Chinaunix首页 | 论坛 | 博客
  • 博客访问: 2340807
  • 博文数量: 535
  • 博客积分: 8689
  • 博客等级: 中将
  • 技术积分: 7066
  • 用 户 组: 普通用户
  • 注册时间: 2010-11-26 10:00
文章分类

全部博文(535)

文章存档

2024年(4)

2023年(4)

2022年(16)

2014年(90)

2013年(76)

2012年(125)

2011年(184)

2010年(37)

分类: LINUX

2014-03-28 17:30:55



cat  init.sh



#!/bin/bash
# MAIL:ex_xxkjb_xmgl002@sdb.com.cn

#welcome
cat << EOF
+--------------------------------------------------------------+
|         === Welcome to linux System init ===                |
+--------------------------------------------------------------+
EOF

DATE=`date +%Y%m%d%H%M`



#set zone
ZONE=date   |awk  '{ print $5 }'

 if  [ $ZONE='CST' ]  ; then    
 echo  "ZONE is OK!"
  else
mv   -f  /etc/localtime  /etc/localtime_bak$DATE                           &&  echo "mv localtime OK " >> /root/init_log
cp   -f  /usr/share/zoneinfo/Asia/Chongqing  /etc/localtime                &&  echo "change zone OK " >> /root/init_log      
fi                                                                         &&  echo "zone change OK"  >> /root/init_log


#set ntp
#yum -y install ntp
#echo "* 3 * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1" >> /etc/crontab
#service crond restart
 

#set limit
cp  -f /etc/security/limits.conf  /etc/security/limits.conf_bak$DATE   &&  echo "cp limits.conf OK " >> /root/init_log


cat >> /etc/security/limits.conf  <
 oracle    soft nproc  2047
 oracle    hard nproc 16384
 oracle    soft nofile 1024
 oracle    hard nofile 65536
 *           soft   nofile       65535
 *           hard   nofile       65535
EOF
                                            
echo  "ulimit OK" >> /root/init_log



cp  -f  /etc/profile   /etc/profile_bak$DATE         &&  echo "cp profile OK " >> /root/init_log
cp  -f  /etc/sysconfig/i18n  /etc/sysconfig/i18n_bak$DATE        &&  echo "cp i18n OK " >> /root/init_log

#set locale
#true > /etc/sysconfig/i18n
#cat >>/etc/sysconfig/i18n< #LANG="zh_CN.GB18030"
#SUPPORTED="zh_CN.GB18030:zh_CN:zh:en_US.UTF-8:en_US:en"
#SYSFONT="latarcyrheb-sun16"
#EOF                                             &&   echo  "locale OK" >> /root/init_log


#echo "LANG=zh_CN.gbk" >> /etc/profile
#echo "export LANG"    >> /etc/profile


cp -f /etc/sysctl.conf  /etc/sysctl.conf_bak$DATE       &&  echo "cp sysctl.conf OK " >> /root/init_log

#set sysctl
true > /etc/sysctl.conf
cat >> /etc/sysctl.conf << EOF

net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 6000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096 87380 4194304
net.ipv4.tcp_wmem = 4096 16384 4194304
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 262144
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.ip_local_port_range = 1024 65535

EOF


echo  "sysctl OK" >> /root/init_log
/sbin/sysctl -p                                       &&  echo "sysctl set OK!!"     >> /root/init_log

#close ctrl+alt+del
cp -f  /etc/inittab /etc/inittab_bak$DATE                &&  echo "cp inittab OK " >> /root/init_log
sed -i "s@ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now@#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now@" /etc/inittab

#set purview

#chmod 600 /etc/passwd
#chmod 600 /etc/shadow
#chmod 600 /etc/group
#chmod 600 /etc/gshadow

cp  -f  /etc/modprobe.conf /etc/modprobe.conf_bak$DATE        &&  echo "cp modprobe OK " >> /root/init_log

#disable ipv6
cat << EOF
+--------------------------------------------------------------+
|         === Welcome to Disable IPV6 ===                      |
+--------------------------------------------------------------+
EOF
echo "alias net-pf-10 off" >> /etc/modprobe.conf
echo "alias ipv6 off" >> /etc/modprobe.conf
/sbin/chkconfig --level 35 ip6tables off                           && echo "disable ipv6 OK" >> /root/init_log
echo "ipv6 is disabled!"                           

#disable selinux
cp  -f  /etc/selinux/config  /etc/selinux/config_bak$DATE           &&  echo "cp selinux OK " >> /root/init_log
sed -i '/SELINUX/s/enforcing/disabled/g' /etc/selinux/config         && echo "disable selinux OK" >> /root/init_log         echo "selinux is disabled,you must reboot!"

#zh_cn
#sed -i -e 's/^LANG=.*/LANG="en"/'   /etc/sysconfig/i18n

#chkser
#tunoff services
#--------------------------------------------------------------------------------
cat << EOF
+--------------------------------------------------------------+
|         === Welcome to Tunoff services ===                   |
+--------------------------------------------------------------+
EOF
#---------------------------------------------------------------------------------
for i in `ls /etc/rc3.d/S*`
do
              CURSRV=`echo $i|cut -c 15-`
echo $CURSRV
case $CURSRV in
          acpid|anacron |arptables_jf |atd |auditd|autofs|avahi-daemon|cpuspeed| firstboot |gpm |haldaemon |hidd |hplip |irqbalance |iscsi |iscsid| krb5-telnet| kudzu|lm_sensors|mcstrans|mdmonitor|messagebus|netfs|nfslock|pcscd|portmap|rawdevices|readahead_early|restorecond|rpcgssd|rpcidmapd|serviceadmin|setroubleshoot| smartd| sshd|sysstat|xfs|xinetd| crond | irqbalance | microcode_ctl | lvm2-monitor | network | random | sshd | syslog  )
      echo "Base services, Skip!"
      ;;
      *)
          echo "change $CURSRV to off"
          chkconfig --level 235 $CURSRV off
          /sbin/service $CURSRV stop
      ;;
esac
done      && echo "tunoff services OK" >> /root/init_log

cp  -f  /etc/inittab  /etc/inittab_bak$DATE                   &&  echo "cp inittab OK " >> /root/init_log
sed -i 's/id:.*$/id:3:initdefault:/g' /etc/inittab              &&  echo "change init 3 OK " >> /root/init_log

/sbin/chkconfig  --del sendmail                   ###脡脰驴陋禄煤露炉 默脠碌脛始镁路镁脦   
/sbin/chkconfig  --del bluetooth                  ###脡脰驴陋禄煤露炉 脌脩路镁脦
/sbin/chkconfig  --del cups                       ###脡脰驴陋禄煤露炉 麓貌姆镁脦
/sbin/chkconfig  --del ip6tables                  ###脡脰驴陋禄煤露炉 路;冒/sbin/chkconfig  --del iptables                   ###脡脰驴陋禄煤露炉 路;冒/sbin/chkconfig  --del isdn                       ###脡脰驴陋禄煤露炉 ISDN脥脗

 
/sbin/chkconfig  --add vsftpd                     ####脡脰驴陋禄煤  FTP路镁脦        
/sbin/chkconfig  --add nfs                        ####脡脰驴陋禄煤  NFS
/sbin/chkconfig  --add vncserver                  ####脡脰驴陋禄煤  VNC
/sbin/chkconfig  --add xinetd

###脜GDM

mv -f  /etc/gdm/custom.conf  /etc/gdm/custom.conf_bak$DATE    &&  echo "mv custom.conf OK " >> /root/init_log      ####卤赂路脻芒脦录镁


cat >>/etc/gdm/custom.conf< [daemon]
[security]
AllowRemoteRoot=true
DisallowTCP=false
[xdmcp]
Enable=1
Enable=true
DisplaysPerHost=5
Port=177
[gui]
[greeter]
[chooser]
[debug]
[servers]
EOF

/usr/sbin/gdm     && echo "GDM is boot...." >> /root/init_log         ###脝露炉GDM
echo "/usr/sbin/gdm >> /etc/rc.local"   ##脡脰驴陋禄煤脝露炉gdm

####脜脰VSFTP

cp  -f    /etc/vsftpd/ftpusers  /etc/vsftpd/ftpusers_bak$DATE              &&  echo "cp ftpusers OK " >> /root/init_log
cp  -f    /etc/vsftpd/user_list /etc/vsftpd/user_list_bak$DATE             &&  echo "cp user_list OK " >> /root/init_log
cp  -f    /etc/vsftpd/vsftpd.conf  /etc/vsftpd/vsftpd.conf_bak$DATE        &&  echo "cp vsftpd OK " >> /root/init_log

sed  -i  "s#root# #"  /etc/vsftpd/ftpusers
sed  -i  "s#root# #"  /etc/vsftpd/user_list

/etc/init.d/vsftpd  restart    && echo "VSFTP is boot...." >> /root/init_log


####脜脰TELNET
cp  -f  /etc/xinetd.d/krb5-telnet  /etc/xinetd.d/krb5-telnet_bak$DATE

cat > /etc/xinetd.d/krb5-telnet  < service telnet
{
        flags           = REUSE
        socket_type     = stream        
        wait            = no
        user            = root
        server          = /usr/kerberos/sbin/telnetd
        log_on_failure  += USERID
        disable         = no
}

EOF

  if   [ -f  /etc/securetty  ] ; then   
mv -f /etc/securetty /etc/securetty.bak$DATE           ###脭脨root脫禄搂麓脫TY3 TELNET
  else
  echo "file /etc/securetty no find"
  fi

/etc/init.d/xinetd restart            && echo "TELNET is boot...." >> /root/init_log

####脧示脙脕脌史潞贸脭戮脙脕碌脛盲时录盲echo HISTTIMEFORMAT=\"%Y-%m-%d %H:%M:%S\"  >> /etc/profile
echo 'HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S"' >> /etc/profile
echo export HISTTIMEFORMAT                >> /etc/profile     && echo "HISTORY OK" >> /root/init_log

sed  -i  '$!N; /^\(.*\)\n\1$/!P; D' /etc/profile        ###驴鲁媒

###脪脢禄煤calhost

/bin/hostname |grep -i localhost
 if [ $? -eq 0 ]  ; then
 echo "hostname is localhost,OK"
 else
 
 /bin/hostname localhost
 mv  -f    /etc/sysconfig/network  /etc/sysconfig/network$DATE
 echo "NETWORKING=yes" > /etc/sysconfig/network
 echo "HOSTNAME=localhost" >>/etc/sysconfig/network
cp  -f  /etc/hosts  /etc/hosts$DATE
 
 loopback=`cat /etc/hosts  |grep -i "127.0.0.1" |awk '{ print  $2}'`
IP=`ip ad |grep -i  "10.14.*" |awk  '{print $2}' |awk  -F /  ' { print  $1 }'`
oldhostname=`cat /etc/hosts  |grep      -i $IP |awk  '{ print  $2}' `
sed  -i  's#'$oldhostname'#localhost#g'  /etc/hosts
sed  -i  's#'$loopback'#localhost#g'     /etc/hosts

 fi
 
 
#### 赂麓职虏驴WAS6.1

cat  /etc/passwd|grep -i wasadmin  &&    cat  /etc/group |grep -i wasadmg

 if [ $? -eq 0 ]  ; then
 echo "was user already exists"
 echo wasadmin  |passwd  --stdin  wasadmin
 else
 groupadd  wasadmg
 useradd  -g wasadmg  -G wasadmg wasadmin
 echo wasadmin  |passwd  --stdin  wasadmin
fi
 

if [  -e /websphere/IBM/WebSphere ]   ; then
 echo "was already exists"
 else
 mkdir -p /websphere/IBM/
 cd    /websphere/
 
ftpUser=root
ftpPWD=root6adp2

/usr/bin/ftp -n< open 10.14.54.120 21
user $ftpUser  $ftpPWD
bin
#passive
cd /oradata/was
get IBM6.1_linux.tar
bye
quit
EOF

tar xvf   IBM6.1_linux.tar  -C /websphere  &&  chown -R wasadmin:wasadmg /websphere/IBM   && rm -rf  /websphere/IBM6.1_linux.tar

fi




mkdir -p /etc/snmp
cd /etc/snmp
rm -rf   snmpd.conf
ls
wget ftp://root@10.14.57.251/../etc/snmp/*  --ftp-password=root  && /etc/init.d/snmpd restart
echo "/etc/init.d/snmpd restart" >> /etc/rc.local
rpm -qa |grep -i net-snmp |wc -l
ip ad |grep -i inet


阅读(6295) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~