1. Introduction
As an operation and maintenance person, we often deploy operating systems for various purposes. However, in these tasks, we will find that many tasks are actually repetitive labor, and the content of the operations is similar. Based on this type of work, In this case, we can make the same operation into a script for unified execution, and different things can be entered manually as variables. Can’t the time saved be used to do more meaningful things?Recently, I found a relatively easy-to-use shell source code based on the recommendation of fans. I adapted it based on this and shared it with everyone.
2. Menu
Main menu:
Secondary menu:
# Mainly realizes various optimizations of the system, such as commonly used functions such as modifying character sets, turning off selinux, turning off firewalls, installing commonly used tools, and accelerating SSH login. .
牛逼啊!接私活必备的 N 个开源项目!赶快收藏吧
3. Source code
#!/bin/sh
. /etc/rc.d/init.d/functions
export LANG=zh_CN.UTF-8
#一级菜单
menu1()
{
clear
cat <<eof
----------------------------------------
|**** 欢迎使用cetnos7.9优化脚本 ****|
|**** 博客地址: aaa.al ****|
----------------------------------------
1. 一键优化
2. 自定义优化
3. 退出
EOF
read -p "please enter your choice[1-3]:" num1
}
#二级菜单
menu2()
{
clear
cat <<eof
----------------------------------------
|****Please Enter Your Choice:[0-13]****|
----------------------------------------
1. 修改字符集
2. 关闭selinux
3. 关闭firewalld
4. 精简开机启动
5. 修改文件描述符
6. 安装常用工具及修改yum源
7. 优化系统内核
8. 加快ssh登录速度
9. 禁用ctrl+alt+del重启
10.设置时间同步
11.history优化
12.返回上级菜单
13.退出
EOF
read -p "please enter your choice[1-13]:" num2
}
#1.修改字符集
localeset()
{
echo "========================修改字符集========================="
cat > /etc/locale.conf <<eof
LANG="zh_CN.UTF-8"
#LANG="en_US.UTF-8"
SYSFONT="latarcyrheb-sun16"
EOF
source /etc/locale.conf
echo "#cat /etc/locale.conf"
cat /etc/locale.conf
action "完成修改字符集" /bin/true
echo "==========================================================="
sleep 2
}
#2.关闭selinux
selinuxset()
{
selinux_status=`grep "SELINUX=disabled" /etc/sysconfig/selinux | wc -l`
echo "========================禁用SELINUX========================"
if [ $selinux_status -eq 0 ];then
sed -i "s#SELINUX=enforcing#SELINUX=disabled#g" /etc/sysconfig/selinux
setenforce 0
echo '#grep SELINUX=disabled /etc/sysconfig/selinux'
grep SELINUX=disabled /etc/sysconfig/selinux
echo '#getenforce'
getenforce
else
echo 'SELINUX已处于关闭状态'
echo '#grep SELINUX=disabled /etc/sysconfig/selinux'
grep SELINUX=disabled /etc/sysconfig/selinux
echo '#getenforce'
getenforce
fi
action "完成禁用SELINUX" /bin/true
echo "==========================================================="
sleep 2
}
#3.关闭firewalld
firewalldset()
{
echo "=======================禁用firewalld========================"
systemctl stop firewalld.service &> /dev/null
echo '#firewall-cmd --state'
firewall-cmd --state
systemctl disable firewalld.service &> /dev/null
echo '#systemctl list-unit-files | grep firewalld'
systemctl list-unit-files | grep firewalld
action "完成禁用firewalld,生产环境下建议启用!" /bin/true
echo "==========================================================="
sleep 5
}
#4.精简开机启动
chkset()
{
echo "=======================精简开机启动========================"
systemctl disable auditd.service
systemctl disable postfix.service
systemctl disable dbus-org.freedesktop.NetworkManager.service
echo '#systemctl list-unit-files | grep -E "auditd|postfix|dbus-org\.freedesktop\.NetworkManager"'
systemctl list-unit-files | grep -E "auditd|postfix|dbus-org\.freedesktop\.NetworkManager"
action "完成精简开机启动" /bin/true
echo "==========================================================="
sleep 2
}
#5.修改文件描述符
limitset()
{
echo "======================修改文件描述符======================="
echo '* - nofile 65535'>/etc/security/limits.conf
ulimit -SHn 65535
echo "#cat /etc/security/limits.conf"
cat /etc/security/limits.conf
echo "#ulimit -Sn ; ulimit -Hn"
ulimit -Sn ; ulimit -Hn
action "完成修改文件描述符" /bin/true
echo "==========================================================="
sleep 2
}
#6.安装常用工具及修改yum源
yumset()
{
echo "=================安装常用工具及修改yum源==================="
yum install wget -y &> /dev/null
if [ $? -eq 0 ];then
cd /etc/yum.repos.d/
\cp CentOS-Base.repo CentOS-Base.repo.$(date +%F)
ping -c 1 mirrors.aliyun.com &> /dev/null
if [ $? -eq 0 ];then
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo &> /dev/null
yum clean all &> /dev/null
yum makecache &> /dev/null
else
echo "无法连接网络"
exit $?
fi
else
echo "wget安装失败"
exit $?
fi
yum -y install ntpdate lsof net-tools telnet vim lrzsz tree nmap nc sysstat &> /dev/null
action "完成安装常用工具及修改yum源" /bin/true
echo "==========================================================="
sleep 2
}
#7. 优化系统内核 #另外,搜索公众号技术社区后台回复“壁纸”,获取一份惊喜礼包。kernelset()
{
echo "======================优化系统内核========================="
chk_nf=`cat /etc/sysctl.conf | grep conntrack |wc -l`
if [ $chk_nf -eq 0 ];then
cat >>/etc/sysctl.conf<<eof
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.ip_local_port_range = 4000 65000
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 0
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 16384
net.ipv4.tcp_max_orphans = 16384
net.netfilter.nf_conntrack_max = 25000000
net.netfilter.nf_conntrack_tcp_timeout_established = 180
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120
EOF
sysctl -p
else
echo "优化项已存在。"
fi
action "内核调优完成" /bin/true
echo "==========================================================="
sleep 2
}
#8.加快ssh登录速度
sshset()
{
echo "======================加快ssh登录速度======================"
sed -i 's#^GSSAPIAuthentication yes$#GSSAPIAuthentication no#g' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
systemctl restart sshd.service
echo "#grep GSSAPIAuthentication /etc/ssh/sshd_config"
grep GSSAPIAuthentication /etc/ssh/sshd_config
echo "#grep UseDNS /etc/ssh/sshd_config"
grep UseDNS /etc/ssh/sshd_config
action "完成加快ssh登录速度" /bin/true
echo "==========================================================="
sleep 2
}
#9. 禁用ctrl+alt+del重启
restartset()
{
echo "===================禁用ctrl+alt+del重启===================="
rm -rf /usr/lib/systemd/system/ctrl-alt-del.target
action "完成禁用ctrl+alt+del重启" /bin/true
echo "==========================================================="
sleep 2
}
#10. 设置时间同步
ntpdateset()
{
echo "=======================设置时间同步========================"
yum -y install ntpdate &> /dev/null
if [ $? -eq 0 ];then
/usr/sbin/ntpdate time.windows.com
echo "*/5 * * * * /usr/sbin/ntpdate ntp.aliyun.com &>/dev/null" >> /var/spool/cron/root
else
echo "ntpdate安装失败"
exit $?
fi
action "完成设置时间同步" /bin/true
echo "==========================================================="
sleep 2
}
#11. history优化
historyset()
{
echo "========================history优化========================"
chk_his=`cat /etc/profile | grep HISTTIMEFORMAT |wc -l`
if [ $chk_his -eq 0 ];then
cat >> /etc/profile <<'EOF'
#设置history格式
export HISTTIMEFORMAT="[%Y-%m-%d %H:%M:%S] [`whoami`] [`who am i|awk '{print $NF}'|sed -r 's#[()]##g'`]: "
#记录shell执行的每一条命令
export PROMPT_COMMAND='\
if [ -z "$OLD_PWD" ];then
export OLD_PWD=$PWD;
fi;
if [ ! -z "$LAST_CMD" ] && [ "$(history 1)" != "$LAST_CMD" ]; then
logger -t `whoami`_shell_dir "[$OLD_PWD]$(history 1)";
fi;
export LAST_CMD="$(history 1)";
export OLD_PWD=$PWD;'
EOF
source /etc/profile
else
echo "优化项已存在。"
fi
action "完成history优化" /bin/true
echo "==========================================================="
sleep 2
}
#控制函数
main()
{
menu1
case $num1 in
1)
localeset
selinuxset
firewalldset
chkset
limitset
yumset
kernelset
sshset
restartset
ntpdateset
historyset
;;
2)
menu2
case $num2 in
1)
localeset
;;
2)
selinuxset
;;
3)
firewalldset
;;
4)
chkset
;;
5)
limitset
;;
6)
yumset
;;
7)
kernelset
;;
8)
sshset
;;
9)
restartset
;;
10)
ntpdateset
;;
11)
historyset
;;
12)
main
;;
13)
exit
;;
*)
echo 'Please select a number from [1-13].'
;;
esac
;;
3)
exit
;;
*)
echo 'Err:Please select a number from [1-3].'
sleep 3
main
;;
esac
}
main $*Save it as init.sh, then grant execution permission and execute it.
chmod +x init.sh && ./init.sh
If it is troublesome to copy and paste back and forth like this, you can also execute it through my one-click command, which can also achieve the above effect:
bash -c "$(curl -L s.aaa.al/init.sh)"
Finally, if you have any functions you want to implement, It can also be modified and implemented based on the original script.
The above is the detailed content of CentOS 7 system optimization script. For more information, please follow other related articles on the PHP Chinese website!
The Reasons for CentOS's Shutdown: A Detailed AnalysisMay 03, 2025 am 12:05 AMRedHat shut down CentOS8.x and launches CentOSStream because it hopes to provide a platform closer to the RHEL development cycle through the latter. 1. CentOSStream, as the upstream development platform of RHEL, adopts a rolling release mode. 2. This transformation aims to enable the community to get exposure to new RHEL features earlier and provide feedback to accelerate the RHEL development cycle. 3. Users need to adapt to changing systems and reevaluate system requirements and migration strategies.
CentOS: The Advantages of Using This Linux DistroMay 02, 2025 am 12:10 AMCentOS stands out among enterprise Linux distributions because of its stability, security, community support and enterprise application advantages. 1. Stability: The update cycle is long and the software package has been strictly tested. 2. Security: Inherit the security features of RHEL, update and announce in a timely manner. 3. Community support: a huge community and detailed documentation to respond to problems quickly. 4. Enterprise applications: Support container technologies such as Docker, suitable for modern application deployment.
Comparing CentOS Replacements: Features and BenefitsMay 01, 2025 am 12:05 AMAlternatives to CentOS include AlmaLinux, RockyLinux, and OracleLinux. 1.AlmaLinux provides RHEL compatibility and community-driven development. 2. RockyLinux emphasizes enterprise-level support and long-term maintenance. 3. OracleLinux provides Oracle-specific optimization and support. These alternatives have similar stability and compatibility to CentOS, and are suitable for users with different needs.
CentOS vs. Other Linux Distributions: A ComparisonApr 30, 2025 am 12:07 AMCentOS is suitable for enterprise and server environments due to its stability and long life cycle. 1.CentOS provides up to 10 years of support, suitable for scenarios that require stable operation. 2.Ubuntu is suitable for environments that require quick updates and user-friendly. 3.Debian is suitable for developers who need pure and free software. 4.Fedora is suitable for users who like to try the latest technologies.
CentOS's Departure: Choosing the Right AlternativeApr 29, 2025 am 12:04 AMAlternatives to CentOS include AlmaLinux, RockyLinux, and OracleLinux. 1.AlmaLinux and RockyLinux rebuild RHEL 1:1, providing high stability and compatibility, suitable for enterprise environments. 2. OracleLinux provides high performance through UEK, suitable for users who are familiar with the Oracle technology stack. 3. When choosing, stability, community support and package management should be considered.
CentOS's Replacement: Exploring the New OptionsApr 28, 2025 am 12:17 AMCentOS alternatives include RockyLinux, AlmaLinux, and OracleLinux. 1. RockyLinux and AlmaLinux provide stable distributions compatible with RHEL, suitable for users who need long-term support. 2. CentOSStream is suitable for users who focus on new features and development cycles. 3. OracleLinux is suitable for users who need enterprise-level support.
Replacing CentOS: Identifying Suitable ReplacementsApr 27, 2025 am 12:04 AMCentOS needs alternatives because CentOSStream no longer provides long-term support. Alternative options include: 1. RockyLinux, which provides 10 years of life cycle support, suitable for users who need stability. 2.AlmaLinux also provides 10 years of support and has strong community support. 3. OracleLinux, provides RHEL-compatible version, and flexible life cycle management.
The End of CentOS: Evaluating the ImpactApr 26, 2025 am 12:03 AMThe end of CentOS has had a significant impact on users, with users having the option of RHEL, AlmaLinux, Debian or Ubuntu as alternatives. 1. The migration cost is high, requiring time and money. 2. Community division affects open source projects. 3.RHEL provides commercial support, but it is costly. 4.AlmaLinux is similar to CentOS and has low migration costs. 5. Debian and Ubuntu need more time to adapt.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SublimeText3 Chinese version
Chinese version, very easy to use
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
