--- title: "CentOS7 笔记" date: 2019-10-30T10:58:18+08:00 lastmod: 2019-10-30T10:58:18+08:00 keywords: [] tags: ["centos"] categories: ["os"] --- # 常用初始配置 - 系统更新 ```bash yum update ``` - 禁用 firewalld ```bash systemctl stop firewalld systemctl disable firewalld ``` - 禁用 NetworkManager ```bash systemctl stop NetworkManager systemctl disable NetworkManager ``` - 禁用 postfix ```bash systemctl stop postfix systemctl disable postfix ``` - 如果不用 NFS,可以禁用 rpcbind ```bash systemctl stop rpcbind systemctl disable rpcbind ``` - 禁用 selinux,可能需要重启操作系统 ```bash sed -i '/^SELINUX=/cSELINUX=disabled' /etc/selinux/config setenforce 0 # 可能需要重启 ``` - 配置网卡静态地址 ```bash cd /etc/sysconfig/network-scripts sed -i -e '/^BOOTPROTO/d' -e '/^ONBOOT/d' \ -e '/^IPADDR/d' -e '/^NETMASK/d' -e '/^PREFIX/d' \ -e '/^GATEWAY/d' -e '/^DNS/d' ${ifcfg} cat >> ${ifcfg} <<-END ONBOOT=yes BOOTPROTO=static IPADDR=${ip} PREFIX=${mask} GATEWAY=${gw} DNS1=${dns} END systemctl restart network ``` - 修改 sysctl.conf ```bash cat >> /etc/sysctl.conf <<-END # 防止一个套接字在有过多试图连接到达时引起过载 net.ipv4.tcp_syncookies = 1 # 连接队列的长度,默认值为128 net.core.somaxconn = 1024 # timewait的超时时间,设置短一些 net.ipv4.tcp_fin_timeout = 10 # os直接使用timewait的连接 net.ipv4.tcp_tw_reuse = 1 # 回收timewait连接 net.ipv4.tcp_tw_recycle = 1 END sysctl -p ``` - 修改主机名 ```bash hostnamectl set-hostname ${hostname} sed -i "/[ \t]\+${hostname}[ \t]*$/d" /etc/hosts echo "${ip} ${hostname}" >> /etc/hosts ``` - 禁用 sshd 域名解析 ```bash sed -i '/UseDNS/d' /etc/ssh/sshd_config echo 'UseDNS no' >> /etc/ssh/sshd_config ``` - 删除可能存在的 TMOUT 环境变量 ```bash sed -i '/^export[ \t]\+TMOUT=/d' /etc/profile ``` - 配置 history 命令数量和执行时间 ```bash echo 'export HISTSIZE=10000' > /etc/profile.d/history.sh echo 'export HISTTIMEFORMAT="[%F %T] "' >> /etc/profile.d/history.sh ``` - 修改时间同步服务器地址 ```bash sed -i '/^server /d' /etc/chrony.conf echo "server ${ip|domain} iburst" >> /etc/chrony.conf ``` - 修改 rsyslog 服务的时间格式 ```bash cat > /etc/rsyslog.d/custom.conf <