Linux系统优化脚本

时间:2021-11-16 16:09:10
#!/bin/bash
##############################################################################
# File Name    :    Linux system config
# description   :   This script is used to set linux system
# Author         :   simon
# Mail             :   24731701@qq.com
##############################################################################
. /etc/init.d/functions
IP=`/sbin/ifconfig|awk -F '[ :]+' 'NR==2{print $4}'`

# Defined result function

function Msg(){
        if [ $? -eq 0 ];then
             action "$1" /bin/true
        else
             action "$1" /bin/false
        fi

}

# Defined Close selinux Functions
function selinux(){
        [ if "/etc/selinux/config"  ] && {
            sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
              setenforce 0
              Msg "Close selinux"            
        }
}

# Defined add Ordinary users Functions

function AddUser(){
        id simon &>/dev/null
        if [ $? -ne 0 ];then
        useradd simon &>/dev/null
        echo "123456"|passwd --stdin simon &>/dev/null &&\
       sed -ir '98a simon    ALL=(ALL)    NOPASSWD:ALL' /etc/sudoers &&\
        visudo -c &>/dev/null
        Msg "AddUser simon"
        else
             echo "simon user is exist."
        fi
}

# Defined Hide the system version number Functions

function HideVersion(){
        [ -f "/etc/issue" ] && >/etc/issue
        [ -f "/etc/issue.net"] && > /etc/issue.net
        Msg "Hide sys info."
}

# Defined sshd config Functions

function sshd(){
    sshd_file=/etc/ssh/sshd_config
    if [ `grep "52113" $sshd_file|wc -l` -eq 0 ];then
    sed -ir "13 iPort 52113\nPermitRootLogin no\nPermitEmptyPasswords no\nUseDNS no\nGSSAPIAuthentication no" $sshd_file
    sed -i 's@#ListenAddress 0.0.0.0@ListenAddress '${IP}':52113@g' $sshd_file
    /etc/init.d/sshd restart > /dev/null 2>&1
    Msg "sshd config"
    fi
}

# Defined OPEN FILES Functions
function openfiles(){
        if [ `grep "nofile 65535" /etc/security/limits.conf|wc -l` -eq 0 ];then
             echo '*  -  nofile  65535' >> /etc/security/limits.conf
             ulimit -SHn 65535
             Msg "open files"
        fi
}

function hosts(){
        if [ ! -f /server/scripts/hosts ];then
           echo "/server/scripts/hosts is not exist,please solve this question"
            sleep 300
            exit 1

        fi
        /bin/cp /server/scripts/hosts  /etc/hosts
}

# Defined System Startup Services Functions

function boot(){
        export LANG=en
        for simon in `chkconfig --list|grep "3:on"|awk '{print $1}'|egrep -v "crond|network|rsyslog|sshd|sysstat"`
            do
               chkconfig $simon off
          done
          Msg "BOOT config"
}

# Deined Time Synchronization Functions
function Time(){
        grep "time.nist.gov" /var/spool/cron/root > /dev/null 2>&1
        if [ $? -ne 0 ];then
        echo "#time sync by simon at $(date +%F)" >>/var/spool/cron/root
        echo "*/5 * * * * /usr/sbin/ntpdate time.nist.gov &>/dev/null" >>/var/spool/cron/root
        fi
        Msg "Time Synchronization"

}
# Defined Kernel parameters Functions
function Kernel(){
    /bin/cp /etc/sysctl.conf  /etc/sysctl.conf.$RANDOM
    /bin/cp /server/scripts/sysctl.conf /etc/
    Msg "kernel"

}

function iptables(){
    /etc/init.d/iptables stop
    /etc/init.d/iptables stop
    Msg "iptables"

}

function hostname(){
    ip=`/sbin/ifconfig eth1|awk -F "[: ]+" 'NR==2 {print $4}'`
    name=`grep -w "$ip" /etc/hosts |awk '{print $2}'`
    sed -i 's/HOSTNAME=*/HOSTNAME='"$name"'/g' /etc/sysconfig/network
    /bin/hostname  $name
    Msg "hostname"

}

# Defined main Functions
function main(){
        AddUser
        HideVersion
        sshd
        openfiles
        hosts
        boot
        Time
        Kernel
        iptables
        hostname
}

main