2011年8月30日星期二

Removing Unwanted Startup Debian Files or Services

Under Debian Linux ( and most other distros) startup files are stored in /etc/init.d/ directory and symbolic linked between /etc/rcX.d/ directory exists. Debian Linux (Red Hat/ Fedora) uses System V initialization scripts to start services at boot time from /etc/rcX.d/ directory. Debian Linux comes with different utilities to remove unwanted startup file:

(A) rcconf
It is a console based interactive utility that allows you to control which services are started when the system boots up or reboots. It displays a menu of all the services which could be started at boot. The ones that are configured to do so are marked and you can toggle individual services on and off. To start rconf, login as root user and type rcconf
# rcconf

Select the service you would like to enable or disable.

(B) sysv-rc-conf is yet another tool for for SysV like init script links under Debian Linux. To start sysv-rc-conf, login as root user and type sysv-rc-conf:
# sysv-rc-conf

Select the service you would like to enable or disable.

Both sysv-rc-conf and rcconf are best tools to use on Remote Debian Linux or when GUI is not available, they are just like ntsysv command under Red Hat Linux.

(C) You can also use update-rc.d script as follows (update-rc.d removes any links in the /etc/rcX.d directories to the script /etc/init.d/service):
# update-rc.d -f {SERVICE-NAME} remove

For example to stop xinetd service at boot time, type the command as follows:
# update-rc.d -f xinetd remove

--------------------------------------------------------

Q: Which services are unnecessary in debian?

A : It depends upon your applications. For example if you run web server then you only need

httpd (80)
mysql
sshd
mail service
syslogd
klogd
cron

Rest of the service can be disabled for example
lpd (printing service)
autofs (until and unless you wanna mount something remotely or locally)
dbus-1 ( manages certificate revocation lists)
portmap, rpc services, nfs server (for unix to unix/linux file sharing)
telnetd, relogin, rexec (all insecure remote login service, it is better to use ssh)
inetd or xinetd (disabled all those r services, finger, time etc)
named (Do you need your own dedicated name server?)

All create a firewall, to accept service according to your server services

没有评论:

发表评论