CentOS6.7生产环境基础优化实战
1、添加aliyun在线yum源。
添加源前,首先请做好备份/etc/yum.repos.d/CentOS-Base.repo
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
下面提供多个在线源供选择:
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.sohu.com/help/CentOS-Base-sohu.repo wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.163.com/.help/CentOS6-Base-163.repo
接下来就要安装几个必要的软件了:
[root@sample ~]# yum install -y lrzsz tree telnet [root@sample ~]# rpm -qa tree telnet lrzsz telnet-0.17-48.el6.x86_64 tree-1.5.3-3.el6.x86_64 lrzsz-0.12.20-27.1.el6.x86_64
2、关闭SELINUX和iptables
[root@sample ~]# sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config #修改配置文件则永久生效,但是必须要重启系统。 [root@sample ~]# setenforce 0 #临时生效命令 [root@sample ~]# getenforce #查看selinux当前状态 Permissive [root@sample ~]# /etc/init.d/iptables status #查看iptables的状态 Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) num target prot opt source destination #iptables off [root@sample ~]# chkconfig iptables off #取消开机自启动iptables [root@sample ~]# chkconfig --list|grep iptables iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off [root@sample ~]# /etc/init.d/iptables stop #临时停止iptables服务 iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Flushing firewall rules: [ OK ] iptables: Unloading modules: [ OK ] [root@sample ~]# /etc/init.d/iptables status iptables: Firewall is not running. #再次查看服务已没有运行。
3、添加普通用户并进行sudo授权管理
[root@sample ~]# useradd guest
4、定时自动更新服务器时间
[root@sample ~]# crontab -e
[root@sample ~]# crontab -l
#####sync time#####
*/5 * * * * /usr/sbin/ntpdate time.windows.com >/dev/null 2>&1
待续……………………