/etc/security/limits.d/90-nproc.conf'
 if [ ! -f ${nproc} ] || [ $(grep -c 'nproc' ${nproc}) == 0 ];then
     echo '* soft nproc 131072' >> ${nproc}
 else
     sed -i 's/*.*soft.*nproc.*/*          soft    nproc     131072/g' ${nproc}
 fi
 __detect_result
 # 配置 sysctl.conf
 #echo -en "${BC}sysctl.conf is optimize...    ${EC}";sleep 1
 #sysctl='/etc/sysctl.conf'
 #if [ $(grep -c "net.ipv4.tcp_syncookies = 0" ${sysctl}) == 0 ]; then
 # {
 #    sed -i 's/net.ipv4.tcp_syncookies = 1/net.ipv4.tcp_syncookies = 0/g' ${sysctl}
 #    echo "net.ipv4.conf.all.arp_ignore = 1" >> ${sysctl}
 #    echo "net.ipv4.conf.all.arp_announce = 2" >> ${sysctl}
 #    echo "net.ipv4.conf.lo.arp_ignore = 1" >> ${sysctl}
 #    echo "net.ipv4.conf.lo.arp_announce = 2" >> ${sysctl}
 #    echo "net.core.rmem_default = 262144" >> ${sysctl}
 #    echo "net.core.wmem_default = 262144" >> ${sysctl}
 #    echo "net.core.netdev_max_backlog = 10000" >> ${sysctl}
 #    echo "net.core.rmem_max = 16777216" >> ${sysctl}
 #    echo "net.core.wmem_max = 16777216" >> ${sysctl}
 #    echo "net.ipv4.tcp_rmem = 8192 87380 16777216" >> ${sysctl}
 #    echo "net.ipv4.tcp_wmem = 8192 65536 16777216" >> ${sysctl}
 #    echo "net.ipv4.tcp_mem = 8388608 12582912 16777216" >> ${sysctl}
 #    echo "net.ipv4.tcp_max_syn_backlog = 4096" >> ${sysctl}
 #    echo "net.ipv4.tcp_synack_retries = 2" >> ${sysctl}
 #    echo "net.nf_conntrack_max = 8553600" >> ${sysctl}
 #    echo "net.netfilter.nf_conntrack_max = 8553600" >> ${sysctl}
 #    echo "net.netfilter.nf_conntrack_tcp_timeout_established = 60" >> ${sysctl}
 #}
 #fi
 #__detect_result
 # 建立数据目录
 echo -en "${BC}data file is create...    ${EC}";sleep 1
 mkdir -p /opt/logs
 mkdir -p /opt/package
 mkdir -p /opt/javaserver
 mkdir -p /opt/data/mysqldata
 mkdir -p /opt/data/redis
 mkdir -p /opt/data/zookeeper
 mkdir -p /opt/script
 mkdir -p /opt/backup
 __detect_result
 # 搭建rsync服务
 echo -e "${BC}create rsync server...    ${EC}";sleep 1
 touch /etc/rsyncd.conf
 if [ $(grep -c "rsync" /etc/rsyncd.conf) == 0 ]; then
 cat > /etc/rsyncd.conf <<EOF
 uid = root
 gid = root
 use chroot = no
 max connections = 10
 strict modes = yes
 pid file = /var/run/rsyncd.pid
 lock file = /var/run/rsync.lock
 log file = /opt/logs/rsyncd.log
 EOF
 fi
 if [ $(grep -c "/usr/bin/rsync --daemon" /etc/rc.local) == 0 ]; then
     echo '/usr/bin/rsync --daemon' >> /etc/rc.local
 fi
 /usr/bin/rsync --daemon
 __detect_result
 # 安装java服务
 echo -e "${BC}install oracle java...    ${EC}";sleep 1
 wget -P /tmp/ --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jdk/8u45-b14/jdk-8u45-linux-x64.rpm
 rpm -ivh /tmp/jdk-8u45-linux-x64.rpm
 echo "" >>/etc/profile
 echo "# java jdk config" >> /etc/profile
 echo "JAVA_HOME=/usr/java/jdk1.8.0_45" >> /etc/profile
 echo "PATH=\$JAVA_HOME/bin:\$JAVA_HOME/jre/bin:\$PATH" >> /etc/profile
 echo "CLASSPATH=.:\$JAVA_HOME/lib/dt.jar:\$JAVA_HOME/lib/tools.jar:\$JAVA_HOME/jre/lib/rt.jar" >> /etc/profile
 echo "export JAVA_HOME PATH CLASSPATH" >> /etc/profile
 source /etc/profile
 __detect_result
 # 关闭服务
 echo -e "${BC}services is optimize...    ${EC}";sleep 1
 chkconfig --level 35 abrt-ccpp off 2>/dev/null
 chkconfig --level 35 abrtd off 2>/dev/null
 chkconfig --level 35 acpid off 2>/dev/null
 chkconfig --level 35 atd off 2>/dev/null
 chkconfig --level 35 certmonger off 2>/dev/null
 chkconfig --level 35 cpuspeed off 2>/dev/null
 chkconfig --level 35 cups off 2>/dev/null
 chkconfig --level 35 mcelogd off 2>/dev/null
 chkconfig --level 35 mdmonitor off 2>/dev/null
 chkconfig --level 35 nfslock off 2>/dev/null
 chkconfig --level 35 ip6tables off 2>/dev/null
 chkconfig --level 35 postfix off 2>/dev/null
 service abrt-ccpp stop 2>/dev/null
 service abrtd stop 2>/dev/null
 service acpid stop 2>/dev/null
 service atd stop 2>/dev/null
 service certmonger stop 2>/dev/null
 service cpuspeed stop 2>/dev/null
 service cups stop 2>/dev/null
 service mcelogd stop 2>/dev/null
 service mdmonitor stop 2>/dev/null
 service nfslock stop 2>/dev/null
 service ip6tables stop 2>/dev/null
 service postfix stop 2>/dev/null
 __detect_result
 # 添加 yum 软件源
 echo -en "${BC}yum source is install...    ${EC}";sleep 1
 rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
 yum install yum-priorities -y
 epel='/etc/yum.repos.d/epel.repo'
 if [ $(grep -c "priority=10" ${epel}) == 0 ]; then
     sed -i 's/enabled = 1/enabled = 1\npriority = 10/g' ${epel}
 fi
 __detect_result
 # YUM 安装相关服务
 echo -e "${BC}packages is installed...    ${EC}";sleep 1
 yum -e 0 -d 0 -y -q install iftop iotop ipmitool wget telnet vim xinetd dmidecode redhat-lsb ntp openssl bash man gcc gcc-c++ make sysstat nc lrzsz parted mtr iptraf strace 2>/dev/null
 __detect_result
 # 初始安装关闭DHCP引导
 echo -e "${BC}DHCP BOOT is disabled...    ${EC}";sleep 1
 ipmitool -I open chassis bootdev disk options=persistent,efiboot
 __detect_result
 echo "system init finished!"
 echo ""
 echo "reboot after 1 minutes!"
 shutdown -r +1

centos_6.7_系统初始化的更多相关文章

  1. centos7 系统初始化脚本

    现在自己的本地虚拟机系统,直接安装的是centos7.2 mini版,安装完成发现好多东西都没有安装,所以写了一个简单的系统初始化脚本,让自己可以省一些力气,哈哈 人懒主要是. 下面贴出写的脚本,脚本 ...

  2. ssh下:系统初始化实现ServletContextListener接口时,获取spring中数据层对象无效的问题

    想要实现的功能:SSH环境下,数据层都交由Spring管理:在服务启动时,将数据库中的一些数据加载到ServletContext中缓存起来. 系统初始化类需要实现两个接口: ServletContex ...

  3. 详解linux系统的启动过程及系统初始化

    一.linux系统的启动流程 关于linux系统的启动流程我们可以按步进行划分为如下: POST加电自检 -->BIOS(Boot Sequence)-->加载对应引导上的MBR(boot ...

  4. Ztack学习笔记(2)-系统初始化分析

    main函数先执行初始化工作,包括硬件.网络层.任务等的初始化. 一 系统初始化 系统初始化函数主要完成内存分配.消息队列头.定时器.电源管理.任务系统及内存栈等的初始化,具体如下代码所示: //os ...

  5. Linux安装系统注意事项及系统初始化

      Linux安装系统注意事项 1.分区 学习用途: /boot:200M /swap :内存的1到2倍 /:根据需要分配大小,比如虚拟机下总空间是15G,那么可以分配8——10G跟/分区,如果是生产 ...

  6. ucos系统初始化及启动过程

    之前在ucos多任务切换中漏掉了一个变量, OSCtxSwCtr标识系统任务切换次数 主要应该还是用在调试功能中 Ucos系统初始化函数为OSInit(),主要完成以下功能 全局变量初始化 就绪任务表 ...

  7. centos系统初始化流程及实现系统裁剪

    Linux系统的初始化流程: POST:ROM+RAM BIOS: Boot Sequence MBR: 446:bootloader 64: 分区表 2: 5A kernel文件:基本磁盘分区 /s ...

  8. 【linux】系统初始化的shell脚本

    根据参考网上的一些文章,总结出来一个系统初始化的shell脚本 1.初始化脚本 #!/bin/bash cat << EOF +------------------------------ ...

  9. Saltstack生产案例之系统初始化

    把之前的配置打个包 zip -r salt.zip * 拷贝到/root/tools目录 博客园文件里面也保留一份,删除之前所有的salt配置文件重新开始 想 1,系统初始化 2,功能模块:设置单独的 ...

随机推荐

  1. SVM推导

    标准最大margin问题 假设data是linear seperable的 优化目标 希望 margin(w),i.e, 最小的点到直线的距离 最大 即是要得到最右的线,它对噪声的鲁棒性最好 得到的分 ...

  2. leetcode中一些要用到动态规划的题目

    需要仔细回顾的题目: 1.Interleaving String   交叉存取字符串 2.Decode Ways   字符串解码 3.Subsets   Subsets II          求一个 ...

  3. Windowsphone 之xml序列化和反序列化的应用(WebService解析返回的数据DataSet )

    关于Xml的序列化和反序列化: 可以看这篇文章,http://www.cnblogs.com/Windows-phone/p/3243575.html WebService解析返回的数据DataSet ...

  4. jQuery EasyUI 1.4.4 Combobox无法检索中文输入的问题

    在项目里使用了EasyUI的Combobox,当ComboBox的item是英文时,都能正常检索出对应项,但是如果使用中文输入法输入几个字母然后通过按shift键输入时,奇怪的事情发生了,combob ...

  5. WF学习笔记(四)

    1.使用WorkflowApplication.OnUnhandledException 处理Code异常 ,用于产生异常的Activity: public class ExceptionActivi ...

  6. 移动端利用iscroll实现小图变大图

    大图界面,使用iscroll,定义如下: var myScroll; function loaded(){ myScroll = new iScroll('wrapper', { zoom:true, ...

  7. Python 学习笔记(2) - 基本概念、运算符与表达式

    字符串 - 可以使用 3 种形式 - 单引号 :「'your string'」 - 双引号 :「"your string"」 - 三引号 :「'''your string''' 或 ...

  8. [python] 视频008

    悬挂else if(hi>2) if(hi>7) printf('aaa') else printf('b') c语言中else会与就近if匹配 三元操作符 small=x if x< ...

  9. 运输层协议----UDP

    import java.io.IOException; import java.net.DatagramPacket; import java.net.DatagramSocket; import j ...

  10. TCP三次握手和http过程

    pc浏览服务器网页此过程不包括域名查询,只描述TCP与http数据流的变化.一.pc与http服务器进行三次握手来建立连接.1.pc:seq=0 ack=0 syn=1 ack=0 发送给服务器建立同 ...