Please help me with turning off unneeded daemons.

James Wilkinson james at westexe.demon.co.uk
Wed Mar 30 00:00:22 UTC 2005


barophobia wrote:
> I've recently installed FC3 sans-gui (although there still is a basic
> X11 gui for some reason) and I would like to turn off all the unneeded
> daemons on my system. I'm coming to the list because I'm not familiar
> enough with the system to know exactly which daemons can be turned off
> and which cannot. I've already made a *few* changes but not as nearly
> as many as I'd like.

What's your principal concern here? Security or saving memory? If it's
security, once you're sure you don't need a service, look into
uninstalling it.

Firstly, switch to run-level 3. In /etc/inittab, change the line that
reads
id:5:initdefault:
to
id:3:initdefault:

That will stop X starting.

> Here are some specifics about the servre that should help determining
> the needed daemons. (The output from chkconfig --list can be found at
> the end of this email.)
> 
> * I don't need a gui at all.
> * I don't need printing.
> * I have two harddrives connected via IDE. (No SCSI, no RAID.)
> * I will be doing web development using Apache/PHP/MySQL
> * SNMP will be used
> * All things relating to email will be used.
> * FTP will be used.
...presumably inwards...

Depending on what you're developing, I'd recommend stopping this
computer serving to the Internet until you've got the stuff debugged,
and checked for logic holes...

I've sorted the list of services:

> haldaemon       0:off   1:off   2:off   3:on    4:on    5:on    6:off
> messagebus      0:off   1:off   2:off   3:on    4:on    5:on    6:off
Keep these: these days, they count as Fedora internals.

> mysqld          0:off   1:off   2:off   3:on    4:off   5:off   6:off
> httpd           0:off   1:off   2:off   3:on    4:off   5:off   6:off
> vsftpd          0:off   1:off   2:off   3:on    4:off   5:off   6:off
> snmpd           0:off   1:off   2:off   3:on    4:off   5:off   6:off
> snmptrapd       0:off   1:off   2:off   3:off   4:off   5:off   6:off
> sendmail        0:off   1:off   2:on    3:on    4:on    5:on    6:off
> network         0:off   1:off   2:on    3:on    4:on    5:on    6:off
Somewhat necessary for your projects.

> saslauthd       0:off   1:off   2:off   3:off   4:off   5:off   6:off
Possibly needed for your projects.

> atd             0:off   1:off   2:off   3:on    4:on    5:on    6:off
> anacron         0:off   1:off   2:on    3:on    4:on    5:on    6:off
> syslog          0:off   1:off   2:on    3:on    4:on    5:on    6:off
> crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
> xinetd          0:off   1:off   2:off   3:on    4:on    5:on    6:off
> psacct          0:off   1:off   2:off   3:off   4:off   5:off   6:off
All good ideas to keep, although not essential. They keep your box
Unix-like.

> sshd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
A good idea anyway: essential if you ever want remote access.

> gpm             0:off   1:off   2:on    3:on    4:on    5:on    6:off
Might be useful if you do much on the console...

> dc_client       0:off   1:off   2:off   3:off   4:off   5:off   6:off
> dc_server       0:off   1:off   2:off   3:off   4:off   5:off   6:off
Distributed cache? What's the point of that?

> spamassassin    0:off   1:off   2:off   3:off   4:off   5:off   6:off
Does "things related to e-mail" include SpamAssasin? Will you be reading
normal Internet e-mail on this box, and if so, why? If it's a
web-*development* box, you probably only want e-mail related to the
project, and sent to specific, non-published addresses.

> cups            0:off   1:off   2:off   3:off   4:off   5:off   6:off
> cups-config-daemon      0:off   1:off   2:off   3:off   4:off   5:off   6:off
Yes, you shouldn't need these...

> xfs             0:off   1:off   2:on    3:on    4:on    5:on    6:off
> apmd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
> acpid           0:off   1:off   2:off   3:on    4:on    5:on    6:off
> nscd            0:off   1:off   2:off   3:off   4:off   5:off   6:off
> mDNSResponder   0:off   1:off   2:off   3:on    4:on    5:on    6:off
Probably don't need these.

> irqbalance      0:off   1:off   2:off   3:on    4:on    5:on    6:off
Only helps on SMP.
> irda            0:off   1:off   2:off   3:off   4:off   5:off   6:off
> lm_sensors      0:off   1:off   2:on    3:on    4:on    5:on    6:off
> microcode_ctl   0:off   1:off   2:off   3:off   4:off   5:off   6:off
> isdn            0:off   1:off   2:on    3:on    4:on    5:on    6:off
> bluetooth       0:off   1:off   2:off   3:off   4:off   5:off   6:off
> cpuspeed        0:off   1:on    2:on    3:on    4:on    5:on    6:off
Unless you've got the hardware, you probably don't want these.

> pcmcia          0:off   1:off   2:on    3:on    4:on    5:on    6:off
> netplugd        0:off   1:off   2:off   3:off   4:off   5:off   6:off
> NetworkManager  0:off   1:off   2:off   3:off   4:off   5:off   6:off
> nifd            0:off   1:off   2:off   3:on    4:on    5:on    6:off
Not appropriate for servers (unless it's a laptop used as a server).

> smb             0:off   1:off   2:off   3:off   4:off   5:off   6:off
> winbind         0:off   1:off   2:off   3:off   4:off   5:off   6:off
Unless you *want* Windows file sharing...

> nfslock         0:off   1:off   2:off   3:on    4:on    5:on    6:off
> rpcsvcgssd      0:off   1:off   2:off   3:on    4:on    5:on    6:off
> ypbind          0:off   1:off   2:off   3:off   4:off   5:off   6:off
> nfs             0:off   1:off   2:off   3:off   4:off   5:off   6:off
> netfs           0:off   1:off   2:off   3:on    4:on    5:on    6:off
> portmap         0:off   1:off   2:off   3:on    4:on    5:on    6:off
> autofs          0:off   1:off   2:off   3:on    4:on    5:on    6:off
> rpcgssd         0:off   1:off   2:off   3:on    4:on    5:on    6:off
> rpcidmapd       0:off   1:off   2:off   3:on    4:on    5:on    6:off
Unless you *want* NFS/NIS (or RPC-based programs: I suppose you might,
depending on exactly what you're doing).

> ntpd            0:off   1:off   2:off   3:on    4:off   5:on    6:off
Keep your logs sane: get the right time in them.

> diskdump        0:off   1:off   2:off   3:off   4:off   5:off   6:off
> netdump         0:off   1:off   2:off   3:off   4:off   5:off   6:off
If you wanted this, you'd know.

> iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off
Probably a good idea anyway. You need *one* of:
> rhnsd           0:off   1:off   2:off   3:on    4:on    5:on    6:off
> yum             0:off   1:off   2:off   3:off   4:off   5:off   6:off
Which of them is up to you.

> readahead_early 0:off   1:off   2:off   3:off   4:off   5:on    6:off
> readahead       0:off   1:off   2:off   3:off   4:off   5:on    6:off
Doesn't make much difference.

> mailman         0:off   1:off   2:off   3:off   4:off   5:off   6:off
Only if your development includes mailing lists.

> mdmpd           0:off   1:off   2:off   3:off   4:off   5:off   6:off
> mdmonitor       0:off   1:off   2:on    3:on    4:on    5:on    6:off
Only if you're using LVM and/or RAID.

> vncserver       0:off   1:off   2:off   3:off   4:off   5:off   6:off
If you don't want X, you don't want this.

> kudzu           0:off   1:off   2:off   3:on    4:on    5:on    6:off
> smartd          0:off   1:off   2:on    3:on    4:on    5:on    6:off
Help keep your hardware sane.

Hope this helps,

James.
-- 
E-mail address: james | I suppose if one has to go mad, slowly is the way to
@westexe.demon.co.uk  | go. You wouldn't want to rush going mad, you might
                      | miss some of the good bits.
                      |     -- Paul Tomblin




More information about the fedora-list mailing list