- 禁用 firewalld
systemctl stop firewalld
systemctl disable firewalld
- 禁用 NetworkManager
systemctl stop NetworkManager
systemctl disable NetworkManager
- 禁用 postfix
systemctl stop postfix
systemctl disable postfix
- 如果不用 NFS,可以禁用 rpcbind
systemctl stop rpcbind
systemctl disable rpcbind
- 禁用 selinux,可能需要重啓操作系統
sed -i '/^SELINUX=/cSELINUX=disabled' /etc/selinux/config
setenforce 0
# 可能需要重啓
- 配置網卡靜態地址
cd /etc/sysconfig/network-scripts
sed -i -e '/^BOOTPROTO/d' -e '/^ONBOOT/d' \
-e '/^IPADDR/d' -e '/^NETMASK/d' -e '/^PREFIX/d' \
-e '/^GATEWAY/d' -e '/^DNS/d' ${ifcfg}
cat >> ${ifcfg} <<-END
ONBOOT=yes
BOOTPROTO=static
IPADDR=${ip}
PREFIX=${mask}
GATEWAY=${gw}
DNS1=${dns}
END
systemctl restart network
- 修改 sysctl.conf
sed -i -e '/^net.ipv4.tcp_syncookies/d' \
-e '/^net.ipv4.tcp_tw_reuse/d' \
-e '/^net.ipv4.tcp_tw_recycle/d' \
-e '/^net.ipv4.tcp_fin_timeout/d' /etc/sysctl.conf
cat >> /etc/sysctl.conf <<-END
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 8
END
sysctl -p
- 修改主機名
hostnamectl set-hostname ${hostname}
sed -i "/[ \t]\+${hostname}[ \t]*$/d" /etc/hosts
echo "${ip} ${hostname}" >> /etc/hosts
- 禁用 sshd 域名解析
sed -i '/UseDNS/d' /etc/ssh/sshd_config
echo 'UseDNS no' >> /etc/ssh/sshd_config
- 刪除可能存在的 TMOUT 環境變量
sed -i '/^export[ \t]\+TMOUT=/d' /etc/profile
- 配置 history 命令數量和執行時間
echo 'export HISTSIZE=10000' > /etc/profile.d/history.sh
echo 'export HISTTIMEFORMAT="[%F %T] "' >> /etc/profile.d/history.sh
- 修改時間同步服務器地址
sed -i '/^server /d' /etc/chrony.conf
echo "server ${ip|domain} iburst" >> /etc/chrony.conf