#!/bin/bash
# SCRIPT: system.sh work on Centos5
# AUTHOR: Gaizaoren
# DATE: 2012/03/29  210.72.145.44
# REV: 1.0 http://www.gaizaoren.org
# PURPOSE: This shell script use at the beginning of system work
##########################################################
#               BEGINNING OF MAIN
##########################################################
#Disable ipv6
echo "options ipv6 disable=1" > /etc/modprobe.d/disable-ipv6.conf 

#Disable selinux
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config

#Disable sshd dns
sed -i 's/#UseDNS.*/UseDNS no/g' /etc/ssh/sshd_config
sed -i 's/^GSSAPIAuthentication.*/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/^#GSSAPIAuthentication.*/GSSAPIAuthentication no/' /etc/ssh/sshd_config

#Disable Keyboard reset
sed -i 's/ca::/#ca::/' /etc/inittab

#OFF and ON
/sbin/chkconfig --list |grep 3:on |egrep -v "network|sysstat|sshd|syslog|crond|irqbalance|lvm2-monitor|iptables|microcode_ctl|ntpd|snmpd" |awk '{print $1}' |while read OFF
do 
	/sbin/chkconfig --level 345 $OFF off >/dev/null 2>&1
done 
for ON in network sysstat sshd syslog crond irqbalance lvm2-monitor iptables microcode_ctl ntpd snmpd
do	
	/sbin/chkconfig --level 2345 $ON on >/dev/null 2>&1
done

#System time
sed -i 's/ZONE=.*/ZONE="Asia\/Shanghai"/g'  /etc/sysconfig/clock
/bin/cp -pf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

#Record history log time
sed -i '/HISTTIMEFORMAT=/d' /etc/profile
echo 'export HISTTIMEFORMAT="%F %T	"' >> /etc/profile

#Alias
echo 'alias vi="vim"' >> /etc/profile
echo "alias grep='grep --colour=auto'" >> /etc/profile

#Delete sendmail queue
if [ -d /var/spool/clientmqueue ];then
	/bin/rm -rf /var/spool/clientmqueue/
	ln -s /dev/null /var/spool/clientmqueue
fi

#Sudo log
echo "%admin ALL=(ALL)  NOPASSWD: !/sbin/reboot,!/sbin/shutdown,!/sbin/poweroff,!/sbin/halt,!/sbin/init,!/sbin/init,!/sbin/telinit" >> /etc/sudoers
echo "Defaults        logfile = \"/var/log/sudo\""  >> /etc/sudoers
echo "local2.debug	/var/log/sudo" >> /etc/syslog.conf

#Turn off snmpd log
echo "OPTIONS=\"-LS3d -Lf /dev/null -p /var/run/snmpd.pid\"" >> /etc/sysconfig/snmpd.options

#Record sftp log
sed -i '/Subsystem/d' /etc/ssh/sshd_config
echo "Subsystem       sftp    /usr/libexec/openssh/sftp-server -l INFO -f AUTH" >> /etc/ssh/sshd_config
echo "auth,authpriv.*                                          /var/log/sftp" >> /etc/syslog.conf

#Reboot system
echo "You must reboot your system first!"

##########################################################
# End of script
##########################################################

2 thoughts on “Centos初始化脚本”

    1. Well what you are using I don’t personally recommend but tha21#8t&7;s your decision. Do you have long hair or anything? Wear a backpack or anything else that rubs on that area a lot?

发表评论

电子邮件地址不会被公开。 必填项已用*标注