![\"image-20220620092833717\"](\"https:\/\/qn.199604.com\/typoraImg\/image-20220620092833717.png\")
<\/div><\/p>\n![\"image-20220620092848682\"](\"https:\/\/qn.199604.com\/typoraImg\/image-20220620092848682.png\")
<\/div><\/p>\n\u4e3b\u8981\u5b9e\u73b0\u7cfb\u7edf\u7684\u5404\u7c7b\u4f18\u5316\uff0c\u6bd4\u5982\u5e38\u7528\u7684\u4fee\u6539\u5b57\u7b26\u96c6\u3001\u5173\u95edselinux\u3001\u5173\u95ed\u9632\u706b\u5899\u3001\u5b89\u88c5\u5e38\u7528\u5de5\u5177\u548c\u52a0\u5febssh\u767b\u5f55\u7b49\u529f\u80fd\u3002<\/p>\n
#!\/bin\/sh\n\n. \/etc\/rc.d\/init.d\/functions\nexport LANG=zh_CN.UTF-8\n\n#\u4e00\u7ea7\u83dc\u5355\nmenu1()\n{\n clear\n cat <<EOF\n----------------------------------------\n|**** \u6b22\u8fce\u4f7f\u7528cetnos7.9\u4f18\u5316\u811a\u672c ****|\n----------------------------------------\n1. \u4e00\u952e\u4f18\u5316\n2. \u81ea\u5b9a\u4e49\u4f18\u5316\n3. \u9000\u51fa\nEOF\n read -p \"please enter your choice[1-3]:\" num1\n}\n\n#\u4e8c\u7ea7\u83dc\u5355\nmenu2()\n{\n clear\n cat <<EOF\n----------------------------------------\n|****Please Enter Your Choice:[0-13]****|\n----------------------------------------\n1. \u4fee\u6539\u5b57\u7b26\u96c6\n2. \u5173\u95edselinux\n3. \u5173\u95edfirewalld\n4. \u7cbe\u7b80\u5f00\u673a\u542f\u52a8\n5. \u4fee\u6539\u6587\u4ef6\u63cf\u8ff0\u7b26\n6. \u5b89\u88c5\u5e38\u7528\u5de5\u5177\u53ca\u4fee\u6539yum\u6e90\n7. \u4f18\u5316\u7cfb\u7edf\u5185\u6838\n8. \u52a0\u5febssh\u767b\u5f55\u901f\u5ea6\n9. \u7981\u7528ctrl+alt+del\u91cd\u542f\n10.\u8bbe\u7f6e\u65f6\u95f4\u540c\u6b65\n11.history\u4f18\u5316\n12.\u8fd4\u56de\u4e0a\u7ea7\u83dc\u5355\n13.\u9000\u51fa\nEOF\n read -p \"please enter your choice[1-13]:\" num2\n\n}\n\n#1.\u4fee\u6539\u5b57\u7b26\u96c6\nlocaleset()\n{\n echo \"========================\u4fee\u6539\u5b57\u7b26\u96c6=========================\"\n cat > \/etc\/locale.conf <<EOF\nLANG=\"zh_CN.UTF-8\"\n#LANG=\"en_US.UTF-8\"\nSYSFONT=\"latarcyrheb-sun16\"\nEOF\n source \/etc\/locale.conf\n echo \"#cat \/etc\/locale.conf\"\n cat \/etc\/locale.conf\n action \"\u5b8c\u6210\u4fee\u6539\u5b57\u7b26\u96c6\" \/bin\/true\n echo \"===========================================================\"\n sleep 2\n}\n\n#2.\u5173\u95edselinux\nselinuxset() \n{\n selinux_status=`grep \"SELINUX=disabled\" \/etc\/sysconfig\/selinux | wc -l`\n echo \"========================\u7981\u7528SELINUX========================\"\n if [ $selinux_status -eq 0 ];then\n sed -i \"s#SELINUX=enforcing#SELINUX=disabled#g\" \/etc\/sysconfig\/selinux\n setenforce 0\n echo '#grep SELINUX=disabled \/etc\/sysconfig\/selinux'\n grep SELINUX=disabled \/etc\/sysconfig\/selinux\n echo '#getenforce'\n getenforce\n else\n echo 'SELINUX\u5df2\u5904\u4e8e\u5173\u95ed\u72b6\u6001'\n echo '#grep SELINUX=disabled \/etc\/sysconfig\/selinux'\n grep SELINUX=disabled \/etc\/sysconfig\/selinux\n echo '#getenforce'\n getenforce\n fi\n action \"\u5b8c\u6210\u7981\u7528SELINUX\" \/bin\/true\n echo \"===========================================================\"\n sleep 2\n}\n\n#3.\u5173\u95edfirewalld\nfirewalldset()\n{\n echo \"=======================\u7981\u7528firewalld========================\"\n systemctl stop firewalld.service &> \/dev\/null\n echo '#firewall-cmd --state'\n firewall-cmd --state\n systemctl disable firewalld.service &> \/dev\/null\n echo '#systemctl list-unit-files | grep firewalld'\n systemctl list-unit-files | grep firewalld\n action \"\u5b8c\u6210\u7981\u7528firewalld\uff0c\u751f\u4ea7\u73af\u5883\u4e0b\u5efa\u8bae\u542f\u7528\uff01\" \/bin\/true\n echo \"===========================================================\"\n sleep 5\n}\n\n#4.\u7cbe\u7b80\u5f00\u673a\u542f\u52a8\nchkset()\n{\n echo \"=======================\u7cbe\u7b80\u5f00\u673a\u542f\u52a8========================\"\n systemctl disable auditd.service\n systemctl disable postfix.service\n systemctl disable dbus-org.freedesktop.NetworkManager.service\n echo '#systemctl list-unit-files | grep -E \"auditd|postfix|dbus-org\\.freedesktop\\.NetworkManager\"'\n systemctl list-unit-files | grep -E \"auditd|postfix|dbus-org\\.freedesktop\\.NetworkManager\"\n action \"\u5b8c\u6210\u7cbe\u7b80\u5f00\u673a\u542f\u52a8\" \/bin\/true\n echo \"===========================================================\"\n sleep 2\n}\n\n#5.\u4fee\u6539\u6587\u4ef6\u63cf\u8ff0\u7b26\nlimitset()\n{\n echo \"======================\u4fee\u6539\u6587\u4ef6\u63cf\u8ff0\u7b26=======================\"\n echo '* - nofile 65535'>\/etc\/security\/limits.conf\n ulimit -SHn 65535\n echo \"#cat \/etc\/security\/limits.conf\"\n cat \/etc\/security\/limits.conf\n echo \"#ulimit -Sn ; ulimit -Hn\"\n ulimit -Sn ; ulimit -Hn\n action \"\u5b8c\u6210\u4fee\u6539\u6587\u4ef6\u63cf\u8ff0\u7b26\" \/bin\/true\n echo \"===========================================================\"\n sleep 2\n}\n\n#6.\u5b89\u88c5\u5e38\u7528\u5de5\u5177\u53ca\u4fee\u6539yum\u6e90\nyumset()\n{\n echo \"=================\u5b89\u88c5\u5e38\u7528\u5de5\u5177\u53ca\u4fee\u6539yum\u6e90===================\"\n yum install wget -y &> \/dev\/null\n if [ $? -eq 0 ];then\n cd \/etc\/yum.repos.d\/\n \\cp CentOS-Base.repo CentOS-Base.repo.$(date +%F)\n ping -c 1 mirrors.aliyun.com &> \/dev\/null\n if [ $? -eq 0 ];then\n wget -O \/etc\/yum.repos.d\/CentOS-Base.repo http:\/\/mirrors.aliyun.com\/repo\/Centos-7.repo &> \/dev\/null\n yum clean all &> \/dev\/null\n yum makecache &> \/dev\/null\n else\n echo \"\u65e0\u6cd5\u8fde\u63a5\u7f51\u7edc\"\n exit $?\n fi\n else\n echo \"wget\u5b89\u88c5\u5931\u8d25\"\n exit $?\n fi\n yum -y install ntpdate lsof net-tools telnet vim lrzsz tree nmap nc sysstat &> \/dev\/null\n action \"\u5b8c\u6210\u5b89\u88c5\u5e38\u7528\u5de5\u5177\u53ca\u4fee\u6539yum\u6e90\" \/bin\/true\n echo \"===========================================================\"\n sleep 2\n}\n\n#7. \u4f18\u5316\u7cfb\u7edf\u5185\u6838\nkernelset()\n{\n echo \"======================\u4f18\u5316\u7cfb\u7edf\u5185\u6838=========================\"\n chk_nf=`cat \/etc\/sysctl.conf | grep conntrack |wc -l`\n if [ $chk_nf -eq 0 ];then\n cat >>\/etc\/sysctl.conf<<EOF\nnet.ipv4.tcp_fin_timeout = 2\nnet.ipv4.tcp_tw_reuse = 1\nnet.ipv4.tcp_tw_recycle = 1\nnet.ipv4.tcp_syncookies = 1\nnet.ipv4.tcp_keepalive_time = 600\nnet.ipv4.ip_local_port_range = 4000 65000\nnet.ipv4.tcp_max_syn_backlog = 16384\nnet.ipv4.tcp_max_tw_buckets = 36000\nnet.ipv4.route.gc_timeout = 100\nnet.ipv4.tcp_syn_retries = 1\nnet.ipv4.tcp_synack_retries = 0\nnet.core.somaxconn = 16384\nnet.core.netdev_max_backlog = 16384\nnet.ipv4.tcp_max_orphans = 16384\nnet.netfilter.nf_conntrack_max = 25000000\nnet.netfilter.nf_conntrack_tcp_timeout_established = 180\nnet.netfilter.nf_conntrack_tcp_timeout_time_wait = 120\nnet.netfilter.nf_conntrack_tcp_timeout_close_wait = 60\nnet.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120\nEOF\n sysctl -p\n else\n echo \"\u4f18\u5316\u9879\u5df2\u5b58\u5728\u3002\"\n fi\n action \"\u5185\u6838\u8c03\u4f18\u5b8c\u6210\" \/bin\/true\n echo \"===========================================================\"\n sleep 2\n}\n\n#8.\u52a0\u5febssh\u767b\u5f55\u901f\u5ea6\nsshset()\n{\n echo \"======================\u52a0\u5febssh\u767b\u5f55\u901f\u5ea6======================\"\n sed -i 's#^GSSAPIAuthentication yes$#GSSAPIAuthentication no#g' \/etc\/ssh\/sshd_config\n sed -i 's\/#UseDNS yes\/UseDNS no\/g' \/etc\/ssh\/sshd_config\n systemctl restart sshd.service\n echo \"#grep GSSAPIAuthentication \/etc\/ssh\/sshd_config\"\n grep GSSAPIAuthentication \/etc\/ssh\/sshd_config\n echo \"#grep UseDNS \/etc\/ssh\/sshd_config\"\n grep UseDNS \/etc\/ssh\/sshd_config\n action \"\u5b8c\u6210\u52a0\u5febssh\u767b\u5f55\u901f\u5ea6\" \/bin\/true\n echo \"===========================================================\"\n sleep 2\n}\n\n#9. \u7981\u7528ctrl+alt+del\u91cd\u542f\nrestartset()\n{\n echo \"===================\u7981\u7528ctrl+alt+del\u91cd\u542f====================\"\n rm -rf \/usr\/lib\/systemd\/system\/ctrl-alt-del.target\n action \"\u5b8c\u6210\u7981\u7528ctrl+alt+del\u91cd\u542f\" \/bin\/true\n echo \"===========================================================\"\n sleep 2\n}\n\n#10. \u8bbe\u7f6e\u65f6\u95f4\u540c\u6b65\nntpdateset()\n{\n echo \"=======================\u8bbe\u7f6e\u65f6\u95f4\u540c\u6b65========================\"\n yum -y install ntpdate &> \/dev\/null\n if [ $? -eq 0 ];then\n \/usr\/sbin\/ntpdate time.windows.com\n echo \"*\/5 * * * * \/usr\/sbin\/ntpdate ntp.aliyun.com &>\/dev\/null\" >> \/var\/spool\/cron\/root\n else\n echo \"ntpdate\u5b89\u88c5\u5931\u8d25\"\n exit $?\n fi\n action \"\u5b8c\u6210\u8bbe\u7f6e\u65f6\u95f4\u540c\u6b65\" \/bin\/true\n echo \"===========================================================\"\n sleep 2\n}\n\n#11. history\u4f18\u5316\nhistoryset()\n{\n echo \"========================history\u4f18\u5316========================\"\n chk_his=`cat \/etc\/profile | grep HISTTIMEFORMAT |wc -l`\n if [ $chk_his -eq 0 ];then\n cat >> \/etc\/profile <<'EOF'\n#\u8bbe\u7f6ehistory\u683c\u5f0f\nexport HISTTIMEFORMAT=\"[%Y-%m-%d %H:%M:%S] [`whoami`] [`who am i|awk '{print $NF}'|sed -r 's#[()]##g'`]: \"\n#\u8bb0\u5f55shell\u6267\u884c\u7684\u6bcf\u4e00\u6761\u547d\u4ee4\nexport PROMPT_COMMAND='\\\nif [ -z \"$OLD_PWD\" ];then\n export OLD_PWD=$PWD;\nfi;\nif [ ! -z \"$LAST_CMD\" ] && [ \"$(history 1)\" != \"$LAST_CMD\" ]; then\n logger -t `whoami`_shell_dir \"[$OLD_PWD]$(history 1)\";\nfi;\nexport LAST_CMD=\"$(history 1)\";\nexport OLD_PWD=$PWD;'\nEOF\n source \/etc\/profile\n else\n echo \"\u4f18\u5316\u9879\u5df2\u5b58\u5728\u3002\"\n fi\n action \"\u5b8c\u6210history\u4f18\u5316\" \/bin\/true\n echo \"===========================================================\"\n sleep 2\n}\n\n#\u63a7\u5236\u51fd\u6570\nmain()\n{\n menu1\n case $num1 in\n 1)\n localeset\n selinuxset\n firewalldset\n chkset\n limitset\n yumset\n kernelset\n sshset\n restartset\n ntpdateset\n historyset\n ;;\n 2)\n menu2\n case $num2 in\n 1)\n localeset\n ;;\n 2)\n selinuxset\n ;;\n 3)\n firewalldset\n ;;\n 4)\n chkset\n ;;\n 5)\n limitset\n ;;\n 6) \n yumset\n ;;\n 7)\n kernelset\n ;;\n 8)\n sshset\n ;;\n 9)\n restartset\n ;;\n 10)\n ntpdateset\n ;;\n 11)\n historyset\n ;;\n 12)\n main\n ;;\n 13)\n exit\n ;;\n *)\n echo 'Please select a number from [1-13].'\n ;;\n esac\n ;;\n 3)\n exit\n ;;\n *)\n echo 'Err:Please select a number from [1-3].'\n sleep 3\n main\n ;;\n esac\n}\nmain $*\n<\/code><\/pre>\n\u5c06\u5176\u4fdd\u5b58\u4e3ainit.sh\uff0c\u7136\u540e\u8d4b\u4e88\u6267\u884c\u6743\u9650\u540e\u6267\u884c:chmod +x init.sh && .\/init.sh<\/code><\/p>\n\u6216\u8005\uff1awget https:\/\/qn.199604.com\/typoraImg\/init.sh<\/code> or curl https:\/\/qn.199604.com\/typoraImg\/init.sh --silent -O<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"CentOS 7\u7cfb\u7edf\u4f18\u5316\u811a\u672c \u4e3b\u8981\u5b9e\u73b0\u7cfb\u7edf\u7684\u5404\u7c7b\u4f18\u5316\uff0c\u6bd4\u5982\u5e38\u7528\u7684\u4fee\u6539\u5b57\u7b26\u96c6\u3001\u5173\u95edselinux\u3001\u5173\u95ed\u9632\u706b\u5899\u3001\u5b89 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[260],"tags":[347],"class_list":["post-2277","post","type-post","status-publish","format-standard","hentry","category-linux","tag-centos-7"],"_links":{"self":[{"href":"https:\/\/199604.com\/wp-json\/wp\/v2\/posts\/2277","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/199604.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/199604.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/199604.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/199604.com\/wp-json\/wp\/v2\/comments?post=2277"}],"version-history":[{"count":3,"href":"https:\/\/199604.com\/wp-json\/wp\/v2\/posts\/2277\/revisions"}],"predecessor-version":[{"id":2319,"href":"https:\/\/199604.com\/wp-json\/wp\/v2\/posts\/2277\/revisions\/2319"}],"wp:attachment":[{"href":"https:\/\/199604.com\/wp-json\/wp\/v2\/media?parent=2277"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/199604.com\/wp-json\/wp\/v2\/categories?post=2277"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/199604.com\/wp-json\/wp\/v2\/tags?post=2277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}