Шпаргалка - действия после установки ОС

Удаление лишних пакетов

 # yum remove xorg-x11-xfs bind-* samba-* net-snmp-* xinetd portmap httpd-* iscsi-*


Правка файлов

/etc/ssh/sshd_config

Protocol 2
SyslogFacility AUTHPRIV
PermitRootLogin no
ChallengeResponseAuthentication no
PubkeyAuthentication yes
PasswordAuthentication no
PermitEmptyPasswords no
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
AllowUsers vukor

# if sftp needs, uncomment next string:
# Subsystem       sftp    /usr/libexec/sftp-server

/etc/sysconfig/iptables-config

IPTABLES_MODULES_UNLOAD="no"

/etc/sysconfig/network

nozeroconf=yes

/etc/profile

export LANG=ru_RU.utf8


Синхронизация времени

yum install ntp
chkconfig --level 3 ntpd on
service ntpd start

Проверка

# ntpq -c peer
remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
+195-88-120-5.pa 194.149.67.129   3 u   28  128  377   65.976    7.824   1.996
+hornet.itconnec 194.190.107.131  3 u  105  128  377   89.831    0.680   1.658
*ground.corbina. 192.43.244.18    2 u   41  128  377   90.651   12.219   2.143
LOCAL(0)        .LOCL.          10 l    2   64  377    0.000    0.000   0.001


atop

CentOS/RHEL 5

yum install atop tmpwatch
chkconfig --level 3 atop on
rm -f /etc/logrotate.d/atop
service atop start

CentOS/RHEL 6

rpm -Uvh http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
yum install atop tmpwatch
chkconfig --level 3 atop on
ln -s atop /usr/bin/atopsar
service atop start

Статистика

cd /var/log/atop
atopsar -D -r ./atop_20111114 -b 09:00 -e 09:30

crontab

@monthly        /usr/sbin/tmpwatch -m -f 744 /var/log/atop/ &> /dev/null


OpenVZ

/etc/vz/vz.conf

..
# Controls which interfaces to send ARP requests and modify APR tables on.
NEIGHBOUR_DEVS=all

..
## IPv4 iptables kernel modules to be enabled in CTs by default
#IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length"
IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state"
## IPv4 iptables kernel modules to be loaded by init.d/vz script
IPTABLES_MODULES="$IPTABLES"
..

Комментарии

 
blog/2011/11/18-шпаргалка_-_действия_после_установки_ос.txt · Последние изменения: 2012/06/29 10:56 — Антон Бугреев · []