Linux 快速安装脚本

Linux 快速安装脚本

Mr. Neo Chen (netkiller), 陈景峰(BG7NYT)

<openunix@163.com>

版权 © 2011, 2012 http://netkiller.github.com
摘要
在工作中，需要经常为新系统安装软件，重复而简单，但又不得不作，这里实现了一些半自动化安装标本，只需要Ctrl+C, Ctrl+V 快速粘贴复制，即可快速完成安装

下面是我多年积累下来的经验总结，整理成文档供大家参考:

Netkiller Architect 手札	Netkiller Linux 手札	Netkiller Developer 手札	Netkiller Security 手札
Netkiller Debian 手札	Netkiller CentOS 手札	Netkiller FreeBSD 手札	Netkiller Shell 手札
Netkiller Web 手札	Netkiller Monitoring 手札	Netkiller Storage 手札	Netkiller Mail 手札
Netkiller Database 手札	Netkiller PostgreSQL 手札	Netkiller MySQL 手札	Netkiller LDAP 手札
Netkiller Cryptography 手札	Netkiller Docbook 手札	Netkiller Version 手札	Netkiller Multimedia 手札
Netkiller Cisco IOS 手札	Netkiller Intranet 手札

目录
1. Linux 新机初始化安装2. 安全设置3. yum4. ntp5. net-snmp6. nagios7. nginx8. rsync9.10. bandwidthd

1. Linux 新机初始化安装

lokkit --disabled --selinux=disabled

yum remove dhclient -y

yum update -y
yum install -y telnet wget rsync
yum install -y openssh-clients
yum install -y system-config-network-tui
yum install -y bind-utils
yum install -y vim-enhanced

echo -ne "
search example.com
nameserver 208.67.222.222
nameserver 202.67.220.220
nameserver 8.8.8.8
nameserver 4.4.4.4
" > /etc/resolv.conf

echo -ne "

* soft nofile 65536
* hard nofile 65536
" >> /etc/security/limits.conf

cat >> /etc/sysctl.conf <<EOF

net.ipv4.ip_local_port_range = 1024 65500
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 4096
EOF

2. 安全设置

echo 'export HISTTIMEFORMAT="%Y-%m-%d-%H:%M:%S "' >> /etc/bashrc

3. yum

yum update -y
rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt rpm -K http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm rpm -i http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

4. ntp

# redhat 5.6 cp /etc/ntp.conf.original /etc/ntp.conf
yum install ntp -y
vi /etc/ntp.conf <<VIM > /dev/null 2>&1
:22,24s/^/#/
:25,25s/^/\rserver 172.16.3.51\rserver 172.16.3.52\r/
:wq
VIM
service ntpd start
chkconfig ntpd on

5. net-snmp

yum install net-snmp -y
vi /etc/snmp/snmpd.conf <<VIM > /dev/null 2>&1
:62,62s/systemview/all/
:85,85s/^#//
:wq
VIM
service snmpd start
chkconfig snmpd on

6. nagios

yum install -y nrpe nagios-plugins
vi /etc/nagios/nrpe.cfg <<VIM > /dev/null 2>&1
:%s/allowed_hosts=127.0.0.1/allowed_hosts=172.16.1.2/
:wq
VIM

cat >> /etc/nagios/nrpe.cfg <<EOF

#command[check_http]=/usr/lib64/nagios/plugins/check_http -I 127.0.0.1 -p 80 -u http://www.example.com/index.html command[check_swap]=/usr/lib64/nagios/plugins/check_swap -w 20% -c 10%
command[check_all_disks]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -e
EOF

chkconfig nrpe on
service nrpe start

cat >> /etc/bashrc <<EOF

export HISTTIMEFORMAT="%Y-%m-%d-%H:%M:%S "
EOF

7. nginx

cat > /etc/yum.repos.d/nginx.repo <<EOF
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/6/x86_64/
gpgcheck=0
enabled=1
EOF

yum search nginx

yum install -y nginx
chkconfig nginx on
service nginx start

8. rsync

yum install xinetd rsync -y

vim /etc/xinetd.d/rsync <<VIM > /dev/null 2>&1
:%s/yes/no/
:wq
VIM

cat > /etc/rsyncd.conf <<EOD
uid = root
gid = root
use chroot = no
max connections = 8
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log

hosts deny=*
hosts allow=192.168.2.0/255.255.255.0

[www]
uid = www
gid = www
path = /www/www.example.com
ignore errors
read only = no
list = no
auth users = neo
secrets file = /etc/rsyncd.passwd
[images]
uid = www
gid = www
path = /www/images.example.com
ignore errors
read only = no
list = no
auth users = neo
secrets file = /etc/rsyncd.passwd

EOD

# chmod 600 /etc/rsyncd.*

# service xinetd restart
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                           [  OK  ]

9.

yum install samba

cp /etc/samba/smb.conf /etc/samba/smb.conf.original

cat >> /etc/samba/smb.conf <<EOF

##########################
[tmp]
comment = tmp folder
writable = yes
locking = yes
path = /tmp
public = yes

[www]
comment = www development
writable = yes
locking = yes
path = /www
public = yes

EOF

smbpasswd -a www

service smb start

10. bandwidthd

rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm yum search bandwidthd
yum install bandwidthd

vim /etc/bandwidthd.conf

subnet 0.0.0.0 0.0.0.0
or
subnet 0.0.0.0/0

/etc/init.d/bandwidthd start

本文出自 “Netkiller 手札” 博客，转载请与作者联系！