#!/bin/bash ############################################################################## # File Name : Linux system config # description : This script is used to set linux system # Author : simon # Mail : 24731701@qq.com ############################################################################## . /etc/init.d/functions IP=`/sbin/ifconfig|awk -F '[ :]+' 'NR==2{print $4}'` # Defined result function function Msg(){ if [ $? -eq 0 ];then action "$1" /bin/true else action "$1" /bin/false fi } # Defined Close selinux Functions function selinux(){ [ if "/etc/selinux/config" ] && { sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config setenforce 0 Msg "Close selinux" } } # Defined add Ordinary users Functions function AddUser(){ id simon &>/dev/null if [ $? -ne 0 ];then useradd simon &>/dev/null echo "123456"|passwd --stdin simon &>/dev/null &&\ sed -ir '98a simon ALL=(ALL) NOPASSWD:ALL' /etc/sudoers &&\ visudo -c &>/dev/null Msg "AddUser simon" else echo "simon user is exist." fi } # Defined Hide the system version number Functions function HideVersion(){ [ -f "/etc/issue" ] && >/etc/issue [ -f "/etc/issue.net"] && > /etc/issue.net Msg "Hide sys info." } # Defined sshd config Functions function sshd(){ sshd_file=/etc/ssh/sshd_config if [ `grep "52113" $sshd_file|wc -l` -eq 0 ];then sed -ir "13 iPort 52113\nPermitRootLogin no\nPermitEmptyPasswords no\nUseDNS no\nGSSAPIAuthentication no" $sshd_file sed -i 's@#ListenAddress 0.0.0.0@ListenAddress '${IP}':52113@g' $sshd_file /etc/init.d/sshd restart > /dev/null 2>&1 Msg "sshd config" fi } # Defined OPEN FILES Functions function openfiles(){ if [ `grep "nofile 65535" /etc/security/limits.conf|wc -l` -eq 0 ];then echo '* - nofile 65535' >> /etc/security/limits.conf ulimit -SHn 65535 Msg "open files" fi } function hosts(){ if [ ! -f /server/scripts/hosts ];then echo "/server/scripts/hosts is not exist,please solve this question" sleep 300 exit 1 fi /bin/cp /server/scripts/hosts /etc/hosts } # Defined System Startup Services Functions function boot(){ export LANG=en for simon in `chkconfig --list|grep "3:on"|awk '{print $1}'|egrep -v "crond|network|rsyslog|sshd|sysstat"` do chkconfig $simon off done Msg "BOOT config" } # Deined Time Synchronization Functions function Time(){ grep "time.nist.gov" /var/spool/cron/root > /dev/null 2>&1 if [ $? -ne 0 ];then echo "#time sync by simon at $(date +%F)" >>/var/spool/cron/root echo "*/5 * * * * /usr/sbin/ntpdate time.nist.gov &>/dev/null" >>/var/spool/cron/root fi Msg "Time Synchronization" } # Defined Kernel parameters Functions function Kernel(){ /bin/cp /etc/sysctl.conf /etc/sysctl.conf.$RANDOM /bin/cp /server/scripts/sysctl.conf /etc/ Msg "kernel" } function iptables(){ /etc/init.d/iptables stop /etc/init.d/iptables stop Msg "iptables" } function hostname(){ ip=`/sbin/ifconfig eth1|awk -F "[: ]+" 'NR==2 {print $4}'` name=`grep -w "$ip" /etc/hosts |awk '{print $2}'` sed -i 's/HOSTNAME=*/HOSTNAME='"$name"'/g' /etc/sysconfig/network /bin/hostname $name Msg "hostname" } # Defined main Functions function main(){ AddUser HideVersion sshd openfiles hosts boot Time Kernel iptables hostname } main