Tuesday, August 18, 2009

Centos miminal services running

SkyHi @ Tuesday, August 18, 2009
Mini-Howto to Free Resources on a Server

This will improve the performance of a system by disabling unneeded services. Another benefit is reduced hardware requirements for your server.

This is for a minimal install of CentOS 5 but will be nearly identical for any Red Hat-based distro and similar for most Linux distros.
Methodology

* Perform minimal OS installations
* Install additional software as needed after installation
* Minimal installations are more secure
* Minimal installations reduce the number of packages requiring updates
* No graphical environment needed on servers (generally)
* Single CD installation instead of multiple CDs or a DVD

Limiting the Number of Running Services

Here is a list of services (daemons) to help you decide what to axe. Here is another list.

After performing a minimal installation, the machine reboots. When you login disable as many services as possible with the following commands:

chkconfig anacron off
chkconfig apmd off
chkconfig atd off
chkconfig autofs off
chkconfig cpuspeed off
chkconfig cups off
chkconfig cups-config-daemon off
chkconfig gpm off
chkconfig isdn off
chkconfig netfs off
chkconfig nfslock off
chkconfig openibd off
chkconfig pcmcia off
chkconfig portmap off
chkconfig rawdevices off
chkconfig readahead_early off
chkconfig rpcgssd off
chkconfig rpcidmapd off
chkconfig smartd off
chkconfig xfs off
chkconfig ip6tables off
chkconfig avahi-daemon off
chkconfig firstboot off
chkconfig yum-updatesd off
chkconfig sendmail off
chkconfig mcstrans off
chkconfig pcscd off
chkconfig bluetooth off
chkconfig hidd off

The next group of services is more useful to servers in some circumstances.

* xinetd
o may be needed for some servers
* acpid
o needed for power button to shut down server gently
* microcode_ctl
o not needed on AMD machines
* irqbalance
o not needed unless running SMP
o multiple cores, multiple processors, hyperthreading
* haldaemon and messagebus
o support for plug and play devices
* mdmonitor
o

not needed unless running software RAID

Evaluate their worth even more closely before disabling them.

chkconfig xinetd off
chkconfig acpid off
chkconfig microcode_ctl off
chkconfig irqbalance off
chkconfig haldaemon off
chkconfig messagebus off
chkconfig mdmonitor off

Run the following to see what else is enabled:

chkconfig --list |grep "3:on" |awk '{print $1}' |sort

If you want to compare the list before and after, you can:

chkconfig --list |grep "3:on" |awk '{print $1}' |sort > before

and

chkconfig --list |grep "3:on" |awk '{print $1}' |sort > after

run the block of chkconfig commands, then

diff before after

On one machine the above command lists:

auditd
crond
iptables
kudzu
network
restorecond
sshd
syslog

anacron and kudzu only run at startup and will not stay loaded when finished.
Virtual Terminals

You may also minimize on virtual terminals. The default is six virtual terminals. You can probably do with two.

To disable them, edit the /etc/inittab file and comment out the ones that you don't want running like this:

# Run gettys in standard runlevels
1:2345:respawn:/sbin/mingetty tty1
2:2345:respawn:/sbin/mingetty tty2
#3:2345:respawn:/sbin/mingetty tty3
#4:2345:respawn:/sbin/mingetty tty4
#5:2345:respawn:/sbin/mingetty tty5
#6:2345:respawn:/sbin/mingetty tty6

Updating and Rebooting

On any new install, it is a good idea to run "yum update" and then reboot the machine to apply the latest security and software updates.

It's a good idea to reboot after the update to make sure that the system comes up properly.



chkconfig -list |grep “3:on” |awk ‘{print $1}’ |sort > before

and

chkconfig -list |grep “3:on” |awk ‘{print $1}’ |sort > after



Reference: http://www.sonoracomm.com/support/18-support/114-minimal-svcs

http://www.owlriver.com/tips/tiny-centos/