linux环境初始脚本

#//把下面内容，做成init.sh文件，放到liunx任意目录下，用
bash ./init.sh
#//执行，或用
chmod -R 777 init.sh
#//赋权后，再用
./init.sh
#//执行

---

#!/bin/bash    
#
# 初始centOS系统环境
# 1. 在线安装一些编译环境
# 2. 关闭防火墙
# 3. 修改内核参数
#
#

yuminst(){

    #update yum 
    yum -y update
    
    #install epel EPEL 是yum的一个软件源，里面包含了许多基本源里没有的软件
    wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
    wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
    sudo rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm

    #install  
    yum install -y setuptool ntsysv iptables pcre-devel openssl-devel bzip2-devel xinetd lrzsz lsof system-config-securitylevel-tui system-config-network-tui  apr-util xorg-x11-drv-penmount perl-DBD-MySQL bind-utils --nogpgcheck
    yum install -y zip unzip --nogpgcheck
    yum install -y libselinux-python python-devel
    yum install -y net-snmp #net-snmp-perl net-snmp-utils net-snmp-devel
    yum install -y mlocate --nogpgcheck
    updatedb
    yum install -y  ncurses ncurses-devel bison
    yum install -y glibc glibc-common glibc-devel gd gd-devel libtool libpcap libpcap-devel gdbm gdbm-devel zlib zlib-devel libxslt audit-libs-devel --nogpgcheck
    yum install -y openssh openssh-server openssh-clients  --nogpgcheck
    yum install -y make cmake vim* gcc gcc-c++  --nogpgcheck
    yum install -y nfs-utils nfs-utils-lib nfs4-acl-tools cifs-utils xfsprogs  --nogpgcheck
    yum install -y crontabs vixie-cron --nogpgcheck
    yum install -y ntp  --nogpgcheck
    yum install -y telnet
}

ser(){
    /etc/init.d/crond start
    chkconfig crond on
    /etc/init.d/iptables stop
    chkconfig iptables off
    /etc/init.d/sshd start
    chkconfig sshd on
    
    setenforce 0
    sed -ri 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
}

kernal(){
    #内核参数修改
    modprobe nf_conntrack
    echo "modprobe nf_conntrack" >> /etc/rc.local
    modprobe bridge
    echo "modprobe bridge" >> /etc/rc.local
    
    echo '
    net.ipv4.tcp_fin_timeout = 60
    net.ipv4.tcp_tw_reuse = 1
    net.ipv4.tcp_tw_recycle = 1
    net.ipv4.tcp_syncookies = 1
    net.ipv4.tcp_max_syn_backlog = 16384
    net.ipv4.tcp_max_tw_buckets = 36000
    net.ipv4.route.gc_timeout = 100
    net.ipv4.tcp_syn_retries = 2
    net.ipv4.tcp_synack_retries = 1
    net.core.somaxconn = 32768
    net.core.netdev_max_backlog = 32768
    net.ipv4.tcp_max_orphans = 327680
    
    net.nf_conntrack_max = 102400
    net.netfilter.nf_conntrack_max = 102400
    net.netfilter.nf_conntrack_tcp_timeout_established = 180
    net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
    net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60
    net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120' >>  /etc/sysctl.conf
    
    sysctl -p
    echo ''
}


filelimit(){
    #修改打开文件限制        
    echo 'ulimit -n 65535' >> /etc/profile
    source /etc/profile
    echo '*        soft   nproc  65535
    *        hard   nproc  65535
    *        soft   nofile  65535
    *        hard   nofile  65535' >> /etc/security/limits.conf
    
    echo '*          soft    nproc    65535' >> /etc/security/limits.d/90-nproc.conf
    
    echo -e "================= 修改打开文件限制完成 ================="
}

echo "1: yum安装基础环境"
echo "2: 修改内核参数及文件限制"
echo "3: all"

read -p "请选择：" num
if [ -z $num ];then
    echo $num
elif [ $num -eq 1 ];then
    yuminst
    ser
elif [ $num -eq 2 ];then
    kernal
    filelimit
elif [ $num -eq 3 ];then
    yuminst
    ser
    kernal
    filelimit
else
    echo "请输入正确选项"
    exit
fi