Linux系统最小化安装之后的系统基础环境安装以及内核优化脚本
1 #!/bin/bash 2 #添加epel和rpmforge的外部yum扩展源 3 cd /usr/local/src 4 wget http://mirrors.ustc.edu.cn/fedora/epel//5/x86_64/epel-release-5-4.noarch.rpm 5 rpm -ivh epel-release-5-4.noarch.rpm 6 wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm 7 rpm -ivh rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm 8 #安装gcc基础库文件以及sysstat工具 9 yum -y install gcc gcc-c++ vim-enhanced unzip unrar sysstat 10 #配置ntpdate自动对时 11 yum -y install ntp 12 echo "01 01 * * * /usr/sbin/ntpdate ntp.api.bz >> /dev/null 2>&1" >> /etc/crontab 13 ntpdate ntp.api.bz 14 service crond restart 15 #配置文件的ulimit值 16 ulimit -SHn 65535 17 echo "ulimit -SHn 65535" >> /etc/rc.local 18 cat >> /etc/security/limits.conf << EOF 19 * soft nofile 60000 20 * hard nofile 65535 21 EOF 22 #tune kernel parametres(基础系统内核优化) 23 cat >> /etc/sysctl.conf << EOF 24 net.ipv4.tcp_syncookies = 1 25 net.ipv4.tcp_syn_retries = 1 26 net.ipv4.tcp_tw_recycle = 1 27 net.ipv4.tcp_tw_reuse = 1 28 net.ipv4.tcp_fin_timeout = 1 29 net.ipv4.tcp_keepalive_time = 1200 30 net.ipv4.ip_local_port_range = 1024 65535 31 EOF 32 /sbin/sysctl -p 33 #禁用control-alt-delete组合键以防止误操作 34 sed -i 's@ca::ctrlaltdel:/sbin/shutdown -t3 -r now@#ca::ctrlaltdel:/sbin/shutdown -t3 -r now@' /etc/inittab 35 #关闭SElinux 36 sed -i 's@SELINUX=enforcing@SELINUX=disabled@' /etc/selinux/config 37 #ssh服务配置优化 38 sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' /etc/ssh/sshd_config 39 sed -i 's@#UseDNS yes@UseDNS no@' /etc/ssh/sshd_config 40 service sshd restart 41 #禁用ipv6地址 42 echo "alias net-pf-10 off" >> /etc/modprobe.conf 43 echo "alias ipv6 off" >> /etc/modprobe.conf 44 echo "install ipv6 /bin/true" >> /etc/modprobe.conf 45 echo "IPV6INIT=no" >> /etc/sysconfig/network 46 sed -i 's@NETWORKING_IPV6=yes@NETWORKING_IPV6=no@' /etc/sysconfig/network 47 chkconfig ip6tables off 48 #vim基础语法优化 49 echo "syntax on" >> /root/.vimrc 50 echo "set nohlsearch" >> /root/.vimrc 51 #停用系统中不必要的服务 52 chkconfig bluetooth off 53 chkconfig sendmail off 54 chkconfig kudzu off 55 chkconfig nfslock off 56 chkconfig portmap off 57 chkconfig iptables off 58 chkconfig autofs off 59 chkconfig yum-updatesd off 60 #重启服务器 61 reboot