Page 1 of 1
Good Primer for Proccesses?
Posted: Thu Aug 21, 2008 7:26 pm
by Galactic Zero
Looking for a good primer on which processes should be disabled on a Centos 5 box. I noticed that bluetooth and a couple of others were enabled and just want to turn off others that are just not necessary.
Thanks.
PS. IF anyone is interested to see what chkconfig shows as on I'll email the image file to you.
..
Posted: Thu Aug 21, 2008 11:36 pm
by scott
there are checks in ASL for it, my list would be:
make sure the box is in runlevel 3, rather than 5 (X11)
disable xfs, nfs, nfslock, portmap, hp printer, cups, bluetooth, messagebus, smartcard stuff, rpc language daemons, etc. Im probably leaving stuff out, there are a mess of them on by default.
Posted: Fri Aug 22, 2008 12:58 am
by Galactic Zero
Here is what I have left running:
anacron, auditd, autofs, avahi-daemon, clamav-milter, clamd, courier-imap, cpuspeed, crond, firstboot, gpm, haldaemon, hidd, httpd, ip6tables, iptables, irqbalance, kudzu, lvm2-monitor, mailman, mcstrans, mdmonitor, microcode_ctl, netfs, network, ntpd, pcscd, psa, psa-firewall, psa-vpn, qmail, readahead_early, restorecond, spamassassin, sshd, syslog, xinetd, yum-updatesd
Posted: Fri Aug 22, 2008 8:56 am
by scott
I'd disable:
autofs, avahi-daemon, clamav-milter, cpuspeed, crond, firstboot, haldaemon, hidd, irqbalance, lvm2-monitor, mcstrans, mdmonitor, microcode_ctl, netfs, pcscd
If you dont use selinux you can also take out restorecon, and personally I find auditd data useless. But if you're using selinux once in a blue moon its helpful.
Posted: Fri Aug 22, 2008 10:06 am
by Galactic Zero
If I turn off auditd won't that affect awstats and webalizer?
Posted: Fri Aug 22, 2008 3:09 pm
by scott
Not at all, its more of a means to audit processes
Posted: Fri Aug 22, 2008 5:38 pm
by faris
I always thought things like irqbalance and cpuspeed were important. This is interesting.
Also I thought halddaemon was quite important, even though it is currently giving me problems on one system, where it is spitting out an error about IRQs (even though I can't find a problem and everything seems to work)
Faris.
Posted: Sat Aug 23, 2008 8:43 am
by scott
if you're on a multi-cpu system (irqbalance), multi-cores dont count. cpuspeed if you're on a centrino laptop, and halddaemon if you're on a desktop
Posted: Sat Aug 23, 2008 5:56 pm
by breun
Why disable crond?
Posted: Mon Aug 25, 2008 10:00 am
by scott
typo there, dont disable crond. Anacron is what I ment
Posted: Mon Aug 25, 2008 10:36 am
by Galactic Zero
and I disabled cron... hehe
Ok, so chkconfig --level 2345 crond on should fix me?
Thanks.
Posted: Mon Aug 25, 2008 11:04 am
by breun
Yep. And service crond start if crond is not running right now.