Centos7 x 裝機優化

2022-07-19 08:09:17 字數 2329 閱讀 5618

linux 伺服器裝機後優化 參考

優化初始化指令碼

vim init_optimization.sh

#!/bin/bash

#author by cc

#this script is only for centos 7.x

#check the os

platform=`uname -i`

if [ $platform != "x86_64" ];then

echo "this script is only for 64bit operating system !"

exit 1

fiecho "the platform is ok"

cat << eof

your system is centos 7 x86_64

eof#新增公網dns位址

cat >> /etc/resolv.conf << eof

nameserver 114.114.114.114

nameserver 223.5.5.5

eof#yum源更換為國內阿里源

yum install wget telnet -y

mv /etc/yum.repos.d/centos-base.repo /etc/yum.repos.d/centos-base.repo.backup

wget -o /etc/yum.repos.d/centos-base.repo

#新增阿里的epel源

#add the epel

wget -o /etc/yum.repos.d/epel.repo

# rpm -ivh

#yum重新建立快取

yum clean all

yum makecache

#基礎軟體安裝

yum -y install wget net-tools screen lsof tcpdump nc mtr openssl-devel vim bash-completion lrzsz nmap telnet tree ntpdate bash-completion chrony

#同步時間

yum -y install ntp

sed -i 's/server 0.centos.pool.ntp.org iburst/server ntp1.aliyun.com iburst/' /etc/ntp.conf

sed -i 's/server 1.centos.pool.ntp.org iburst/server ntp2.aliyun.com iburst/' /etc/ntp.conf

sed -i 's/server 2.centos.pool.ntp.org iburst/server ntp3.aliyun.com iburst/' /etc/ntp.conf

systemctl restart ntpd.service

#設定最大開啟檔案描述符數

echo "ulimit -shn 102400" >> /etc/rc.local

cat >> /etc/security/limits.conf << eof

* soft nofile 655350

* hard nofile 655350

eof#禁用selinux

sed -i 's/selinux=enforcing/selinux=disabled/' /etc/selinux/config

setenforce 0

#關閉防火牆

systemctl disable firewalld.service

systemctl stop firewalld.service

#set ssh

sed -i 's/^gssapiauthentication yes$/gssapiauthentication no/' /etc/ssh/sshd_config

sed -i 's/#usedns yes/usedns no/' /etc/ssh/sshd_config

systemctl restart sshd.service

#vim定義退格鍵可刪除最後乙個字元型別

echo 'alias vi=vim' >> /etc/profile

echo 'stty erase ^h' >> /etc/profile

cat >> /root/.vimrc << eof

set tabstop=4

set shiftwidth=4

set expandtab

syntax on

"set number

eof

CentOS 7 X 安全手記

一 安裝雲鎖 1 報錯 2 關閉selinux vim etc selinux config 將 selinux enforcing 改 selinux disabled 3 重啟系統 reboot now 二 centos7相關的操作 1 防火牆 firewall cmd 1 禁止被ping 禁止...

CentOS7 X磁碟掛載

假設掛載點為 www 假設磁碟為 dev vdc 假設磁碟只有卷 dev vdc1 該方案可能會丟失磁碟所有資料,操作前請先備份 磁碟已格式化 用過的磁碟 磁碟立即掛載 mkdir www mount dev vdc1 www 啟用開機掛載 獲取磁碟id ll dev disk by path lr...

CentOS7 X磁碟擴容

假設掛載點為 www 假設磁碟為 dev vdc 假設磁碟只有卷 dev vdc1 該方案可能會丟失磁碟所有資料,操作前請先備份 檢視磁碟是否已分割槽,以及分割槽方式為 mbr 還是 gpt 如果包含 device 資訊,表示已分割槽 分割槽表型別dos表示分割槽方式為 mbr 分割槽表型別gpt表...