cat init.sh
#!/bin/bash
# MAIL:ex_xxkjb_xmgl002@sdb.com.cn
#welcome
cat << EOF
+--------------------------------------------------------------+
| === Welcome to linux System init === |
+--------------------------------------------------------------+
EOF
DATE=`date +%Y%m%d%H%M`
#set zone
ZONE=date |awk '{ print $5 }'
if [ $ZONE='CST' ] ; then
echo "ZONE is OK!"
else
mv -f /etc/localtime /etc/localtime_bak$DATE && echo "mv localtime OK " >> /root/init_log
cp -f /usr/share/zoneinfo/Asia/Chongqing /etc/localtime && echo "change zone OK " >> /root/init_log
fi && echo "zone change OK" >> /root/init_log
#set ntp
#yum -y install ntp
#echo "* 3 * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1" >> /etc/crontab
#service crond restart
#set limit
cp -f /etc/security/limits.conf /etc/security/limits.conf_bak$DATE && echo "cp limits.conf OK " >> /root/init_log
cat >> /etc/security/limits.conf <
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
* soft nofile 65535
* hard nofile 65535
EOF
echo "ulimit OK" >> /root/init_log
cp -f /etc/profile /etc/profile_bak$DATE && echo "cp profile OK " >> /root/init_log
cp -f /etc/sysconfig/i18n /etc/sysconfig/i18n_bak$DATE && echo "cp i18n OK " >> /root/init_log
#set locale
#true > /etc/sysconfig/i18n
#cat >>/etc/sysconfig/i18n<
#LANG="zh_CN.GB18030"
#SUPPORTED="zh_CN.GB18030:zh_CN:zh:en_US.UTF-8:en_US:en"
#SYSFONT="latarcyrheb-sun16"
#EOF && echo "locale OK" >> /root/init_log
#echo "LANG=zh_CN.gbk" >> /etc/profile
#echo "export LANG" >> /etc/profile
cp -f /etc/sysctl.conf /etc/sysctl.conf_bak$DATE && echo "cp sysctl.conf OK " >> /root/init_log
#set sysctl
true > /etc/sysctl.conf
cat >> /etc/sysctl.conf << EOF
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 262144
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 1024 65535
EOF
echo "sysctl OK" >> /root/init_log
/sbin/sysctl -p && echo "sysctl set OK!!" >> /root/init_log
#close ctrl+alt+del
cp -f /etc/inittab /etc/inittab_bak$DATE && echo "cp inittab OK " >> /root/init_log
sed -i "s@ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now@#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now@" /etc/inittab
#set purview
#chmod 600 /etc/passwd
#chmod 600 /etc/shadow
#chmod 600 /etc/group
#chmod 600 /etc/gshadow
cp -f /etc/modprobe.conf /etc/modprobe.conf_bak$DATE && echo "cp modprobe OK " >> /root/init_log
#disable ipv6
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Disable IPV6 === |
+--------------------------------------------------------------+
EOF
echo "alias net-pf-10 off" >> /etc/modprobe.conf
echo "alias ipv6 off" >> /etc/modprobe.conf
/sbin/chkconfig --level 35 ip6tables off && echo "disable ipv6 OK" >> /root/init_log
echo "ipv6 is disabled!"
#disable selinux
cp -f /etc/selinux/config /etc/selinux/config_bak$DATE && echo "cp selinux OK " >> /root/init_log
sed -i '/SELINUX/s/enforcing/disabled/g' /etc/selinux/config && echo "disable selinux OK" >> /root/init_log echo "selinux is disabled,you must reboot!"
#zh_cn
#sed -i -e 's/^LANG=.*/LANG="en"/' /etc/sysconfig/i18n
#chkser
#tunoff services
#--------------------------------------------------------------------------------
cat << EOF
+--------------------------------------------------------------+
| === Welcome to Tunoff services === |
+--------------------------------------------------------------+
EOF
#---------------------------------------------------------------------------------
for i in `ls /etc/rc3.d/S*`
do
CURSRV=`echo $i|cut -c 15-`
echo $CURSRV
case $CURSRV in
acpid|anacron |arptables_jf |atd |auditd|autofs|avahi-daemon|cpuspeed| firstboot |gpm |haldaemon |hidd |hplip |irqbalance |iscsi |iscsid| krb5-telnet| kudzu|lm_sensors|mcstrans|mdmonitor|messagebus|netfs|nfslock|pcscd|portmap|rawdevices|readahead_early|restorecond|rpcgssd|rpcidmapd|serviceadmin|setroubleshoot| smartd| sshd|sysstat|xfs|xinetd| crond | irqbalance | microcode_ctl | lvm2-monitor | network | random | sshd | syslog )
echo "Base services, Skip!"
;;
*)
echo "change $CURSRV to off"
chkconfig --level 235 $CURSRV off
/sbin/service $CURSRV stop
;;
esac
done && echo "tunoff services OK" >> /root/init_log
cp -f /etc/inittab /etc/inittab_bak$DATE && echo "cp inittab OK " >> /root/init_log
sed -i 's/id:.*$/id:3:initdefault:/g' /etc/inittab && echo "change init 3 OK " >> /root/init_log
/sbin/chkconfig --del sendmail ###脡脰驴陋禄煤露炉 默脠碌脛始镁路镁脦
/sbin/chkconfig --del bluetooth ###脡脰驴陋禄煤露炉 脌脩路镁脦
/sbin/chkconfig --del cups ###脡脰驴陋禄煤露炉 麓貌姆镁脦
/sbin/chkconfig --del ip6tables ###脡脰驴陋禄煤露炉 路;冒/sbin/chkconfig --del iptables ###脡脰驴陋禄煤露炉 路;冒/sbin/chkconfig --del isdn ###脡脰驴陋禄煤露炉 ISDN脥脗
/sbin/chkconfig --add vsftpd ####脡脰驴陋禄煤 FTP路镁脦
/sbin/chkconfig --add nfs ####脡脰驴陋禄煤 NFS
/sbin/chkconfig --add vncserver ####脡脰驴陋禄煤 VNC
/sbin/chkconfig --add xinetd
###脜GDM
mv -f /etc/gdm/custom.conf /etc/gdm/custom.conf_bak$DATE && echo "mv custom.conf OK " >> /root/init_log ####卤赂路脻芒脦录镁
cat >>/etc/gdm/custom.conf<
[daemon]
[security]
AllowRemoteRoot=true
DisallowTCP=false
[xdmcp]
Enable=1
Enable=true
DisplaysPerHost=5
Port=177
[gui]
[greeter]
[chooser]
[debug]
[servers]
EOF
/usr/sbin/gdm && echo "GDM is boot...." >> /root/init_log ###脝露炉GDM
echo "/usr/sbin/gdm >> /etc/rc.local" ##脡脰驴陋禄煤脝露炉gdm
####脜脰VSFTP
cp -f /etc/vsftpd/ftpusers /etc/vsftpd/ftpusers_bak$DATE && echo "cp ftpusers OK " >> /root/init_log
cp -f /etc/vsftpd/user_list /etc/vsftpd/user_list_bak$DATE && echo "cp user_list OK " >> /root/init_log
cp -f /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf_bak$DATE && echo "cp vsftpd OK " >> /root/init_log
sed -i "s#root# #" /etc/vsftpd/ftpusers
sed -i "s#root# #" /etc/vsftpd/user_list
/etc/init.d/vsftpd restart && echo "VSFTP is boot...." >> /root/init_log
####脜脰TELNET
cp -f /etc/xinetd.d/krb5-telnet /etc/xinetd.d/krb5-telnet_bak$DATE
cat > /etc/xinetd.d/krb5-telnet <
service telnet
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/kerberos/sbin/telnetd
log_on_failure += USERID
disable = no
}
EOF
if [ -f /etc/securetty ] ; then
mv -f /etc/securetty /etc/securetty.bak$DATE ###脭脨root脫禄搂麓脫TY3 TELNET
else
echo "file /etc/securetty no find"
fi
/etc/init.d/xinetd restart && echo "TELNET is boot...." >> /root/init_log
####脧示脙脕脌史潞贸脭戮脙脕碌脛盲时录盲echo HISTTIMEFORMAT=\"%Y-%m-%d %H:%M:%S\" >> /etc/profile
echo 'HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S"' >> /etc/profile
echo export HISTTIMEFORMAT >> /etc/profile && echo "HISTORY OK" >> /root/init_log
sed -i '$!N; /^\(.*\)\n\1$/!P; D' /etc/profile ###驴鲁媒
###脪脢禄煤calhost
/bin/hostname |grep -i localhost
if [ $? -eq 0 ] ; then
echo "hostname is localhost,OK"
else
/bin/hostname localhost
mv -f /etc/sysconfig/network /etc/sysconfig/network$DATE
echo "NETWORKING=yes" > /etc/sysconfig/network
echo "HOSTNAME=localhost" >>/etc/sysconfig/network
cp -f /etc/hosts /etc/hosts$DATE
loopback=`cat /etc/hosts |grep -i "127.0.0.1" |awk '{ print $2}'`
IP=`ip ad |grep -i "10.14.*" |awk '{print $2}' |awk -F / ' { print $1 }'`
oldhostname=`cat /etc/hosts |grep -i $IP |awk '{ print $2}' `
sed -i 's#'$oldhostname'#localhost#g' /etc/hosts
sed -i 's#'$loopback'#localhost#g' /etc/hosts
fi
#### 赂麓职虏驴WAS6.1
cat /etc/passwd|grep -i wasadmin && cat /etc/group |grep -i wasadmg
if [ $? -eq 0 ] ; then
echo "was user already exists"
echo wasadmin |passwd --stdin wasadmin
else
groupadd wasadmg
useradd -g wasadmg -G wasadmg wasadmin
echo wasadmin |passwd --stdin wasadmin
fi
if [ -e /websphere/IBM/WebSphere ] ; then
echo "was already exists"
else
mkdir -p /websphere/IBM/
cd /websphere/
ftpUser=root
ftpPWD=root6adp2
/usr/bin/ftp -n<
open 10.14.54.120 21
user $ftpUser $ftpPWD
bin
#passive
cd /oradata/was
get IBM6.1_linux.tar
bye
quit
EOF
tar xvf IBM6.1_linux.tar -C /websphere && chown -R wasadmin:wasadmg /websphere/IBM && rm -rf /websphere/IBM6.1_linux.tar
fi
mkdir -p /etc/snmp
cd /etc/snmp
rm -rf snmpd.conf
ls
wget ftp://root@10.14.57.251/../etc/snmp/* --ftp-password=root && /etc/init.d/snmpd restart
echo "/etc/init.d/snmpd restart" >> /etc/rc.local
rpm -qa |grep -i net-snmp |wc -l
ip ad |grep -i inet
阅读(6295) | 评论(0) | 转发(0) |