#!/bin/bash #add the epel repo and rpmforge repo cd /root/ wget https://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm wget http://repository.it4i.cz/mirrors/repoforge/redhat/el7/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm rpm -ivh epel-release-7-9.noarch.rpm rpm -ivh rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm #remove *.rpm packages sleep 20 cd /root/ rm -rf epel-release-7-9.noarch.rpm rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm #yum install sy
sstat yum install -y gcc gcc-c++ vim unzip zip yum install -y iostat sy
sstat #set the ntp yum install -y ntp echo "01 01 * * * /usr/sbin/ntpdate ntp.api.bz >> /dev/null 2>&1" >> /etc/crontab ntpdate ntp.api.bz service crond restart #set the file limit ulimit -SHn 65535 echo "ulimit -SHn 65535" >> /etc/rc.local cat >> /etc/s
ecurity/limits.conf << EOF * soft nofile 60000 * hard nofile 65535 EOF #tune kernel p
arametres cat >> /etc/sysctl.conf << EOF net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.tcp_local_port_range = 1024 65535 EOF /sbin/sysctl -p #set the control -alt-delete to guard against the misuse sed -i 's@ ca::ctrlaltdel:/sbin/shutdown -t3 -r
Now@ #ca::ctrlaltdel:/sbin/shutdown -t3 -r
Now@' /etc/inittab #
disable selinux sed -i 's@ SELINUX=enforcing@ SELINUX=
disabled@' /etc/selinux/con
fig #ssh setting sed -i -e '74 s/^/#/' -i -e '76 s/^/#/' /etc/ssh/sshd_con
fig sed -i 's@ #Us
ednS yes@ Us
ednS no@' /etc/ssh/sshd_con
fig service sshd restart #
disable ipv6 echo "alias net -pf -10 off" >> /etc/modprobe.conf echo "alias ipv6 off" >> /etc/modprobe.conf echo "install ipv6 /bin/true" >> /etc/modprobe.conf echo "IPV6INIT=no" >> /etc/syscon
fig/network sed -i 's@ NETWORKING_IPV6=yes@ NETWORKING_IPV6=no@' /etc/syscon
fig/network chkcon
fig ip6tables off #vim setting echo "
Syntax on" >> /root/.vimrc echo "set nohlsearch" >> /root/.vimrc echo "set num" >> /root/.vimrc #chkcon
fig off services chkcon
fig blu
etooth off chkcon
fig sendmail off chkcon
fig kudzu off chkcon
fig nfslock off chkcon
fig portmap off chkcon
fig iptables off chkcon
fig autofs off chkcon
fig yum-updatesd off #reboot sy
stem reboot