#!/bin/bash
================================================================================================
##Set time
function chrony() {
cat >> /etc/chrony.conf << EOF
server 10.71.60.77 iburst
server 10.71.60.88 iburst
EOF
systemctl restart chronyd && systemctl enable chronyd
}
================================================================================================
##Disabled Selinux
function selinux() {
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0
}
================================================================================================
##Disabled firewalld
function close_firewalld() {
systemctl stop firewalld.service &> /dev/null
systemctl disable firewalld.service &> /dev/null
}
================================================================================================
##Set yum
function set_yum() {
mkdir /etc/yum.repos.d/bak
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak/
wget http://10.71.60.173/repo/epel.repo -O /etc/yum.repos.d/epel.repo
wget http://10.71.60.173/repo/os_7-4.repo -O /etc/yum.repos.d/os_7-4.repo
yum clean all && yum repolist &> /dev/null
}
================================================================================================
##Set ssh
function set_ssh() {
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.`date+%F`
sed -i 's/^GSSAPIAuthentication yes/GSSAPIAuthentication no/' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
sed -i 's/#PermitEmptyPasswords no/PermitEmptyPasswords no/g' /etc/ssh/sshd_config
systemctl restart sshd & systemctl enable sshd
}
================================================================================================
##Disabled ctrl+alt+del
function c_a_d() {
systemctl mask ctrl-alt-del.target
}
================================================================================================
##Set ulimit
fuction set_ulimit() {
cat >> /etc/security/limits.conf << EOF
* soft nofile 4096
* hard nofile 4096
EOF
}
================================================================================================
##Disabled useless app
fuction disabled_useless_app() {
systemctl stop postfix && yum remove postfix -y
systemctl stop NetworkManager && systemctl disable NetworkManager
}
================================================================================================
function init() {
chrony;
selinux;
close_firewalld;
set_yum;
set_ssh;
c_a_d;
set_ulimit;
disabled_useless_app;
}
init