[CentOS] Looking for a list of default services to disable in centos 5

Wed Mar 25 20:58:33 UTC 2009
Martin Suehowicz <msuehowicz at rubiconproject.com>

My question was targeted at minimal install that I could start with bare
bones. Just what you need to run the os. I would use it to build the
rest of my kickstarts with adding the needed services for webservers,
databases, etc. I see the usefulness it for example You can pretty much
say that everyone with a server build does not need Bluetooth and that
most people are going to want syslog running. Thanks for the input! I do
see your point about looking at my servers. 

-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
Behalf Of Spiro Harvey
Sent: Wednesday, March 25, 2009 1:40 PM
To: centos at centos.org
Subject: Re: [CentOS] Looking for a list of default services to disable
in centos 5

> I am looking for a list of services that you disable by default on 
> your server.

what kind of server? smtp server? pop/imap server? proxy server? web
server? ftp server? logging server? voip gateway? firewall? rpm build
box? swipe card reader server? development/source repo server? LDAP,

or are you looking for a set of things that we disable by default on all
servers? At which point I question your choice of removing sendmail
(unless you're replacing it with something like exim or postfix) because
most servers need to send mail, even if it's just to alert you when a
cron job has barfed.

personally I disable, or don't install SE Linux, Network Manager (with
extreme prejudice), and anything to do with wireless/bluetooth, and X on
every single server. 

>From there it depends on what the server is doing.

We've got a Kickstart server and boot off USB sticks and CDs that allow
us to pick generic build types off a menu (eg; web server, smtp server,
mail storage server, etc). The kickstart config just pulls down the
packages we want, a few scripts get run doing various things like
updating all packages, setting up our distributed config system,
installing custom packages, and so on. 

However, I don't see the usefulness in seeing what other people disable.
Everybody has different networks, different requirements, and does
different things on their boxes. What you should be doing is looking at
*your* servers and itemising what they do. Then remove all packages that
are not needed to provide those services.

Spiro Harvey                  Knossos Networks Ltd
021-295-1923                    www.knossos.net.nz