#! /bin/bash # # #初始化Centos系统 # # # function echo_success() { echo -e "\e[32m$1\e[0m" } function echo_failure() { echo -e "\e[31m$1\e[0m" } function echo_warning() { echo -e "\e[33m$1\e[0m" } export LANG=en_US.utf8 # #检查系统服务关闭不必要的服务 # echo_success "System Initialization..." function check_service() { LEVEL=35 SERVER_ARR=('crond' 'messagebus' 'network' 'sshd' {'','r'}'syslog') SERVER_STATUS=0 for I in $(chkconfig --list|awk '{print $1}'|egrep -v '^.*:'|sort|uniq) do for X in ${SERVER_ARR[@]} do if [ "x$I" == "x$X" ];then for S in $(chkconfig --list $I|awk '{print $5;print $7;}') do if [ "${S##*:}" != "on" ];then LEVEL_TMP=${S%%:*} chkconfig --level $LEVEL_TMP $I on fi done SERVER_STATUS=1 fi done if [ $SERVER_STATUS -eq 0 ];then service $I stop &>/dev/zero chkconfig --level $LEVEL $I off else SERVER_STATUS=0 fi done } # #关闭其他杂项 # function check_other() { SELINUX_CONF_FILE=/etc/selinux/config SELINUX_STATUS=$(grep "^SELINUX=" $SELINUX_CONF_FILE) INITABE_CONF_FILE=/etc/inittab TTY_CONF_FILE=/etc/init/start-ttys.conf INIT_CONF_FILE=/etc/sysconfig/init LIMIT_CONF_FILE=/etc/security/limits.conf INITCTL=/sbin/initctl SYSTEM_TYPE=0 RUN_LEVEL=3 TTY_NUMBER=2 if [ -f $TTY_CONF_FILE ];then SYSTEM_TYPE=6 else SYSTEM_TYPE=5 fi if [ "x${SELINUX_STATUS##*=}" != "xdisabled" ];then sed -i "s/$SELINUX_STATUS/SELINUX=disabled/" $SELINUX_CONF_FILE /usr/sbin/setenforce 0 fi NOW_RUN_LEVEL=$(grep ^id:[0-6]:* /etc/inittab) if [ "x${NOW_RUN_LEVEL:3:1}" != "x3" ];then sed -i "s/$NOW_RUN_LEVEL/${NOW_RUN_LEVEL//[0-9]/$RUN_LEVEL}/" $INITABE_CONF_FILE fi if [ ${SYSTEM_TYPE} -eq 6 ];then NOW_TTY_NUM=$(grep "^.*ACTIVE_CONSOLES.*]$" $INIT_CONF_FILE) NOW_TTY_TMP_NUM=${NOW_TTY_NUM:$(expr ${#NOW_TTY_NUM} - 2):1} if [ $NOW_TTY_TMP_NUM -gt 2 ];then NOW_TMP_TTY=${NOW_TTY_NUM:$(expr ${#NOW_TTY_NUM} - 4):3} sed -i "s/\[$NOW_TMP_TTY\]/\[1-2]/" $INIT_CONF_FILE for TTY_P in $(ps auxw|grep tty[$(expr $TTY_NUMBER + 1)-$NOW_TTY_TMP_NUM]|grep -v grep|awk '{print $NF}') do $INITCTL stop tty TTY=$TTY_P &>/dev/zero done fi elif [ ${SYSTEM_TYPE} -eq 5 ];then sed -i 's/^[3-9]/#&/' $INITABE_CONF_FILE init q else echo "init system is Centos 6.x or Centos5.x" fi if [ -f $LIMIT_CONF_FILE ];then sed -i 's/^*.[sh]/#*/' $LIMIT_CONF_FILE cat <<EOF >> $LIMIT_CONF_FILE * soft nofile 60000 * hard nofile 65535 EOF fi } check_service check_other echo_success "System initialization is complete"