This will improve the performance of a system by disabling unneeded services. Another benefit is reduced hardware requirements for your server.
This is for a minimal install of CentOS 5 but will be nearly identical for any Red Hat-based distro and similar for most Linux distros.
Methodology
* Perform minimal OS installations
* Install additional software as needed after installation
* Minimal installations are more secure
* Minimal installations reduce the number of packages requiring updates
* No graphical environment needed on servers (generally)
* Single CD installation instead of multiple CDs or a DVD
Limiting the Number of Running Services
Here is a list of services (daemons) to help you decide what to axe. Here is another list.
After performing a minimal installation, the machine reboots. When you login disable as many services as possible with the following commands:
chkconfig anacron off
chkconfig apmd off
chkconfig atd off
chkconfig autofs off
chkconfig cpuspeed off
chkconfig cups off
chkconfig cups-config-daemon off
chkconfig gpm off
chkconfig isdn off
chkconfig netfs off
chkconfig nfslock off
chkconfig openibd off
chkconfig pcmcia off
chkconfig portmap off
chkconfig rawdevices off
chkconfig readahead_early off
chkconfig rpcgssd off
chkconfig rpcidmapd off
chkconfig smartd off
chkconfig xfs off
chkconfig ip6tables off
chkconfig avahi-daemon off
chkconfig firstboot off
chkconfig yum-updatesd off
chkconfig sendmail off
chkconfig mcstrans off
chkconfig pcscd off
chkconfig bluetooth off
chkconfig hidd off
The next group of services is more useful to servers in some circumstances.
* xinetd
o may be needed for some servers
* acpid
o needed for power button to shut down server gently
* microcode_ctl
o not needed on AMD machines
* irqbalance
o not needed unless running SMP
o multiple cores, multiple processors, hyperthreading
* haldaemon and messagebus
o support for plug and play devices
* mdmonitor
o
not needed unless running software RAID
Evaluate their worth even more closely before disabling them.
chkconfig xinetd off
chkconfig acpid off
chkconfig microcode_ctl off
chkconfig irqbalance off
chkconfig haldaemon off
chkconfig messagebus off
chkconfig mdmonitor off
Run the following to see what else is enabled:
chkconfig --list |grep "3:on" |awk '{print $1}' |sort
If you want to compare the list before and after, you can:
chkconfig --list |grep "3:on" |awk '{print $1}' |sort > before
and
chkconfig --list |grep "3:on" |awk '{print $1}' |sort > after
run the block of chkconfig commands, then
diff before after
On one machine the above command lists:
auditd
crond
iptables
kudzu
network
restorecond
sshd
syslog
anacron and kudzu only run at startup and will not stay loaded when finished.
Virtual Terminals
You may also minimize on virtual terminals. The default is six virtual terminals. You can probably do with two.
To disable them, edit the /etc/inittab file and comment out the ones that you don't want running like this:
# Run gettys in standard runlevels
1:2345:respawn:/sbin/mingetty tty1
2:2345:respawn:/sbin/mingetty tty2
#3:2345:respawn:/sbin/mingetty tty3
#4:2345:respawn:/sbin/mingetty tty4
#5:2345:respawn:/sbin/mingetty tty5
#6:2345:respawn:/sbin/mingetty tty6
Updating and Rebooting
On any new install, it is a good idea to run "yum update" and then reboot the machine to apply the latest security and software updates.
It's a good idea to reboot after the update to make sure that the system comes up properly.
chkconfig -list |grep “3:on” |awk ‘{print $1}’ |sort > before
and
chkconfig -list |grep “3:on” |awk ‘{print $1}’ |sort > after
Reference: http://www.sonoracomm.com/support/18-support/114-minimal-svcs
http://www.owlriver.com/tips/tiny-centos/
