码迷,mamicode.com
首页 > 系统相关 > 详细

shell函数

时间:2018-05-07 23:03:29      阅读:239      评论:0      收藏:0      [点我收藏+]

标签:log   file   amp   crontab   top   dev   use   yum源   UI   

1、在了解shell函数之前,先来了解Linux中别名的作用

技术分享图片

函数就类似于别名的作用,简单的说函数就是将程序相同的代码块组合起来,并为其取一个名字(函数名),在需要调用的地方写上函数名即可,注意这点和Python里面的函数不一样,Python里面函数钓鱼用需要函数名+小括号,而shell函数只需名字即可

 

2、shell函数语法

function 函数名() {

     指令...

      return n

}

function可以不写

 

3、shell函数脚本--开发优化系统脚本

系统优化思路如下

1、安装系统时精简安装包

2、配置国内高速的yum源

3、禁用开机不需要的启动服务

4、优化系统内核参数 /etc/sysctl.conf

5、增加系统文件描述符

6、禁止root远程登录,修改ssh端口,配置ssh加速

7、有外网ip地址的配置防火墙,仅放行需要开启的服务,关闭selinux

8、配置服务器时间同步

9、初始化用户配置普通用户sudo权限

10、修改系统字符集等

[root@lamp01 scripts]# cat sys.sh
#!/bin/bash

#no.1
if [ $UID != 0 ];then
    echo "pls run this scripts must by root."
fi

. /etc/init.d/functions

#no.2

check_yum(){
    Base=/etc/yum.repos.d/CentOS-Base.repo
    if [ `grep aliyun $Base|wc -l` -ge 1  ];then
        action "$Base config" /bin/true
    else
        action "$Base config" /bin/false
    fi
}


#no.3
check_selinux(){
    config=/etc/selinux/config
    if [ `grep "SELINUX=disabled" $config|wc -l ` -ge 1  ];then
        action "$config config" /bin/true
    else
        action "$config config" /bin/false
    fi
}
#no.4
close_iptables(){
    /etc/init.d/iptables stop
    chkconfig iptables off
}

#no.5
check_service(){
    export LANG=en
    if [ `chkconfig|grep 3:on|egrep "crond|sshd|network|rsyslog|sysstat"|wc -l` -eq 5 ]
      then
        action "sys service init" /bin/true
    else
        action "sys service init" /bin/false
    fi

#no.6
adduser(){
    if [ $(grep -w martin123 /etc/passwd|wc -l) -lt 1 ];then
        useradd martin123
        echo 123456|passwd --stdin martin123
        \cp /etc/sudoers /etc/sudoers.ori
        echo "martin123  ALL=(ALL) NOPASSWD: ALL " >>/etc/sudoers
        visudo -c &>/dev/null
    fi
}

#no.7
charset(){
    cp /etc/sysconfig/i18n /etc/sysconfig/i18n.ori
    echo LANG="zh_CN.UTF-8"  >/etc/sysconfig/i18n
    source /etc/sysconfig/i18n
}
#no.8
time_sync(){
    cron=/var/spool/cron/root
    if [ `grep -w "ntpdate" $cron|wc -l` -lt 1 ];then
           echo #time sync by martin >>$cron
           echo */5 * * * * /usr/sbin/ntpdate time.nist.gov >/dev/null 2>&1 >>$cron
           #crontab -l
    fi
}
#no.9
line_set(){
    if [ `egrep "TMOUT|HISTSIZE|HISTFILESIZE" /etc/profile|wc -l` -lt 3  ];then
        echo export TMOUT=300 >>/etc/profile
        echo export HISTSIZE=5 >>/etc/profile
        echo export HISTFILESIZE=5 >>/etc/profile
        . /etc/profile
    fi
}

#no.10
check_open_file(){
    limits=/etc/security/limits.conf
    if [ `grep 65535 $limits|wc -l` -eq 1 ]
      then
        action "$limits" /bin/true
    else
        action "$limits" /bin/false
    fi

#no.11
kernet_set(){
    if [ `grep kernel_flag /etc/sysctl.conf|wc -l` -lt 1 ]
      then
        cat >>/etc/sysctl.conf<<EOF
        #kernel_flag
        net.ipv4.tcp_fin_timeout = 2
        net.ipv4.tcp_tw_reuse = 1
        net.ipv4.tcp_tw_recycle = 1
        net.ipv4.tcp_syncookies = 1
        net.ipv4.tcp_keepalive_time = 600
        net.ipv4.ip_local_port_range = 4000    65000
        net.ipv4.tcp_max_syn_backlog = 16384
        net.ipv4.tcp_max_tw_buckets = 36000
        net.ipv4.route.gc_timeout = 100
        net.ipv4.tcp_syn_retries = 1
        net.ipv4.tcp_synack_retries = 1
        net.core.somaxconn = 16384
        net.core.netdev_max_backlog = 16384
        net.ipv4.tcp_max_orphans = 16384
        net.nf_conntrack_max = 25000000
        net.netfilter.nf_conntrack_max = 25000000
        net.netfilter.nf_conntrack_tcp_timeout_established = 180
        net.netfilter.nf_conntrack_tcp_timeout_time_wait = 120
        net.netfilter.nf_conntrack_tcp_timeout_close_wait = 60
        net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 120
EOF
        sysctl -p
    fi
}

#no.12
init_ssh(){
    \cp /etc/ssh/sshd_config /etc/ssh/sshd_config.`date +"%Y-%m-%d_%H-%M-%S"`
    #sed -i s%#Port 22%Port 49721% /etc/ssh/sshd_config
    sed -i s%#PermitRootLogin yes%PermitRootLogin no% /etc/ssh/sshd_config
    sed -i s%#PermitEmptyPasswords no%PermitEmptyPasswords no% /etc/ssh/sshd_config
    sed -i s%#UseDNS yes%UseDNS no% /etc/ssh/sshd_config
    /etc/init.d/sshd reload &>/dev/null
}
#no.13
update_linux(){
    if [ `rpm -qa lrzsz nmap tree dos2unix nc|wc -l` -le 3 ];then
        yum install lrzsz nmap tree dos2unix nc -y
    fi

}

main(){
    check_yum
    check_selinux
    check_service
    check_open_file
    adduser
    line_set
    init_ssh
    update_linux
    kernet_set
    charset
    time_sync
    close_iptables
}
main

 

shell函数

标签:log   file   amp   crontab   top   dev   use   yum源   UI   

原文地址:https://www.cnblogs.com/hellojackyleon/p/9005055.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!