# Time sync

        yum install -y rdate

        /usr/bin/rdate -s time.bora.net




# yum.repo.d

        /usr/bin/yum install -y vim


        centos_ver=`/bin/cat /etc/redhat-release | awk '{print substr($3,1,1)}'`


        case "$centos_ver" in

                6)

                        /bin/rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

                        /bin/rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

                ;;

                5)

                        /bin/rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm

                        /bin/rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm

                ;;

                4)

                        /bin/rpm -Uvh http://dl.fedoraproject.org/pub/epel/4/i386/epel-release-4-10.noarch.rpm

                        /bin/rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-4.rpm

                ;;

        esac





# system service 
        all_services=`chkconfig --list | awk '{print $1}'`
        on_services="crond network rsyslog sshd kdump"

        for i in $all_services;
        do
                /sbin/chkconfig --level 2345 $i off
        done

        for h in $on_services;
        do
                /sbin/chkconfig --level 2345 $h on
        done




 # system default tool   
        yum_local_tool="setuptool openssh-clients rsync rdate telnet lsof"
        yum_admin_tool="glances sysstat iotop expect iptraf dmidecode cpulimit"
        yum_hack_patch="bash"
        yum_options="-y"

# snmp install
        yum_snmpd_tool="net-snmp*"

        echo ">> check system_default and install it"
        for dep in $yum_local_tool $yum_admin_tool $yum_snmpd_tool $yum_hack_patch ; do
                yum install ${yum_options} ${dep}
        done

        /sbin/chkconfig --level 23 snmpd on

        /bin/mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.$TDAY
        /usr/bin/wget http://10.0.0.10/system/snmpd.conf
        /bin/mv /root/src/snmpd.conf /etc/snmp/snmpd.conf

        /etc/init.d/snmpd start



# Hangul 
        yum groupinstall -y korean-support


# /etc/hosts.allw, hosts.deny (tcp_wapper)
        echo "" > /etc/hosts.allow
        echo "" > /etc/hosts.deny
        echo ""
        echo "ALL : 10.0.1." >> /etc/hosts.allow
        echo "ALL : 10.0.2." >> /etc/hosts.allow
        echo "ALL : 10.0.3." >> /etc/hosts.allow
        echo "ALL : 10.0.4." >> /etc/hosts.allow
        echo "ALL : 10.0.5." >> /etc/hosts.allow
        echo "ALL : 10.0.6." >> /etc/hosts.allow
        echo "ALL : ALL" >> /etc/hosts.deny



# system admin server Key input

        mkdir /root/.ssh/

        echo "ssh-rsa CCCCB3NzaC1yc2EAAAABIwAAAQEAwPPuh5y7XjgN11k03M+zq7jKL9pAt9bcGZ6axdLdGKUbgrMaL3C5tU6mq5OrClK26vrGfuWrF5jYs7UCE5YEXPhp11JkUthx434vdHHrdsH+iHa/W0Ub7Uajlt40Apc8FIvsNlIt8sJy9jkpT3Bzn+3Xfmtn/9MfyyDsoUqfe9w7tEAzHgYus/WJfNLhpCyiz4jKGL1OHoCwkhWAItRqSyLo4Y7uZPNs2sl9gKu7BOwk9tw3HdFr/UeZbpHEUc1H3c4oJnSicp72PWBDzK+DkI+Ps0ulFo4c5+t1jm+3+N90rmZjihq0tWocF23fqYPyBpANw25qFnAqQ9/fUh+9CQ== root@system-admin" >> /root/.ssh/authorized_keys



# User env

        /bin/mv /root/.bashrc /root/bashrc_$TDAY

        /usr/bin/wget http://10.0.0.10/system/bashrc_default

        /bin/cat /root/src/bashrc_default > /root/.bashrc


        source /root/.bashrc


#HOST env

        /bin/mv /etc/hosts /etc/hosts.$TDAY

        sed "s/$/ $HOSTNAME/" /etc/hosts.$TDAY > /etc/hosts

        ifconfig -a | grep "inet " | grep "Bcast:" | awk '{print $2}' | awk -F: '{print $2}' | sed "s/$/ $HOSTNAME/" >> /etc/hosts


# limit.conf

cat << EOF >> "/etc/security/limits.conf"


# Limit nofile config

* soft nofile 65536

* hard nofile 65536

EOF



# HISTTIMEFORMAT add
        echo "" >> /root/.bashrc
        echo "### HISTTIMEFORMAT ###" >> /root/.bashrc
        echo "HISTTIMEFORMAT=\"%F %T - \"" >> /root/.bashrc
        echo "export HISTTIMEFORMAT" >> /root/.bashrc

# selinux disabled
        /bin/sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
        /bin/sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
        /usr/sbin/setenforce 0

### time sync crontab

cat << EOF > /var/spool/cron/root

#################################################
*/30 * * * * /usr/bin/rdate -s time.bora.net && clock -w > /dev/null 2>&1
#################################################

EOF



'IT Study > script' 카테고리의 다른 글

zabbix 3.0 install scripts  (0) 2016.10.10
linux server default dependencies install  (0) 2016.05.09
expect  (0) 2016.05.09
file create shell scripts  (0) 2016.03.04
mysql schema backup scripts  (0) 2016.02.19

expect의 간단한 사용기


#!/usr/bin/expect -f


set target "[lindex $argv 0]"


spawn rsync -a -e ssh /usr/local/ant/ root@$target:/usr/local/ant/

expect -timeout 5  "*assword:"

send "root비밀번호\n"

sleep 2


expect eof


보통 rsync로 파일을 복사할때 위의 명령어를 실행하면 비밀번호를 물어보지만
expect에 걸린 저 내용에 send의 설정된 비밀번호를 자동으로 입력해줌

ssh key없이도 파일 복사가 가능

해당 스크립트 언어로 여러가지 자동화 작업을 가능하게 할수있음 

간단하게 메크로같은 기능임


'IT Study > script' 카테고리의 다른 글

linux server default dependencies install  (0) 2016.05.09
server default configure script  (0) 2016.05.09
file create shell scripts  (0) 2016.03.04
mysql schema backup scripts  (0) 2016.02.19
mysql table backup scripts  (0) 2016.02.19

+ Recent posts

티스토리툴바