9 个实用 shell 脚本,建议收藏!(3)
8.服务器系统配置初始化脚本\n#/bin/bash\n# 设置时区并同步时间\nln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime\nif ! crontab -l |grep ntpdate &>/dev/null ; then\n(echo \”* 1 * * * ntpdate time.windows.com >/dev/null 2>&1\”;crontab -l) |crontab\nfi\n# 禁用selinux\nsed -i \’/SELINUX/{s/permissive/disabled/}\’ /etc/selinux/config\n# 关闭防火墙\nif egrep \”7.[0-9]\” /etc/redhat-release &>/dev/null; then\nsystemctl stop firewalld\nsystemctl disable firewalld\nelif egrep \”6.[0-9]\” /etc/redhat-release &>/dev/null; then\nservice iptables stop\nchkconfig iptables off\nfi\n# 历史命令显示操作时间\nif ! grep HISTTIMEFORMAT /etc/bashrc; then\necho \’export HISTTIMEFORMAT=\”%F %T `whoami` \”\’ >> /etc/bashrc\nfi\n# SSH超时时间\nif ! grep \”TMOUT=600\” /etc/profile &>/dev/null; then\necho \”export TMOUT=600\” >> /etc/profile\nfi\n# 禁止root远程登录\nsed -i \’s/#PermitRootLogin yes/PermitRootLogin no/\’ /etc/ssh/sshd_config\n# 禁止定时任务向发送邮件\nsed -i \’s/^MAILTO=root/MAILTO=\”\”/\’ /etc/crontab\n# 设置最大打开文件数\nif ! grep \”* soft nofile 65535\” /etc/security/limits.conf &>/dev/null; then\ncat >> /etc/security/limits.conf << EOF\n* soft nofile 65535\n* hard nofile 65535\nEOF\nfi\n# 系统内核优化\ncat >> /etc/sysctl.conf << EOF\nnet.ipv4.tcp_syncookies = 1\nnet.ipv4.tcp_max_tw_buckets = 20480\nnet.ipv4.tcp_max_syn_backlog = 20480\nnet.core.netdev_max_backlog = 262144\nnet.ipv4.tcp_fin_timeout = 20\nEOF\n# 减少SWAP使用\necho \”0\” > /proc/sys/vm/swappiness\n# 安装系统性能分析工具及其他\nyum install gcc make autoconf vim sysstat net-