欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  科技

Linux系统优化脚本

程序员文章站 2022-03-24 12:28:34
#!/bin/bash ############################################################################## # File Name : Linux system config # description : This scri... ......
#!/bin/bash
##############################################################################
# file name    :    linux system config
# description   :   this script is used to set linux system
# author         :   simon
# mail             :   24731701@qq.com
##############################################################################
. /etc/init.d/functions
ip=`/sbin/ifconfig|awk -f '[ :]+' 'nr==2{print $4}'`

# defined result function

function msg(){
        if [ $? -eq 0 ];then
             action "$1" /bin/true
        else
             action "$1" /bin/false
        fi

}

# defined close selinux functions
function selinux(){
        [ if "/etc/selinux/config"  ] && {
            sed -i 's#selinux=enforcing#selinux=disabled#g' /etc/selinux/config
              setenforce 0
              msg "close selinux"            
        }
}

# defined add ordinary users functions

function adduser(){
        id simon &>/dev/null
        if [ $? -ne 0 ];then
        useradd simon &>/dev/null
        echo "123456"|passwd --stdin simon &>/dev/null &&\
       sed -ir '98a simon    all=(all)    nopasswd:all' /etc/sudoers &&\
        visudo -c &>/dev/null
        msg "adduser simon"
        else
             echo "simon user is exist."
        fi
}

# defined hide the system version number functions

function hideversion(){
        [ -f "/etc/issue" ] && >/etc/issue
        [ -f "/etc/issue.net"] && > /etc/issue.net
        msg "hide sys info."
}

# defined sshd config functions

function sshd(){
    sshd_file=/etc/ssh/sshd_config
    if [ `grep "52113" $sshd_file|wc -l` -eq 0 ];then
    sed -ir "13 iport 52113\npermitrootlogin no\npermitemptypasswords no\nusedns no\ngssapiauthentication no" $sshd_file
    sed -i 's@#listenaddress 0.0.0.0@listenaddress '${ip}':52113@g' $sshd_file
    /etc/init.d/sshd restart > /dev/null 2>&1
    msg "sshd config"
    fi
}

# defined open files functions
function openfiles(){
        if [ `grep "nofile 65535" /etc/security/limits.conf|wc -l` -eq 0 ];then
             echo '*  -  nofile  65535' >> /etc/security/limits.conf
             ulimit -shn 65535
             msg "open files"
        fi
}

function hosts(){
        if [ ! -f /server/scripts/hosts ];then
           echo "/server/scripts/hosts is not exist,please solve this question"
            sleep 300
            exit 1

        fi
        /bin/cp /server/scripts/hosts  /etc/hosts
}

# defined system startup services functions

function boot(){
        export lang=en
        for simon in `chkconfig --list|grep "3:on"|awk '{print $1}'|egrep -v "crond|network|rsyslog|sshd|sysstat"`
            do
               chkconfig $simon off
          done
          msg "boot config"
}

# deined time synchronization functions
function time(){
        grep "time.nist.gov" /var/spool/cron/root > /dev/null 2>&1
        if [ $? -ne 0 ];then
        echo "#time sync by simon at $(date +%f)" >>/var/spool/cron/root
        echo "*/5 * * * * /usr/sbin/ntpdate time.nist.gov &>/dev/null" >>/var/spool/cron/root
        fi
        msg "time synchronization"

}
# defined kernel parameters functions
function kernel(){
    /bin/cp /etc/sysctl.conf  /etc/sysctl.conf.$random
    /bin/cp /server/scripts/sysctl.conf /etc/
    msg "kernel"

}

function iptables(){
    /etc/init.d/iptables stop
    /etc/init.d/iptables stop
    msg "iptables"

}

function hostname(){
    ip=`/sbin/ifconfig eth1|awk -f "[: ]+" 'nr==2 {print $4}'`
    name=`grep -w "$ip" /etc/hosts |awk '{print $2}'`
    sed -i 's/hostname=*/hostname='"$name"'/g' /etc/sysconfig/network
    /bin/hostname  $name
    msg "hostname"

}

# defined main functions
function main(){
        adduser
        hideversion
        sshd
        openfiles
        hosts
        boot
        time
        kernel
        iptables
        hostname
}

main