Linux系統初始化*引數初始化(指令碼)

Michael_DD發表於2014-10-08
Linux指令碼
Linux系統初始化*引數初始化(指令碼)
1.  系統環境初始化

點選(此處)摺疊或開啟

  1. #!/bin/bash
  2. #configure yum source
  3. cat>/etc/yum.repos.d/rhel64.repo<<EOF
  4. [Server]
  5. name=Red Hat Enterprise Linux Server
  6. baseurl=ftp://192.168.8.125/yumfile/Server/
  7. enabled=1
  8. gpgcheck=0
  9. gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
  10. EOF

  12. yum clean all
  13. yum list|grep \"kde-i18n-Chinese.noarch\"
  14. echo \"yum source has been configured\"

  16. #install chinese rpm
  17. yum install -y kde-i18n-Chinese.noarch

  19. #disable selinux
  20. sed -i \'s/SELINUX=enforcing/SELINUX=disabled/g\' /etc/sysconfig/selinux
  21. grep SELINUX= /etc/sysconfig/selinux
  22. echo \"disable selinux success\"

  24. #set initdefault
  25. sed -i \'s/id:5:initdefault:/id:3:initdefault:/g\' /etc/inittab
  26. grep initdefault /etc/inittab
  27. echo \"initdefault set to 3\"


  30. #set ntp & get into crontab
  31. /usr/sbin/ntpdate 192.168.1.15
  32. hwclock -w
  33. echo \"0 1 * * * root /usr/sbin/ntpdate 172.26.1.15 && /sbin/hwclock -w\" >> cron.txt
  34. crontab cron.txt
  35. rm -f cron.txt
  36. date
  37. echo \"set ntp success\"

  39. #configure DNS & disable NetworkManager
  40. service NetworkManager stop
  41. chkconfig NetworkManager off
  42. echo \"nameserver 172.26.1.20\" >> /etc/resolv.conf
  43. sed -i \'s/#UseDNS yes/UseDNS no/g\' /etc/ssh/sshd_config
  44. sed -i \'s/#GSSAPIAuthentication no/GSSAPIAuthentication no/g\' /etc/ssh/sshd_config
  45. sed -i \'s/GSSAPIAuthentication yes/#GSSAPIAuthentication yes/g\' /etc/ssh/sshd_config
  46. service sshd restart
  47. grep GSSAPIAuthentication /etc/ssh/sshd_config; grep DNS /etc/ssh/sshd_config
  48. echo \"DNS configure successful,service network restarting...\"
  49. service network restart

  51. #add user mwuser
  52. cat>mwuser.sh<<EOF
  53. mwuser_pwd=mwuser
  54. logop_pwd=Sinolife2012
  55. groupadd -g 3000 mwgrp
  56. groupadd -g 3001 loggrp
  57. useradd -u 3000 -g mwgrp -G loggrp mwuser
  58. useradd -u 3001 -g loggrp logop
  59. (sleep 1 ; echo ${mwuser_pwd} ;sleep 1; echo ${mwuser_pwd})|passwd mwuser
  60. (sleep 1 ; echo ${logop_pwd} ;sleep 1; echo ${logop_pwd})|passwd logop
  61. if [ ! -d \"/mwbase\" ] ;then
  62.   mkdir /mwbase
  63. fi

  65. if [ ! -d \"/mwbase/applogs/rtlog\" ];then
  66.   mkdir -p /mwbase/applogs/rtlog
  67. fi

  69. if [ ! -d \"/mwbase/applogs/archlog\" ];then
  70.   mkdir -p /mwbase/applogs/archlog
  71. fi

  73. chown -R mwuser:mwgrp /mwbase
  74. chmod -R 755 /mwbase
  75. chown -R mwuser:loggrp /mwbase/applogs
  76. chmod -R 2750 /mwbase/applogs
  77. EOF
  78. sh mwuser.sh
  79. echo \"user mwuser established\"

  81. #chkconfig list
  82. #chkconfig off
  83. chkconfig NetworkManager --levels 2345 off
  84. chkconfig abrt-ccpp --levels 2345 off
  85. chkconfig abrtd --levels 2345 off
  86. chkconfig acpid --levels 2345 off
  87. chkconfig certmonger --levels 2345 off
  88. chkconfig cgconfig --levels 2345 off
  89. chkconfig cgred --levels 2345 off
  90. chkconfig cpuspeed --levels 2345 off
  91. chkconfig cups --levels 2345 off
  92. chkconfig dnsmasq --levels 2345 off
  93. chkconfig firstboot --levels 2345 off
  94. chkconfig ip6tables --levels 2345 off
  95. chkconfig iptables --levels 2345 off
  96. chkconfig kdump --levels 2345 off
  97. chkconfig mdmonitor --levels 2345 off
  98. chkconfig netconsole --levels 2345 off
  99. chkconfig netfs --levels 2345 off
  100. chkconfig nfs --levels 2345 off
  101. chkconfig nfslock --levels 2345 off
  102. chkconfig ntpd --levels 2345 off
  103. chkconfig ntpdate --levels 2345 off
  104. chkconfig numad --levels 2345 off
  105. chkconfig oddjobd --levels 2345 off
  106. chkconfig portreserve --levels 2345 off
  107. chkconfig postfix --levels 2345 off
  108. chkconfig quota_nld --levels 2345 off
  109. chkconfig rdisc --levels 2345 off
  110. chkconfig restorecond --levels 2345 off
  111. chkconfig rhnsd --levels 2345 off
  112. chkconfig rhsmcertd --levels 2345 off
  113. chkconfig rngd --levels 2345 off
  114. chkconfig rpcgssd --levels 2345 off
  115. chkconfig rpcidmapd --levels 2345 off
  116. chkconfig rpcsvcgssd --levels 2345 off
  117. chkconfig saslauthd --levels 2345 off
  118. chkconfig smartd --levels 2345 off
  119. chkconfig sssd --levels 2345 off
  120. chkconfig wdaemon --levels 2345 off
  121. chkconfig winbind --levels 2345 off
  122. chkconfig wpa_supplicant --levels 2345 off
  123. chkconfig ypbind --levels 2345 off

  125. #chkconfig on
  126. chkconfig --levels 2345 atd on
  127. chkconfig --levels 2345 auditd on
  128. chkconfig --levels 2345 crond on
  129. chkconfig --levels 2345 psacct on
  130. chkconfig --levels 2345 rsyslog on
  131. chkconfig --levels 2345 sshd on
  132. chkconfig --levels 2345 network on

2.  系統引數初始化

點選(此處)摺疊或開啟

  1. #!/bin/sh
  2. #set -x
  3. #修改sysctl-conf檔案
  4. function edit_sysctl_conf()
  5. {
  6.   param_name=$1
  7.   param_value=$2
  8.   conf_file=\"/etc/sysctl.conf\"
  9.   value_count=$(echo ${param_value}|awk \'{print NF}\')
  10.   if [ \"${value_count}\" -eq \"1\" ] ; then
  11.     old_line=$(grep \"^${param_name}[[:space:]]*=[[:space:]]*[0-9]\\+\" ${conf_file})
  12.     if [ -n \"${old_line}\" ] ; then
  13.        file_value=$(echo ${old_line} |sed \'s/ //g\'| cut -d= -f2)
  14.        if [ ${param_value} -gt $file_value ] ; then
  15.           new_line=\"${param_name} = ${param_value}\"
  16.           sed -ie \"s/^${param_name}\\(.*\\)$/${new_line}/g\" ${conf_file}
  17.           sed -i \"/^${param_name}/i #${old_line}\" ${conf_file}
  18.        fi
  19.      else
  20.        echo \"\" >> ${conf_file}
  21.        echo \"${param_name} = ${param_value}\" >> ${conf_file}
  22.      fi
  23.      cur_value=$( /sbin/sysctl -n ${param_name} |sed \'s/ //g\')
  24.      if [ ${param_value} -gt ${cur_value} ] ; then
  25.          if ! /sbin/sysctl -w ${param_name}=\"${param_value}\" ; then
  26.             echo \"/sbin/sysctl failed to set ${param_name} = ${param_value}\"
  27.          fi
  28.      fi
  29.   fi
  30.   if [ \"${value_count}\" -gt \"1\" ] ; then
  31.       declare -a cur_values
  32.       declare -a file_values
  33.       declare -a new_values
  34.      local cur_value
  35.      local file_value
  36.      old_line=$(sed -ne \"/^${param_name}/p\" ${conf_file})
  37.      line_value=$(echo ${old_line}| cut -d= -f2)
  38.      for (( i=0;i<${value_count};i++ )) ;do
  39.         cur_values[$i]=$(/sbin/sysctl -n \"${param_name}\"| awk \"{print \\$(($i+1))}\")
  40.         new_values[$i]=$( echo $param_value|awk \"{print \\$(($i+1))}\" )
  41.      done
  42.      if [ ! -z \"${line_value}\" ] ; then
  43.        for (( i=0;i<${value_count};i++ )) ;do
  44.         file_values[$i]=$( echo $line_value| awk \"{print \\$(($i+1))}\")
  45.        done
  46.      fi
  47.      for (( i=0;i<${value_count};i++ )) ;do
  48.         if [ ${new_values[$i]} -gt ${cur_values[$i]} ] ; then
  49.           cur_values[$i]=${new_values[$i]}
  50.           flag_cur=\"true\"
  51.         fi
  52.         if test -z \"$line_value\" || test ${new_values[$i]} -gt ${file_values[$i]} ; then
  53.           file_values[$i]=${new_values[$i]}
  54.           flag_file=\"true\"
  55.         fi
  56.      done
  57.      if [ \"$flag_cur\" == \"true\" ] ; then
  58.         for (( i=0;i<${value_count};i++ )) ;do
  59.            cur_value=\"${cur_value}${cur_values[$i]} \"
  60.         done
  61.         if ! /sbin/sysctl -w ${param_name}=\"${cur_value}\" ; then
  62.            echo \"/sbin/sysctl failed to set ${param_name} \"
  63.         fi
  64.      fi
  65.      if [ \"$flag_file\" == \"true\" ] ; then
  66.         for (( i=0;i<${value_count};i++ )) ;do
  67.            file_value=\"${file_value}${file_values[$i]} \"
  68.         done
  69.         new_line=\"${param_name} = ${file_value}\"
  70.         if [ -z \"${old_line}\" ] ; then
  71.           echo \"\" >> ${conf_file}
  72.           echo $new_line >> ${conf_file}
  73.         else
  74.           sed -ie \"s/^${param_name}\\(.*\\)$/${new_line}/g\" ${conf_file}
  75.           sed -i \"/^${param_name}/i #${old_line}\" ${conf_file}
  76.         fi
  77.      fi
  78.   fi
  79. }

  81. #修改limits_conf檔案
  82. function edit_limits_conf()
  83. {
  84.   limit_domain=$1
  85.   limit_type=$2
  86.   limit_item=$3
  87.   limit_value=$4
  88.   conf_file=\"/etc/security/limits.conf\"
  89.   old_line=$( grep \"^${limit_domain}[[:space:]]\\+${limit_type}[[:space:]]\\+${limit_item}[[:space:]]\\+\" ${conf_file})
  90.   if [ -n \"${old_line}\" ] ; then
  91.          file_value=$( echo ${old_line}| awk \'{print $4}\')
  92.          if [ \"${file_value}\" != \"unlimited\" ]; then
  93.             if [ $limit_value -gt ${file_value} ] ; then
  94.                new_line=\"${limit_domain} ${limit_type} ${limit_item} ${limit_value}\"
  95.                sed -ie \"s/^${limit_domain}[[:space:]]\\+${limit_type}[[:space:]]\\+${limit_item}[[:space:]]\\(.*\\)$/${new_line}/g\" ${conf_file}
  96.                sed -i \"/^${limit_domain}[[:space:]]\\+${limit_type}[[:space:]]\\+${limit_item}[[:space:]]/i #${old_line}\" ${conf_file}
  97.              fi
  98.          fi
  99.    else
  100.         new_line=\"${limit_domain} ${limit_type} ${limit_item} ${limit_value}\"
  101.         sed -ie \"/^# End of file/i ${new_line}\" ${conf_file}
  102.   fi
  103.   
  104. }

  106. #修改muser_coredump檔案
  107. function enable_muser_coredump()
  108. {
  109.  profile=\"/etc/profile.d/mwuser-profile.sh\"
  110.  if [ ! -e \"$profile\" ]; then
  111.    echo \"if [ \\\"\\$LOGNAME\\\" = \\\"mwuser\\\" ] ; then \" >> ${profile}
  112.    echo \" ulimit -S -c unlimited > /dev/null 2>&1 \" >> ${profile}
  113.    echo \"fi\" >> ${profile}
  114.  fi
  115. }

  117. #edit_sysctl_conf \"kernel.shmmax\" \"68719476738\"
  118. #edit_sysctl_conf \"kernel.shmmni\" \"4096\"
  119. #edit_sysctl_conf \"kernel.shmall\" \"2097152\"
  120. #edit_sysctl_conf \"kernel.sem\" \"250 32000 100 128\"
  121. edit_sysctl_conf \"net.core.rmem_default\" \"16777216\"
  122. edit_sysctl_conf \"net.core.wmem_default\" \"16777216\"
  123. edit_sysctl_conf \"net.core.rmem_max\" \"16777216\"
  124. edit_sysctl_conf \"net.core.wmem_max\" \"16777216\"
  125. edit_sysctl_conf \"net.ipv4.tcp_rmem\" \"4096 87380 16777216\"
  126. edit_sysctl_conf \"net.ipv4.tcp_wmem\" \"4096 65536 16777216\"
  127. edit_sysctl_conf \"net.ipv4.ip_local_port_range\" \"50000 65500\"
  128. edit_sysctl_conf \"net.ipv4.tcp_fin_timeout\" \"30\"
  129. edit_sysctl_conf \"fs.file-max\" \"6815744\"
  130. #edit_sysctl_conf \"fs.aio-max-size\" \"\"
  131. #edit_sysctl_conf \"fs.aio-max-nr\" \"1048576\"


  134. edit_limits_conf \"mwuser\" \"soft\" \"nproc\" \"2047\"
  135. edit_limits_conf \"mwuser\" \"hard\" \"nproc\" \"16384\"
  136. edit_limits_conf \"mwuser\" \"hard\" \"nofile\" \"16384\"
  137. edit_limits_conf \"mwuser\" \"soft\" \"nofile\" \"8192\"
  138. edit_limits_conf \"mwuser\" \"hard\" \"core\" \"unlimited\"

  140. enable_muser_coredump


來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/29500582/viewspace-1291948/,如需轉載,請註明出處,否則將追究法律責任。

相關文章