I have just setup my CentOS 5.8 64 [final] server as a webserver.
Specs: 2x E5620 Intel CPU, DDR3 RAM, Hardware Adaptec RAID 10, 4x SAS drives.
I have installed myself:
Nginx PHP-FPM MySQL [ourdelta.org version] Sphinx Vsftpd Fail2ban Citadel [ddos flood protection] Munin NTP Htop Iptraf
These are all things that I actively use to run my websites.
Now my question:
I found this article: http://www.vr.org/kb/1002/Optimize-and-disable-default-CentOS-services.html
Which talks about a whole list of services that you can disable.
This is the list they suggest:
chkconfig anacron off chkconfig apmd off chkconfig atd off chkconfig autofs off chkconfig cpuspeed off chkconfig cups off chkconfig cups-config-daemon off chkconfig gpm off chkconfig isdn off chkconfig netfs off chkconfig nfslock off chkconfig openibd off chkconfig pcmcia off chkconfig portmap off chkconfig rawdevices off chkconfig readahead_early off chkconfig rpcgssd off chkconfig rpcidmapd off chkconfig smartd off chkconfig xfs off chkconfig ip6tables off chkconfig avahi-daemon off chkconfig firstboot off chkconfig yum-updatesd off chkconfig sendmail off chkconfig mcstrans off chkconfig pcscd off chkconfig bluetooth off chkconfig hidd off
Now I do use
smartd, so those I will keep.
But most of the other processes I do not recognize. Is there anything I should be careful with disabling?
Be careful with using other people’s “lists” as you may disable things you actually need.
Some obvious problems I see with that list are:
anacronmakes sure cron jobs missed due to downtime get run when the system comes back up.
smartdmonitors the health of your disks and can be set up to email you if a disk is failing (though since you have a hardware RAID, you should use the vendor-provided tool instead).
ip6tablesis the IPv6 firewall… Really? Somebody advised turning off the firewall?!? This really blows their credibility to hell.
yum-updatesdprovides automatic updates. If you don’t want this, turn it off, though it is useful in some scenarios.
I also have to agree with @aairey’s advice to do a minimal install. In CentOS 5, this requires the use of a kickstart file; CentOS 6 has a special minimal installation CD.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.