linux centos6 系统优化脚本-经典
#!/bin/bash
# ID 201510192126
# Author Ricky
# E-mail 564001002@qq.com
# CentOS 6 系统初始优化脚本 IT运维管理技术交流群 16548318
# version 1.1.0
# 检查是否为root用户,脚本必须在root权限下运行 #
if
[[
"$(whoami)"
!=
"root"
]];
then
echo
"please run this script as root !"
>&2
exit
1
fi
echo
-e
"\033[31m the script only Support CentOS_6 x86_64 \033[0m"
echo
-e
"\033[31m system initialization script, Please Seriously. press ctrl+C to cancel \033[0m"
# 按Y继续默认N,其他按键全部退出 #
yn=
"n"
echo
"please input [Y\N]"
echo
-n
"default [N]: "
read
yn
if
[
"$yn"
!=
"y"
-a
"$yn"
!=
"Y"
];
then
echo
"bye-bye!"
exit
0
fi
# 倒计时 #
for
i
in
`
seq
-w 3 -1 1`
do
echo
-
ne
"\b>>>>>$i"
;
sleep
1;
done
echo
-e
"\b\Good Luck"
# 检查是否为64位系统,这个脚本只支持64位脚本
platform=`
uname
-i`
if
[ $platform !=
"x86_64"
];
then
echo
"this script is only for 64bit Operating System !"
exit
1
fi
echo
"the platform is ok"
# 安装必要支持工具及软件工具
yum -y
install
redhat-lsb vim unzip openssl-client
gcc
gcc
-c++
# clear
echo
"Tools installation is complete"
# 检查系统版本为centos 6
distributor=`lsb_release -i |
awk
'{print $NF}'
`
version=`lsb_release -r |
awk
'{print substr($NF,1,1)}'
`
if
[ $distributor !=
'CentOS'
-o $version !=
'6'
];
then
echo
"this script is only for CentOS 6 !"
exit
1
fi
# clear
cat
<< EOF
+---------------------------------------+
| your system is CentOS 6 x86_64 |
| start optimizing |
+---------------------------------------+
EOF
sleep
3
# instll repo
yum_update(){
#make the 163.com as the default yum repo
if
[ ! -e
"/etc/yum.repos.d/bak"
];
then
mkdir
/etc/yum
.repos.d
/bak
mv
/etc/yum
.repos.d
/CentOS-Base
.repo
/etc/yum
.repos.d
/bak/CentOS-Base
.repo.backup
fi
#add
wget http:
//mirrors
.163.com/.help
/CentOS6-Base-163
.repo -O
/etc/yum
.repos.d
/CentOS-Base
.repo
#add the third-party repo
#rpm -Uvh http://download.Fedora.RedHat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm
rpm -Uvh
ftp
:
//ftp
.muug.mb.ca
/mirror/centos/6
.7
/extras/x86_64/Packages/epel-release-6-8
.noarch.rpm
#add the epel
rpm --
import
/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
#add the rpmforge
rpm -Uvh http:
//packages
.sw.be
/rpmforge-release/rpmforge-release-0
.5.2-2.el6.rf.x86_64.rpm
rpm --
import
/etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
#update the system
yum clean all && yum makecache
yum -y update glibc\*
yum -y update yum\* rpm\* python\*
yum -y update
echo
-e
"\033[31m yum update ok \033[0m"
sleep
1
}
#time zone
zone_time(){
#install ntp
yum -y
install
ntp
#time zone
if
[ `
date
+%z` !=
"+0800"
];
then
rm
-rf
/etc/localtime
ln
-sf
/usr/share/zoneinfo/Asia/Shanghai
/etc/localtime
cat
>
/etc/sysconfig/clock
<< EOF
ZONE=
"Asia/Shanghai"
UTC=
false
ARC=
false
EOF
if
[ `
date
+%z` !=
"+0800"
];
then
echo
"The Shanghai time zone error"
rm
-rf
/etc/localtime
ln
-sf
/usr/share/zoneinfo/Asia/Chongqing
/etc/localtime
cat
>
/etc/sysconfig/clock
<< EOF
ZONE=
"Asia/Chongqing"
UTC=
false
ARC=
false
EOF
if
[ `
date
+%z` !=
"+0800"
];
then
echo
"The Chongqing time zone error"
rm
-rf
/etc/localtime
ln
-sf
/usr/share/zoneinfo/Asia/Hong_Kong
/etc/localtime
cat
>
/etc/sysconfig/clock
<< EOF
ZONE=
"Asia/Hang_Kong"
UTC=
false
ARC=
false
EOF
if
[ `
date
+%z` !=
"+0800"
];
then
echo
"The Hang_Kong time zone error, To write Shanghai time zone "
echo
-e
"\033[31m time zone error , please manual settings \033[0m"
rm
-rf
/etc/localtime
ln
-sf
/usr/share/zoneinfo/Asia/Shanghai
/etc/localtime
cat
>
/etc/sysconfig/clock
<< EOF
ZONE=
"Asia/Shanghai"
UTC=
false
ARC=
false
EOF
fi
fi
fi
fi
echo
"Present time zone:"
`
date
+%z`
cat
/etc/sysconfig/clock
echo
-e
"\033[31m time zone ok \033[0m"
sleep
1
# set time
echo
"update time please wait!"
/usr/sbin/ntpdate
210.72.145.44 >
/dev/null
2>&1
#sed -i "/ntpdate/s/^/#/g" /var/spool/cron/root
sed
-i
"/ntpdate/d"
/var/spool/cron/root
sed
-i
"/hwclock/d"
/var/spool/cron/root
cat
>>
/var/spool/cron/root
<< EOF
*
/5
* * * *
/usr/sbin/ntpdate
210.72.145.44 >
/dev/null
2>&1
* * * * *
/1
/usr/sbin/hwclock
-w >
/dev/null
2>&1
EOF
chmod
600
/var/spool/cron/root
/sbin/service
crond restart
echo
-e
"\033[31m time zone ok \033[0m"
sleep
1
}
# set hosts
hosts(){
#修改hostname为127.0.0.1
if
[
"$(hostname -i)"
!=
"127.0.0.1"
];
then
sed
-i
"s@^127.0.0.1\(.*\)@127.0.0.1 `hostname`\1@"
/etc/hosts
fi
hostname
-i
echo
-e
"\033[31m hosts ok \033[0m"
sleep
1
}
#set the file limit
limits_config(){
#修改文件打开数
sed
-i
"/^ulimit -SHn.*/d"
/etc/rc
.
local
echo
"ulimit -SHn 102400"
>>
/etc/rc
.
local
sed
-i
"/^ulimit -s.*/d"
/etc/profile
sed
-i
"/^ulimit -c.*/d"
/etc/profile
sed
-i
"/^ulimit -SHn.*/d"
/etc/profile
cat
>>
/etc/profile
<< EOF
#
#
#
ulimit
-c unlimited
ulimit
-s unlimited
ulimit
-SHn 102400
EOF
source
/etc/profile
ulimit
-a
cat
/etc/profile
|
grep
ulimit
echo
-e
"\033[31m hosts ok \033[0m"
if
[ ! -f
"/etc/security/limits.conf.bak"
];
then
cp
/etc/security/limits
.conf
/etc/security/limits
.conf.bak
fi
sed
-i
"/^*.*soft.*nofile/d"
/etc/security/limits
.conf
sed
-i
"/^*.*hard.*nofile/d"
/etc/security/limits
.conf
sed
-i
"/^*.*soft.*nproc/d"
/etc/security/limits
.conf
sed
-i
"/^*.*hard.*nproc/d"
/etc/security/limits
.conf
cat
>>
/etc/security/limits
.conf << EOF
#
#
#
#
#---------custom-----------------------
#
* soft nofile 65535
* hard nofile 65535
* soft nproc 65535
* hard nproc 65535
EOF
cat
/etc/security/limits
.conf |
grep
"^* .*"
echo
-e
"\033[31m limits ok \033[0m"
sleep
1
}
# tune kernel parametres #优化内核参数
sysctl_config(){
#delete
if
[ ! -f
"/etc/sysctl.conf.bak"
];
then
cp
/etc/sysctl
.conf
/etc/sysctl
.conf.bak
fi
sed
-i
"/^net.ipv4.ip_forward/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.conf.default.rp_filter/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.conf.default.accept_source_route/d"
/etc/sysctl
.conf
sed
-i
"/^kernel.sysrq/d"
/etc/sysctl
.conf
sed
-i
"/^kernel.core_uses_pid/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_syncookies/d"
/etc/sysctl
.conf
sed
-i
"/^kernel.msgmnb/d"
/etc/sysctl
.conf
sed
-i
"/^kernel.msgmax/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_max_tw_buckets/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_sack/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_window_scaling/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_rmem/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_wmem/d"
/etc/sysctl
.conf
sed
-i
"/^net.core.wmem_default/d"
/etc/sysctl
.conf
sed
-i
"/^net.core.rmem_default/d"
/etc/sysctl
.conf
sed
-i
"/^net.core.rmem_max/d"
/etc/sysctl
.conf
sed
-i
"/^net.core.wmem_max/d"
/etc/sysctl
.conf
sed
-i
"/^net.core.netdev_max_backlog/d"
/etc/sysctl
.conf
sed
-i
"/^net.core.somaxconn/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_max_orphans/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_max_syn_backlog/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_timestamps/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_synack_retries/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_syn_retries/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_tw_recycle/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_tw_reuse/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_mem/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_fin_timeout/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.tcp_keepalive_time/d"
/etc/sysctl
.conf
sed
-i
"/^net.ipv4.ip_local_port_range/d"
/etc/sysctl
.conf
#sed -i "/^net.ipv4.tcp_tw_len/d" /etc/sysctl.conf
#add
cat
>>
/etc/sysctl
.conf << EOF
#
#
#
#
#-------custom---------------------------------------------
#
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 262144
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_timestamps = 0
#net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_synack_retries = 2
#net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
#net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_fin_timeout = 15
net.ipv4.tcp_keepalive_time = 30
net.ipv4.ip_local_port_range = 1024 65535
#net.ipv4.tcp_tw_len = 1
EOF
#buckets
echo
6000 >
/proc/sys/net/ipv4/tcp_max_tw_buckets
#delete
sed
-i
"/^kernel.shmmax/d"
/etc/sysctl
.conf
sed
-i
"/^kernel.shmall/d"
/etc/sysctl
.conf
#add
shmmax=`
free
-l |
grep
Mem |
awk
'{printf("%d\n",$2*1024*0.9)}'
`
shmall=$[$shmmax
/4
]
echo
"kernel.shmmax = "
$shmmax >>
/etc/sysctl
.conf
echo
"kernel.shmall = "
$shmall >>
/etc/sysctl
.conf
#bridge
modprobe bridge
lsmod|
grep
bridge
#reload sysctl
/sbin/sysctl
-p
echo
-e
"\033[31m sysctl ok \033[0m"
sleep
1
}
# control-alt-delete
set_key(){
#set the control-alt-delete to guard against the miSUSE
sed
-i
's#^exec /sbin/shutdown -r now#\#exec /sbin/shutdown -r now#'
/etc/init/control-alt-delete
.conf
cat
/etc/init/control-alt-delete
.conf |
grep
/sbin/shutdown
echo
-e
"\033[31m control-alt-delete ok \033[0m"
sleep
1
}
#disable selinux #关闭SELINUX
selinux(){
sed
-i
's/SELINUX=enforcing/SELINUX=disabled/'
/etc/selinux/config
setenforce 0
echo
-e
"\033[31m selinux ok \033[0m"
sleep
1
}
#set sshd_config UseDNS
ssh_GSS(){
#sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed
-i
'/^#UseDNS/s/#UseDNS yes/UseDNS no/g'
/etc/ssh/sshd_config
sed
-i
's/#UseDNS yes/UseDNS no/'
/etc/ssh/sshd_config
sed
-i
's/#PermitEmptyPasswords no/PermitEmptyPasswords no/g'
/etc/ssh/sshd_config
/etc/init
.d
/sshd
restart
cat
/etc/ssh/sshd_config
|
grep
-i usedns
cat
/etc/ssh/sshd_config
|
grep
-i PermitEmptyPasswords
echo
-e
"\033[31m sshd ok \033[0m"
sleep
1
}
#define the backspace button can erase the last character typed
backspace_button(){
sed
-i
"/^stty erase ^H/d"
/etc/profile
echo
'stty erase ^H'
>>
/etc/profile
sed
-i
"/^syntax.*/d"
/root/
.vimrc
echo
"syntax on"
>>
/root/
.vimrc
echo
-e
"\033[31m backspace ok \033[0m"
cat
/etc/profile
|
grep
-i
"stty erase ^H"
cat
/root/
.vimrc |
grep
-i
"syntax"
sleep
1
}
#stop some crontab
stop_crond(){
if
[ ! -e
"/etc/cron.daily.bak"
];
then
mkdir
/etc/cron
.daily.bak
mv
/etc/cron
.daily
/makewhatis
.
cron
/etc/cron
.daily.bak >
/dev/null
2>&1
mv
/etc/cron
.daily
/mlocate
.
cron
/etc/cron
.daily.bak >
/dev/null
2>&1
fi
echo
-e
"\033[31m crond ok \033[0m"
sleep
1
}
#disable some service
dissable_service(){
chkconfig bluetooth off >
/dev/null
2>&1
chkconfig cups off >
/dev/null
2>&1
chkconfig ip6tables off >
/dev/null
2>&1
chkconfig |
grep
-E
"cups|ip6tables|bluetooth"
echo
-e
"\033[31m service ok \033[0m"
sleep
1
}
#disable the ipv6
stop_ipv6(){
cat
>
/etc/modprobe
.d
/ipv6
.conf << EOFI
#
#
#
#---------------custom-----------------------
#
alias
net-pf-10 off
options ipv6 disable=1
EOFI
sed
-i
"/^NETWORKING_IPV6.*/d"
/etc/sysconfig/network
echo
"NETWORKING_IPV6=off"
>>
/etc/sysconfig/network
cat
/etc/sysconfig/network
|
grep
NETWORKING_IPV6
echo
-e
"\033[31m ipv6 ok \033[0m"
sleep
1
}
#language..
inittab(){
if
[ -z
"$(cat /etc/redhat-release | grep '6\.')"
];
then
sed
-i
's/3:2345:respawn/#3:2345:respawn/g'
/etc/inittab
sed
-i
's/4:2345:respawn/#4:2345:respawn/g'
/etc/inittab
sed
-i
's/5:2345:respawn/#5:2345:respawn/g'
/etc/inittab
sed
-i
's/6:2345:respawn/#6:2345:respawn/g'
/etc/inittab
sed
-i
's/ca::ctrlaltdel/#ca::ctrlaltdel/g'
/etc/inittab
sed
-i
's@LANG=.*$@LANG="en_US.UTF-8"@g'
/etc/sysconfig/i18n
else
sed
-i
's@^ACTIVE_CONSOLES.*@ACTIVE_CONSOLES=/dev/tty[1-2]@'
/etc/sysconfig/init
sed
-i
's@^start@#start@'
/etc/init/control-alt-delete
.conf
fi
/sbin/init
q
#locale
echo
$LANG
echo
-e
"\033[31m inittab ok \033[0m"
sleep
1
}
# iptables
iptables(){
#add iptables
yum -y
install
iptables
#iptables conf bak
if
[ ! -e
"/etc/sysconfig/iptables.bak"
];
then
cp
/etc/sysconfig/iptables
/etc/sysconfig/iptables
.bak >
/dev/null
2>&1
fi
#add config
cat
>
/etc/sysconfig/iptables
<< EOF
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
# 防火墙规则有先后顺序,修改前请测试确定后更改
# E-Mail:564001002@QQ.COM
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:syn-flood - [0:0]
#RELATED,ESTABLISHED
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
#io
-A INPUT -i lo -j ACCEPT
#ping
-A INPUT -p icmp -j ACCEPT
#redis
#-A INPUT -p tcp -m tcp --dport 6379 -j ACCEPT
#-A INPUT -s 127.0.0.1/32 -p tcp -m tcp --dport 6379 -j ACCEPT
#mysql
#-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
#-A INPUT -s 127.0.0.1/32 -p tcp -m tcp --dport 3306 -j ACCEPT
#memcache
#-A INPUT -p tcp -m tcp --dport 11211 -j ACCEPT
#-A INPUT -s 127.0.0.1/32 -p tcp -m tcp --dport 11211 -j ACCEPT
#php
#-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT
#-A INPUT -s 127.0.0.1/32 -p tcp -m tcp --dport 9000 -j ACCEPT
#ssh
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
#-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 --name SSH --rsource -j DROP
#-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set --name SSH --rsource -j ACCEPT
#http 500 * 90% 需要限制情况下可以取消第一行注释
#-A INPUT -p tcp -m tcp --dport 80 -m connlimit --connlimit-above 500 --connlimit-mask 32 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
#https 500 * 90% 需要限制情况下可以取消第一行注释
#-A INPUT -p tcp -m tcp --dport 443 -m connlimit --connlimit-above 500 --connlimit-mask 32 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
#---service--------------------------------------------------
#DNS 安装DNS服务器后需要打开
#-A INPUT -p udp --sport 53 -j ACCEPT
#ntp 配置ntp服务器时候需要打开
#-A INPUT -p udp --sport 123 -j ACCEPT
#对外访问,比如api接口 需要结合OUTPUT DROP 全部关闭情况下才需要打开,这种限制非常严格情况下才配置
#-A OUTPUT -p tcp --dport 80 -j ACCEPT
#-A OUTPUT -p tcp --dport 443 -j ACCEPT
######################################################################################
#以下#号部分未测试或为成功,并可能有错误开启之前请先测试,并保证能与你的环境匹配
#syn-flood
#-A syn-flood -p tcp -m limit --limit 500/sec --limit-burst 10000 -j RETURN
#------FIN SYN RST ACK SYN-----------------
#-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec -j ACCEPT
#-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 10/sec --limit-burst 100 -j ACCEPT
######################################################################################
#PORTSAN 端口扫描拒绝,缺少工具没能测试好,请慎用。
#-A INPUT -p tcp --syn -m recent --name portscan --rcheck --seconds 60 --hitcount 10 -j LOG
#-A INPUT -p tcp --syn -m recent --name portscan --set -j DROP
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A syn-flood -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
EOF
/sbin/service
iptables restart
source
/etc/profile
chkconfig iptables on
/sbin/iptables
-L -
v
chkconfig |
grep
iptables
echo
-e
"\033[31m iptables ok \033[0m"
sleep
1
}
# others
other(){
# initdefault
sed
-i
's/^id:.*$/id:3:initdefault:/'
/etc/inittab
/sbin/init
q
cat
/etc/inittab
|
grep
"id:"
# PS1 /tmp/
sed
-i
"/^PS1=.*/d"
/etc/profile
echo
'PS1="\[\e[37;40m\][\[\e[32;40m\]\u\[\e[37;40m\]@\h \[\e[35;40m\]\W\[\e[0m\]]\\$ \[\e[33;40m\]"'
>>
/etc/profile
# HISTSIZ
sed
-i
's/^HISTSIZE=.*$/HISTSIZE=300/'
/etc/profile
cat
/etc/profile
|
grep
"^HISTSIZE"
# Record command
sed
-i
"/^export PROMPT_COMMAND=.*/d"
/root/
.bash_profile
echo
"export PROMPT_COMMAND='{ msg=\$(history 1 | { read x y; echo \$y; });user=\$(whoami); echo \$(date \"+%Y-%m-%d %H:%M:%S\"):\$user:\`pwd\`/:\$msg ---- \$(who am i); } >> /tmp/\`hostname\`.\`whoami\`.history-timestamp'"
>>
/root/
.bash_profile
# Wrong password five times locked 180s
sed
-i
"/^auth required pam_tally2.so deny=5 unlock_time=180/d"
/etc/pam
.d
/system-auth
sed
-i
'4a auth required pam_tally2.so deny=5 unlock_time=180'
/etc/pam
.d
/system-auth
source
/etc/profile
cat
/etc/pam
.d
/system-auth
|
grep
"auth required pam_tally2.so"
echo
-e
"\033[31m other ok \033[0m"
sleep
1
}
# done
done_ok(){
cat
<< EOF
+-------------------------------------------------+
| optimizer is
done
|
| it's recommond to restart this server ! |
| E-mail:564001002@QQ.COM |
| |
| Please Reboot system |
+-------------------------------------------------+
EOF
}
# main
main(){
yum_update
zone_time
hosts
limits_config
sysctl_config
set_key
selinux
ssh_GSS
backspace_button
stop_crond
dissable_service
stop_ipv6
inittab
iptables
other
done_ok
}
main
linux centos6 系统优化脚本-经典的更多相关文章
- Linux 【Shell脚本经典案例】
Shell 简介 hell是linux的一外壳,它包在linux内核的外面,为用户和内核之间的交互提供了一个接口 当用户下达指令给操作系统的时候,实际上是把指令告诉shell,经过shell解释,处理 ...
- Linux Shell 小脚本经典收藏
原文:http://www.cnblogs.com/Javame/p/3867686.html 1.在两个文件中找出相同的号码 diff -y xx.txt oo.txt | egrep -v &qu ...
- centos6 系统优化脚本
#!/bin/bash # 检查是否为root用户,脚本必须在root权限下运行 # if [[ "$(whoami)" != "root" ]]; then ...
- linux bash Shell脚本经典 Fork炸弹演示及命令详解
Jaromil 在 2002 年设计了最为精简的一个Linux Fork炸弹,整个代码只有13个字符,在 shell 中运行后几秒后系统就会宕机: :(){:|:&};: 这样看起来不是很好理 ...
- 100个Linux Shell脚本经典案例(附PDF)
转载自:https://mp.weixin.qq.com/s/tCKAM67_7K7q2vJthaIsDQ 原文链接:https://wenku.baidu.com/view/4f089430a116 ...
- Linux操作系统优化
figure:first-child { margin-top: -20px; } #write ol, #write ul { position: relative; } img { max-wid ...
- 使用C#给Linux写Shell脚本
在这个逼格决定人格,鄙视链盛行的年头,尤其是咱们IT界,请问您今天鄙视与被鄙视的次数分别是多少?如果手中没有一点压箱的本事,那就只有看的份了.今天我们也要提升下自己的格调,学习些脑洞大开的东西,学完之 ...
- Linux 内核学习的经典书籍及途径
from:http://www.zhihu.com/question/19606660 知乎 Linux 内核学习的经典书籍及途径?修改 修改 写补充说明 举报 添加评论 分享 • 邀请回答 ...
- Linux基础 - 系统优化及常用命令
目录 Linux基础系统优化及常用命令 Linux基础系统优化 网卡配置文件详解 ifup,ifdown命令 ifconfig命令 ifup,ifdown命令 ip命令 用户管理与文件权限篇 创建普通 ...
随机推荐
- C#对INI文件读写
C#本身没有对INI格式文件的操作类,可以自定义一个IniFile类进行INI文件读写. using System; using System.Collections.Generic; using S ...
- HQL语句中的join fetch
from Paper as paper join fetch paper.authors as authors where authors.id='xxxx'; from Paper as paper ...
- 【干货】JavaScript DOM编程艺术学习笔记1-3
从7月29号到8月8号,断断续续地看完了这本书,做了部分实践联系.总体感觉本书真的只能算是个入门,学完之后看到库的那一章才感觉是个大坑,实践中大部分应该都是用的现成的库吧,所以还要重新学习一个库,但是 ...
- Hibernate笔记2
一.持久化类 1.持久化标识OID 数据库中叫做主键,对应实体的ID属性即为OID;Hibernate通过OID区分两个对象是否为同一对象;OID的生成一般交由程序自动处理; 2.持久化类 ...
- #include< >和#include“ ”的区别
< >引用的是编译器的类库路径里面的头文件 " "引用的是你程序目录的相对路径中的头文件 假如你编译器定义的自带头文件引用在C:\Keil\c51\INC\下面 则#i ...
- [转]Git之忽略文件(ignore file)
原文链接:http://blog.csdn.net/benkaoya/article/details/7932370 .gitignore 配置文件用于配置不需要加入版本管理的文件,配置好该文件可以为 ...
- Mybatis-Spring整合Spring
因为 MyBatis 用 SqlSessionFactory 来创建 SqlSession ,SqlSessionFactoryBuilder 创建 SqlSessionFactory ,而在 Myb ...
- Zabbix邮件报警设置方法
实现目的: 在Zabbix服务端设置邮件报警,当被监控主机宕机或者达到触发器预设值时,会自动发送报警邮件到指定邮箱. 具体操作: 以下操作在Zabbix监控服务端进行 备注:Zabbix监控服务端 操 ...
- Bugzilla-5.0.3 (OpenLogic CentOS 7.2)
平台: CentOS 类型: 虚拟机镜像 软件包: apache2.4.6 bugzilla5.0.3 mariadb5.5.47 perl5.16.3 apache bug tracking bug ...
- jQuery_2_常规选择器-进阶选择器
进阶选择器: 1. 群组选择器 $("span,em,#box") 获取多个选择器的DOM对象 <div id="d1">div< ...