在centOS 5 的系統安裝後如果是最小化安安裝第一步要配置yum:
cd /usr/local/src wget http://mirrors.ustc.edu.cn/fedora/epel//5/x86_64/epel-release-5-4.noarch.rpm rpm -ivh epel-release-5-4.noarch.rpm wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm rpm -ivh rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
或者也可以:
wget http://mirrors.163.com/.help/CentOS6-Base-163.repo mv CentOS6-Base-163.repo /etc/yum.repos.d/
安裝後如果你要安裝lnmp環境需要用yum安裝下面這些應該就可以了:
yum -y install lrzsz wget make apr* autoconf automake curl-devel gcc gcc-c++ zlib-devel openssl openssl-devel pcre-devel gd kernel keyutils patch perl kernel-headers compat* mpfr cpp glibc libgomp libstdc++-devel ppl cloog-ppl keyutils-libs-devel libcom_err-devel libsepol-devel libselinux-devel krb5-devel zlib-devel libXpm* freetype libjpeg* libpng* php-common php-gd ncurses* libtool* libxml2 libxml2-devel patch
在用yum安裝一些需要的的軟件之後:
#!/bin/sh PWD_PATH=`pwd` #set DNS > /etc/resolv.conf echo "nameserver 8.8.8.8" > /etc/resolv.conf echo "nameserver $IP[自定義]" >> /etc/resolv.conf echo "nameserver $IP[自定義]" >> /etc/resolv.conf #set hosts > /etc/hosts echo "127.0.0.1 localhost.localdomain localhost" > /etc/hosts #Disable SSH1 Protocol sed -i 's/#Protocol 2,1/Protocol 2/' /etc/ssh/sshd_config sed -i 's/#Port 22/Port [自定義]/' /etc/ssh/sshd_config chmod 600 /etc/ssh/sshd_config service sshd restart #Change System Level sed -i 's/id\:5/id\:3/g' /etc/inittab #Change Ulimit Size grep 65536 /etc/security/limits.conf if [ $? = 1 ];then echo "* soft nofile 655360" >> /etc/security/limits.conf echo "* hard nofile 655360" >> /etc/security/limits.conf echo "* soft nproc 65536" >> /etc/security/limits.conf echo "* hard nproc 65536" >> /etc/security/limits.conf else OPEN_FILE=`ulimit -n` echo "System Open File Size:'$OPEN_FILE'" echo "ulimit has change..." sleep 5 fi SYS_VER=`uname -m` if [ $SYS_VER = x86_64 ];then grep "pam_limits.so" /etc/pam.d/login if [ $? = 1 ];then echo "session required /lib64/security/pam_limits.so" >> /etc/pam.d/login else echo "/etc/pam.d/login has change ..." fi else grep "pam_limits.so" /etc/pam.d/login if [ $? = 1 ];then echo "session required /lib/security/pam_limits.so" >> /etc/pam.d/login else echo "/etc/pam.d/login has change ..." fi fi #Change stack size 1M STACK_SIZE=`ulimit -s` grep "ulimit -s 1024" /etc/profile if [ $? != 0 ];then sed -i '/ulimit\ -S\ -c\ 0/ a\ulimit -s 1024' /etc/profile source /etc/profile else echo "STACK_SIZE is Ture" fi #delete user echo "*************************************************************" echo "del user begin !!!!!!!!!!" echo "*************************************************************" userdel adm userdel lp userdel sync userdel shutdown userdel halt userdel news userdel uucp userdel operator userdel games userdel ftp groupdel adm groupdel lp groupdel news groupdel uucp groupdel dip echo "delete user finish!!!!!" #日誌文件的屬性設置 chattr +i /var/log/messages.* chattr +a /var/log/messages #禁用IP源路由,一般做NAT用的 for f in /proc/sys/net/ipv4/conf/*/accept_source_route do echo 0 >$f done #系統參數設定 cat >> /etc/sysctl.conf << EOF net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_syn_retries = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_fin_timeout = 1 net.ipv4.tcp_keepalive_time = 1200 net.ipv4.ip_local_port_range = 1024 65535 EOF /sbin/sysctl -p #Coles Service echo "*************************************************************" echo "Now we will shut down some unneccessary services in our server" echo "*************************************************************" service anacron stop service atd stop service autofs stop service cpuspeed stop service cups stop service gpm stop service isdn stop service kudzu stop service lvm2-monitor stop service netfs stop service nfslock stop service pcmcia stop service rawdevices stop service rhnsd stop service rpcidmapd stop service sendmail stop service smartd stop service mdmonitor stop service rpcgssd stop service xfs stop service portmap stop service avahi-daemon stop chkconfig --level 345 anacron off chkconfig --level 345 atd off chkconfig --level 345 autofs off chkconfig --level 345 cpuspeed off chkconfig --level 345 cups off chkconfig --level 345 gpm off chkconfig --level 345 isdn off chkconfig --level 345 kudzu off chkconfig --level 345 lvm2-monitor off chkconfig --level 345 netfs off chkconfig --level 345 nfslock off chkconfig --level 345 pcmcia off chkconfig --level 345 portmap off chkconfig --level 345 rawdevices off chkconfig --level 345 rhnsd off chkconfig --level 345 rpcidmapd off chkconfig --level 345 sendmail off chkconfig --level 345 smartd off chkconfig --level 345 mdmonitor off chkconfig --level 345 rpcgssd off chkconfig --level 345 xfs off chkconfig --level 345 avahi-daemon off sleep 3 #Other Setting chmod 700 /etc/security/console.apps/ chmod 700 /etc/init.d/ -R grep HISTSIZE /etc/profile if [ $? = 0 ];then sed -i 's/HISTSIZE=1000/HISTSIZE=30/g' /etc/profile else echo "histsize has change" fi grep "TMOUT=1800" /etc/profile if [ $? != 0 ];then sed -i '/HISTSIZE=30/ a\TMOUT=1800' /etc/profile source /etc/profile else echo "TMOUT has Change" fi