- 1 SUSE Linux Enterprise Server for SAP Comes to IBM Power
- 2 VMware Hints at Potential Evolution for Container Strategy
- 3 Windows Server 2003 Meets the Zombie Apocalypse
- 4 Tips and Considerations When Creating Virtual Machines in Azure
- 5 Securing Containers without the Need for Virtualization Technology
Is your web server running unnecessary software? Page 4
Disabling from starting up at boot timeThe two common ways for programs to get started at boot time are via /etc/rc or the System V-type startup scripts. Usually, if you are running a BSD system it will begin with /etc/rc and most Linux-type systems use the scripts under /etc/init.d/ (or /etc/rc.d/init.d or some other similarly named directory). Or your system may start up programs using both: via /etc/rc and a variety of System V style rc scripts. (Also, some people may decide to start up programs with init as configured in /etc/inittab; but we will not discuss this method in this article.)
For example, on a Linux system, cron might be started via a /etc/init.d/cron script, Apache started by /etc/init.d/httpd, syslogd by /etc/init.d/syslogd and sshd started via a /etc/init.d/sshd script.
Basically, these System V scripts are ran via symlinks from a specific rc.d directory for the current System V runlevel. Linux systems have different tools for configuring which rc.d scripts are ran. Or you can configure it manually. There should be one directory that has all the actual startup scripts (for example, it may be at /etc/init.d/ or /etc/rc.d/rc.d). Then a few other directories for each runlevel (for example, they may be named like /etc/rc2.d or /etc/rc.d/rc2.d). The files in these directories are usually symlinks to the real scripts. The standard runlevels are usually 2, 3, 4 or 5. You may be able to find out your default runlevel on a Linux box by searching for "initdefault" in the /etc/inittab file.
To manually disable a startup script, simply delete the appropriate symlink. (Ignore the "S" or "K" and the number at the beginning of the symlink name.) Some tools for managing this include: update-rc.d and chkconfig. (Plus there are a few GUI equivalents.) For example, you can run "chkconfig --list" to view the current System V style init script settings. You can remove the lpd startup links with update-rc.d by doing "/usr/sbin/update-rc.d -f lpd remove". For futher information, (if these commands exist on your system) read the manual pages.
It is a lot simpler with just the plain /etc/rc script. Instead of having a variety of scripts to start numerous different programs, the programs are simply all just started via one script. Sometimes /etc/rc may call an additional script, /etc/rc.local, which may start other tasks. (And some systems that use /etc/rc may also use the /etc/rc.d/, System V-style scripts.) To disable a daemon at startup, simply comment out the lines that start it up in the /etc/rc script.
Some BSD systems may have a configuration file, like /etc/rc.conf which can be used instead of editing the /etc/rc file. For example, if it says "inetd=YES" and you want to disable it from starting when the system boots up, then simply change it to "inetd=NO".
Uninstalling unneeded softwareYou may also find your system easier to manage if you actually remove the unneeded or unused software. If your system is installed using software packages (i.e. BSD ports/packages collection, RPMs or Debian dpkg format), it would be a good idea to simply uninstall any unneeded packages. For example, on systems that use the .deb packaging format, you can uninstall gpm with "dpkg --remove gpm".
It is a lot harder to manually remove individual software. For example, you probably don't need any X servers or X clients, so you could remove them, for example, from /usr/X11R6/bin/. Some perfectionists strip their systems entirely clean removing every tool, configuration or program that is not needed. I don't believe you need to go this extreme.