初始化脚本【Linux运维之道之脚本案例】

###添加本地DNS
/bin/cat > /etc/resolv.conf << _resolv
nameserver 114.114.114.114
nameserver 202.106.0.20
nameserver 114.114.115.115
_resolv

###安装必要系统状态查看命令
yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel zip unzip ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssh openssl-devel nss_ldap openldap openldap-devel openldap-clients openldap-servers libxslt-devel libevent-devel ntp libtool-ltdl bison libtool vim-enhanced python wget lsof iptraf strace lrzsz kernel-devel kernel-headers pam-devel Tcl/Tk cmake ncurses-devel bison setuptool

###修改30分钟无活动，自动退出 ;
echo "TMOUT=1800" >>/etc/profile

###修改系统打开最大文件数;
echo "* soft nofile 65535" >> /etc/security/limits.conf
echo "* hard nofile 65535" >> /etc/security/limits.conf
echo "* hard nproc 1204000" >> /etc/security/limits.conf
echo "* soft nproc 1204000" >> /etc/security/limits.conf

rm -f /etc/security/limits.d/90-nproc.conf

###添加ntp到开机启动项中
yum install ntp* -y
service ntpd restart
/bin/cat > /var/spool/cron/root << EOFW
* */1 * * * /usr/sbin/ntpdate ntp.api.bz;/usr/sbin/hwclock -w > /dev/null 2>&1
EOFW

###关闭selinux
/bin/sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/sysconfig/selinux
/bin/sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config

###关闭 ipv6;
echo "alias net-pf-10 off" >> /etc/modprobe.conf
echo "alias ipv6 off" >> /etc/modprobe.conf
/sbin/chkconfig --level 35 ip6tables off

###更改系统默认字体为UTF8；

sed -i 's@LANG=.*$@LANG=\"en_US.UTF-8\"@g' /etc/sysconfig/i18n

###内核参数调整；
cat >> /etc/sysctl.conf << EOF
#michaelkang add 120724
net.ipv4.tcp_abort_on_overflow = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 20
net.ipv4.tcp_retries1 = 2
net.ipv4.tcp_retries2 = 5
net.ipv4.tcp_max_orphans = 2000
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_keepalive_intvl = 15
net.ipv4.tcp_keepalive_probes = 5
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000
EOF
sysctl -p

###赋予user高级权限
/bin/sed -i 's/Defaults requiretty/#Defaults requiretty/g' /etc/sudoers

echo "user ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers