Linux 快速安装脚本

1. Linux 新机初始化安装

lokkit --disabled --selinux=disabled

yum remove dhclient -y

yum update -y
yum install -y telnet wget rsync
yum install -y openssh-clients
yum install -y system-config-network-tui
yum install -y bind-utils
yum install -y vim-enhanced

echo -ne "
search example.com
nameserver 208.67.222.222
nameserver 202.67.220.220
nameserver 8.8.8.8
nameserver 4.4.4.4
" > /etc/resolv.conf

echo -ne "

* soft nofile 65536
* hard nofile 65536
" >> /etc/security/limits.conf

cat >> /etc/sysctl.conf <<EOF

net.ipv4.ip_local_port_range = 1024 65500
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_keepalive_time = 1200
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 4096
EOF

2. 安全设置

echo 'export HISTTIMEFORMAT="%Y-%m-%d-%H:%M:%S "' >> /etc/bashrc

3. yum

yum update -y
rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt rpm -K http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm rpm -i http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

4. ntp

# redhat 5.6 cp /etc/ntp.conf.original /etc/ntp.conf
yum install ntp -y
vi /etc/ntp.conf <<VIM > /dev/null 2>&1
:22,24s/^/#/
:25,25s/^/\rserver 172.16.3.51\rserver 172.16.3.52\r/
:wq
VIM
service ntpd start
chkconfig ntpd on

5. net-snmp

yum install net-snmp -y
vi /etc/snmp/snmpd.conf <<VIM > /dev/null 2>&1
:62,62s/systemview/all/
:85,85s/^#//
:wq
VIM
service snmpd start
chkconfig snmpd on

6. nagios

yum install -y nrpe nagios-plugins
vi /etc/nagios/nrpe.cfg <<VIM > /dev/null 2>&1
:%s/allowed_hosts=127.0.0.1/allowed_hosts=172.16.1.2/
:wq
VIM

cat >> /etc/nagios/nrpe.cfg <<EOF

#command[check_http]=/usr/lib64/nagios/plugins/check_http -I 127.0.0.1 -p 80 -u http://www.example.com/index.html command[check_swap]=/usr/lib64/nagios/plugins/check_swap -w 20% -c 10%
command[check_all_disks]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -e
EOF

chkconfig nrpe on
service nrpe start

cat >> /etc/bashrc <<EOF

export HISTTIMEFORMAT="%Y-%m-%d-%H:%M:%S "
EOF

7. nginx

cat > /etc/yum.repos.d/nginx.repo <<EOF
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/6/x86_64/
gpgcheck=0
enabled=1
EOF

yum search nginx

yum install -y nginx
chkconfig nginx on
service nginx start

8. rsync

yum install xinetd rsync -y

vim /etc/xinetd.d/rsync <<VIM > /dev/null 2>&1
:%s/yes/no/
:wq
VIM

cat > /etc/rsyncd.conf <<EOD
uid = root
gid = root
use chroot = no
max connections = 8
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log

hosts deny=*
hosts allow=192.168.2.0/255.255.255.0

[www]
uid = www
gid = www
path = /www/www.example.com
ignore errors
read only = no
list = no
auth users = neo
secrets file = /etc/rsyncd.passwd
[images]
uid = www
gid = www
path = /www/images.example.com
ignore errors
read only = no
list = no
auth users = neo
secrets file = /etc/rsyncd.passwd

EOD

# chmod 600 /etc/rsyncd.*

# service xinetd restart
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                           [  OK  ]

9.

yum install samba

cp /etc/samba/smb.conf /etc/samba/smb.conf.original

cat >> /etc/samba/smb.conf <<EOF

##########################
[tmp]
comment = tmp folder
writable = yes
locking = yes
path = /tmp
public = yes

[www]
comment = www development
writable = yes
locking = yes
path = /www
public = yes

EOF

smbpasswd -a www

service smb start

10. bandwidthd

rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm yum search bandwidthd
yum install bandwidthd

vim /etc/bandwidthd.conf

subnet 0.0.0.0 0.0.0.0
or
subnet 0.0.0.0/0

/etc/init.d/bandwidthd start