Linux系统初始化init for Centos 7

• 目录

  • 1. 防火墙与selinux配置关闭
  • 2. 更换镜像源
  • 3. 安装基础包
  • 4. 环境配置
  • 5. 本地源快速配置
  • 6. ssh配置
  • 7. 记录所有用户的登录和操作日志 for centos

1. 防火墙与selinux配置关闭

sed -i.bak "/SELINUX/s/enforcing/disabled/g" /etc/selinux/config && \
setenforce 0 && \
systemctl disable --now firewalld

2. 更换镜像源

mkdir /etc/yum.repos.d/old 
mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/old/ && \
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

3. 安装基础包

yum -y install net-tools wget curl vim dnf
sysstat "Development Tool" openssl-devel libnl3-devel net-snmp-devel gcc gcc-c++ ncurses-devel make  # 常用软件编译包

4. 环境配置

cat >> /etc/profile << eof
PS1='\e[1;37m[$? \e[m\e[1;32m\u\e[m\e[1;33m@\e[m\e[1;35m\H\e[m \e[4m`pwd`\e[m\e[1;37m]\e[m\e[1;36m\e[m \$'
#PS1='\[\033[01;33;1m\]\u@\h\[\033[00m\]:\[\033[01;31m\]\w\[\033[00m\]#\[\e[m\]'
export LANG="en_US.UTF-8"
export HISTTIMEFORMAT="%F %T `whoami` "
eof

\n\e[1;37m[\e[m\e[1;37m\u\e[m\e[1;37m@\e[m\e[1;37m\H\e[m \e[1;37m`pwd`\e[m\e[1;37m]\e[m\e[1;37m\e[m \e[3;31m[Stack]\e[m\n$

5. 本地源快速配置

cat /etc/yum.repos.d/internal.repo
[local-repo]
name=internal yum
baseurl=http://172.16.0.8:8089/
enabled=1
priority=1
gpgcheck=0
gpgkey=http://172.16.0.8:8089/release.asc

#echo "/dev/sr0    /media    iso9660    defaults    0    0" >> /etc/fstab
mount /dev/sr0 /media
yum -y install --enablerepo=local-repo tmux wget curl  wget bash-completion vim net-tools
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum clean all
yum makecache fast

6. ssh配置

#  /etc/ssh/sshd_config
PermitRootLogin yes
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication no
GSSAPIAuthentication no
GSSAPICleanupCredentials no
UseDNS no
UsePAM yes

# systemctl restart sshd

7. 记录所有用户的登录和操作日志 for centos

# vi /etc/profile
history
USER=`whoami`
USER_IP=`who -u am i 2>/dev/null| awk '{print $NF}'|sed -e 's/[()]//g'`
if [ "$USER_IP" = "" ]; then
    USER_IP=`hostname`
fi
if [ ! -d /var/log/history ]; then
    mkdir /var/log/history
    chmod 777 /var/log/history
fi
if [ ! -d /var/log/history/${LOGNAME} ]; then
    mkdir /var/log/history/${LOGNAME}
    chmod 300 /var/log/history/${LOGNAME}
fi
export HISTSIZE=4096
DT=`date +"%Y%m%d_%H:%M:%S"`
export HISTFILE="/var/log/history/${LOGNAME}/${USER}@${USER_IP}_$DT"
chmod 600 /var/log/history/${LOGNAME}/*history* 2>/dev/null

###
export HISTTIMEFORMAT="[%Y.%m.%d %H:%M:%S]"
USER_IP=`who -u am i 2>/dev/null| awk '{print $NF}'|sed -e 's/[()]//g'`
HISTDIR=/var/log/.hist
if [ -z $USER_IP ]
then
USER_IP=`hostname`
fi
if [ ! -d $HISTDIR ]
then
mkdir -p $HISTDIR
chmod 777 $HISTDIR
fi
if [ ! -d $HISTDIR/${LOGNAME} ]
then
mkdir -p $HISTDIR/${LOGNAME}
chmod 300 $HISTDIR/${LOGNAME}
fi
export HISTSIZE=4096
DT=`date +%Y%m%d_%H%M%S`
export HISTFILE="$HISTDIR/${LOGNAME}/${USER_IP}.hist.$DT"
chmod 600 $HISTDIR/${LOGNAME}/*.hist* 2>/dev/null


# 每次用户退出后都会产生以用户名、登录IP、时间的文件，里面包含此用户本次的所以操作

• https://www.cnblogs.com/nulige/p/7607464.html