Thank you Henric, exactly what I was looking for. I hope to try this tweek over the weekend.
I guess many of us want the optimized "grail" dom0. (Please forgive me if this is in the archive, I find nothing to little on this topic.)
Does this look like a decent summary of your suggestions:
-bluetooth
-gpm
-pcscd
-cups
-avahi-daemon
-yum-updatesd (oh yeah)
-nfslock
-portmap (hmnn, not needed on new domUs, NIC configs as well as migration for xend? Truly do not know the answer here.)
-rpcidmapd
I'm only slightly above noob on Xen and I still like to do a bit in gui, (fluxbox or Gnome/XFCE4), so I can see right away if there are any balks in the service window. I do know that dropping windows manager(s) opens up some resources, but I still need the assist.
I'm weak in dom0 configuration and securing. I am relying on a separate NIC (private IP, tight ingress/egress) for dom0 with profound hardware firewalling and monitoring until I get this aspect comfortably nailed down. I just don't trust my knowledge of inherent linux firewalling for servers yet.
I doubt I will ever drop the separate NIC and firewall setup on dom0 though.
Henrik Holmboe wrote:
++ 04/02/09 16:56 +0100 - Henrik Holmboe:
[...]
And in addition to that I also run this in Centos 5.x dom0's:
for svc in bluetooth gpm pcscd cups avahi-daemon yum-updatesd; \ do chkconfig $svc off; \ service $svc stop; \ done
Oh, I forgot this for dom0's:
for svc in nfslock portmap rpcidmapd cups yum-updatesd; \ do chkconfig $svc off; \ service $svc stop; \ done