#!/bin/bash #add the epel repo and rpmforge repo cd /root/ wget https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm wget http://repository.it4i.cz/mirrors/repoforge/redhat/el7/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm rpm -ivh epel-release-7-9.noarch.rpm rpm -ivh rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm #remove *.rpm packages sleep 20 cd /root/ rm -rf epel-release-7-9.noarch.rpm rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm #yum install sy
sstat yum install -y gcc gcc-c++ vim unzip zip yum install -y iostat sy
sstat #set the ntp yum install -y ntp echo "01 01 * * * /usr/sbin/ntpdate ntp.api.bz >> /dev/null 2>&1" >> /etc/crontab ntpdate ntp.api.bz service crond restart #set the file limit ulimit -SHn 65535 echo "ulimit -SHn 65535" >> /etc/rc.local cat >> /etc/s
ecurity/limits.conf << EOF * soft nofile 60000 * hard nofile 65535 EOF #tune kernel p
arametres cat >> /etc/sysctl.conf << EOF net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.tcp_local_port_range = 1024 65535 EOF /sbin/sysctl -p #set the control -alt-delete to guard against the misuse sed -i 's@ ca::ctrlaltdel:/sbin/shutdown -t3 -r
Now@ #ca::ctrlaltdel:/sbin/shutdown -t3 -r
Now@' /etc/inittab #
disable selinux sed -i 's@ SELINUX=enforcing@ SELINUX=
disabled@' /etc/selinux/con
fig #ssh setting sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' /etc/ssh/sshd_con
fig sed -i 's@ #Us
ednS yes@ Us
ednS no@' /etc/ssh/sshd_con
fig service sshd restart #
disable ipv6 echo "alias net -pf -10 off" >> /etc/modprobe.conf echo "alias ipv6 off" >> /etc/modprobe.conf echo "install ipv6 /bin/true" >> /etc/modprobe.conf echo "IPV6INIT=no" >> /etc/syscon
fig/network sed -i 's@ NETWORKING_IPV6=yes@ NETWORKING_IPV6=no@' /etc/syscon
fig/network chkcon
fig ip6tables off #vim setting echo "
Syntax on" >> /root/.vimrc echo "set nohlsearch" >> /root/.vimrc echo "set num" >> /root/.vimrc #chkcon
fig off services chkcon
fig blu
etooth off chkcon
fig sendmail off chkcon
fig kudzu off chkcon
fig nfslock off chkcon
fig portmap off chkcon
fig iptables off chkcon
fig autofs off chkcon
fig yum-updatesd off #reboot sy
stem reboot
原文地址:https://www.jb51.cc/centos/378757.html
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
