一些有趣的代码:自动配置时间服务(NTP)
如题,自动配置时间服务的脚本发布啦。
获取地址:
Github:https://github.com/adamhuan/linux-script/tree/master/NTP_server_install_config
OSChina:http://git.oschina.net/memorycache/open-linux-script/tree/master/NTP_server_install_config
拿到脚本后,根据自己的情况修改脚本中“ntp_server_ip”参数的值。
然后就可以执行了。
NTP的基础配置是固定的,写成脚本的好处是一次执行就可以完成后续的所有相关的一套工作。
1. 解放了双手,鼠标手、键盘手的发病率大大降低。
2. 避免了长时间在一大堆的配置文件中找需要的那几个单词,减缓了视力衰竭的速度。
3. 其他。
脚本执行时的呈现:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 |
[root@cobbler-master ~]# sh ntp_server.sh %%%%%%%%%%% start: Sat Mar 5 11:38:35 CST 2016 @@@ Linux: stop/disable iptables. @@@ Linux: disable SELinux @@@ YUM: install ntp*.rpm ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Loaded plugins: product-id, refresh-packagekit, security, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Setting up Install Process HighAvailability | 4.1 kB 00:00 ... ISO | 4.1 kB 00:00 ... LoadBalancer | 4.1 kB 00:00 ... ResilientStorage | 4.1 kB 00:00 ... ScalableFileSystem | 4.1 kB 00:00 ... Server | 4.1 kB 00:00 ... Could not get metalink https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=x86_64 error was 12: Timeout on https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=x86_64: (28, 'Operation too slow. Less than 1 bytes/sec transfered the last 30 seconds') Package ntp-4.2.6p5-1.el6.x86_64 already installed and latest version Nothing to do ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ---- ntpd: chkconfig on @@@ NTP - config: backup origin conf file ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@@ NTP - config: edit before everything @@@ file - /etc/ntp.conf: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -rw-r--r-- 1 root root 2981 2016-03-05 11:40 | /etc/ntp.conf ************* # For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). driftfile /var/lib/ntp/drift # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noquery # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 #restrict -6 ::1 # Hosts on local network are less restricted. #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). #server 0.rhel.pool.ntp.org iburst #server 1.rhel.pool.ntp.org iburst #server 2.rhel.pool.ntp.org iburst #server 3.rhel.pool.ntp.org iburst #broadcast 192.168.1.255 autokey # broadcast server #broadcastclient # broadcast client #broadcast 224.0.1.1 autokey # multicast server #multicastclient 224.0.1.1 # multicast client #manycastserver 239.255.254.254 # manycast server #manycastclient 239.255.254.254 autokey # manycast client # Enable public key cryptography. #crypto includefile /etc/ntp/crypto/pw # Key file containing the keys and key identifiers used when operating # with symmetric key cryptography. keys /etc/ntp/keys # Specify the key identifiers which are trusted. #trustedkey 4 8 42 # Specify the key identifier to use with the ntpdc utility. #requestkey 8 # Specify the key identifier to use with the ntpq utility. #controlkey 8 # Enable writing of statistics records. #statistics clockstats cryptostats loopstats peerstats # Adamhuan Edit # 需要新增的内容 # Restrict - 关闭所有NTP联机服务 #restrict default ignore # Restrict - Allow: IP(需要哪个IP访问NTP服务,可以本机,也可以是其他的主机) #restrict 127.0.0.1 restrict 192.168.232.130 # Restrict - Allow: Network(需要哪个网段的IP访问NTP服务) # 默认添加当前服务器IP所在的网段 restrict 192.168.232.0 mask 255.255.255.0 nomodify nopeer kod # 额外添加的网段 #eg: #restrict 192.168.130.0 mask 255.255.255.0 nomodify # Restrict - Deny - Network(不允许哪个网段的访问NTP服务) #eg: #restrict 192.168.2.0 mask 255.255.255.0 notrust # 允许任何IP的客户端访问时间服务 #restrict default nomodify notrap # 拒绝任何IP的客户端访问时间服务(除了明文允许的) # 方式一: #restrict default nomodify notrap noquery #restrict default notrust # 方式二: #restrict 0.0.0.0 mask 0.0.0.0 notrust # NTP - 服务器优先级(prefer最优先,其他的随意) # 默认当前时间服务器最优先 server 127.127.1.0 # local clock server 192.168.232.130 prefer # 额外的时间服务器 #eg: #server time-nw.nist.gov #server s1b.time.edu.cn # 结束 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Shutting down ntpd: [FAILED] Starting ntpd: [ OK ] @@@ NTP - status: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ---- ntp - version: ntpq 4.2.6p5@1.2349-o Mon Jul 15 09:22:55 UTC 2013 (1) ---- sleep 60, for ntp re-start done. *** NTP Service is not done. Please wait for a while. *** Current time: Sat Mar 5 11:40:15 CST 2016 ____ Time cost: 1 min. ____ Sleep [sec.]: 60 ---- ntpstat: synchronised to local net at stratum 6 time correct to within 7948 ms polling server every 64 s ---- ntpq remote refid st t when poll reach delay offset jitter ============================================================================== *LOCAL(0) .LOCL. 5 l 59 64 1 0.000 0.000 0.000 cobbler-master .INIT. 16 u - 64 0 0.000 0.000 0.000 %%%%%%%%%%% done: Sat Mar 5 11:41:15 CST 2016 [root@cobbler-master ~]# |
————————————————
Done。