#!/bin/bash

####关闭不必要的TTY  ps aux|grep tty

cp /etc/init/start-ttys.conf /etc/init/start-ttys.conf.bak

echo "cp /etc/init/start-ttys.conf /etc/init/start-ttys.conf.bk"

sed -i "s/tty\[1-6\]/tty\[1-2\]/" /etc/init/start-ttys.conf

cp /etc/sysconfig/init /etc/sysconfig/init.bak

echo "cp /etc/sysconfig/init /etc/sysconfig/init.bk"

####内核调优

cp /etc/sysctl.conf /etc/sysctl.conf.bk

#echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf

echo "net.ipv4.tcp_tw_reuse = 1" >> /etc/sysctl.conf

echo "net.ipv4.tcp_tw_recycle = 1" >> /etc/sysctl.conf

sysctl -p

####最大文件打开数

cp /etc/security/limits.conf /etc/security/limits.conf.bk

echo "* soft nofile 65536" >> /etc/security/limits.conf

echo "* hard nofile 65536" >> /etc/security/limits.conf

####开机启动网卡

for eth in `ls /etc/sysconfig/network-scripts/ifcfg-eth*`; 

do

sed -i "s/ONBOOT=no/ONBOOT=yes/" $eth

done

####关闭写磁盘I/O

#vi /etc/fstab

#/dev/sad /data ext4 noatiome,nodiratime 0 0

####关闭SSH空密码 DNS反向解析

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bk

echo "cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bk"

sed -i "s/#PermitEmptyPasswords no/PermitEmptyPasswords no/" /etc/ssh/sshd_config

sed -i "s/#UseDNS yes/UseDNS no/" /etc/ssh/sshd_config

####