linux基础环境初始化bash脚本

LinuxSystem初始化脚本

• 关闭非必要服务、内核优化、安装基础环境

#!/bin/bash
System(){
sed -ri 's/^(SELINUX=)enforcing/\1disabled/'  /etc/selinux/config
systemctl stop firewalld.service
systemctl disable firewalld.service
sed -ri 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -ri 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
echo '%e.core.%p' > /proc/sys/kernel/core_pattern
systemctl stop postfix.service
systemctl disable postfix.service
systemctl stop abrtd.service
systemctl disable abrtd.service
systemctl stop NetworkManager
systemctl disable NetworkManager
systemctl disable acpid
systemctl disable ip6tables
systemctl disable mcelogd
systemctl disable mdmonitor
systemctl disable netfs
systemctl disable nfslock
systemctl disable openct
systemctl disable postfix 
systemctl disable rpcbind
systemctl disable rpcgssd
systemctl disable rpcidmapd
systemctl disable auditd
systemctl disable haldaemon
systemctl disable lldpad
systemctl disable atd
systemctl disable kdump
yum -y install lrzsz dos2unix ld-linux.so.2 OpenIPMI ipmitool chrony gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel nss_ldap openldap openldap-devel  openldap-clients openldap-servers libxslt-devel libevent-devel ntp  libtool-ltdl bison libtool vim-enhanced psmisc libbz2.so.1 libcrypto.so.6 libssl.so.6  libz.so.1 
echo '%e.core.%p' > /proc/sys/kernel/core_pattern

cat >> /etc/sysctl.conf <<EOF
net.core.somaxconn = 65535
net.core.netdev_max_backlog = 32768
net.ipv4.tcp_max_syn_backlog = 65536
net.ipv4.tcp_max_tw_buckets = 1440000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_keepalive_intvl = 15
net.ipv4.tcp_syncookies = 1

net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216
net.ipv4.tcp_mem = 16777216 16777216 16777216
net.ipv4.tcp_timestamps = 0

vm.swappiness = 10
vm.dirty_ratio = 10
vm.dirty_background_ratio = 5

fs.file-max = 65535
EOF
sysctl  -p

cat >> /etc/security/limits.conf <<EOF
* soft nproc 65535
* hard nproc 65535
* soft nofile 65535
* hard nofile 65535
EOF
echo "ulimit -SH 65535" >> /etc/rc.local
echo "nameserver 114.114.114.114" >> /etc/resolv.conf 
echo "ulimit -n 65535 "  >> /etc/profile
echo "export HISTTIMEFORMAT='%F %T '"  >> /etc/profile
echo "export HISTSIZE=\"100000\" "  >> /etc/profile
echo "ulimit -c unlimited"  >> /etc/profile
source /etc/profile 
echo 'PS1="\[\e[1;35m\][\u@\h \W]\\$ \[\e[0m\]"' >/etc/profile.d/env.sh 
reboot
}

System