Hi All, I a working on configuring a not-quite minimal installation of CentOS 6.2. I tried doing the "minimal" installation available with the installer, but it's a bit too minimal to be useful. So I'm cutting down from a less minimal starting place. I'm pretty familiar with 5.x, but what I'm finding in 6.2 is a lot of new stuff, and a lot of odd behavior. For example, cups is starting at boot time, despite being disabled by chkconfig. And I'm finding things like qpidd, matahari, messagebus, and portreserve that really don't belong in a minimal setup. To clarify, I'm shooting for a simple config, like one would use for a dedicated DNS server. Can anyone point me to an up-to-date list of daemon processes that indicates what they do and whether they can be safely disabled? Also, any ideas as to what would be launching cups would be appreciated. Thanks, --Bill
On Tue, 24 Apr 2012 16:22:17 -0700, listmail wrote> Also, any > ideas as to what would be launching cups would be appreciated. >I answered one of my own questions: cups was being started by the VMware tools startup script. I fixed this for now by editing the VMware startup script and removing the command that starts it. Still interested in a list of daemons that can be cleanly stopped, if one exists for 6.2 yet. Thanks, --Bill
On 4/24/2012 7:22 PM, listmail wrote:> I a working on configuring a not-quite minimal installation of CentOS 6.2. I > tried doing the "minimal" installation available with the installer, but it's > a bit too minimal to be useful. So I'm cutting down from a less minimal > starting place. I'm pretty familiar with 5.x, but what I'm finding in 6.2 is a > lot of new stuff, and a lot of odd behavior. For example, cups is starting at > boot time, despite being disabled by chkconfig. And I'm finding things like > qpidd, matahari, messagebus, and portreserve that really don't belong in a > minimal setup. > > To clarify, I'm shooting for a simple config, like one would use for a > dedicated DNS server. > > Can anyone point me to an up-to-date list of daemon processes that indicates > what they do and whether they can be safely disabled? Also, any ideas as to > what would be launching cups would be appreciated.I did a 'basic server' for my dns and then did this for cleaning up... yum install yum-cron logwatch bind bind-chroot yum-cron remove packages yum remove samba-winbind-clients qpid-cpp-client matahari* cups the two clients will get rid of a lot. chkconfig atd off chkconfig autofs off chkconfig kdump off chkconfig netfs off chkconfig nfslock off chkconfig rpcidmapd off chkconfig rpcgssd off chkconfig rpcbind off I left the rest on but that pretty much did it for me.. here is my chkconfig list, off and on /root$ chkconfig --list |grep "3:on" abrt-ccpp 0:off 1:off 2:off 3:on 4:off 5:on 6:off abrt-oops 0:off 1:off 2:off 3:on 4:off 5:on 6:off abrtd 0:off 1:off 2:off 3:on 4:off 5:on 6:off acpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off lvm2-monitor 0:off 1:on 2:on 3:on 4:on 5:on 6:off mcelogd 0:off 1:off 2:off 3:on 4:off 5:on 6:off mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off messagebus 0:off 1:off 2:on 3:on 4:on 5:on 6:off named 0:off 1:off 2:on 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off ntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off portreserve 0:off 1:off 2:on 3:on 4:on 5:on 6:off postfix 0:off 1:off 2:on 3:on 4:on 5:on 6:off rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off sysstat 0:off 1:on 2:on 3:on 4:on 5:on 6:off udev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off yum-cron 0:off 1:off 2:on 3:on 4:on 5:on 6:off /root$ chkconfig --list |grep "3:off" atd 0:off 1:off 2:off 3:off 4:off 5:off 6:off autofs 0:off 1:off 2:off 3:off 4:off 5:off 6:off certmonger 0:off 1:off 2:off 3:off 4:off 5:off 6:off cgconfig 0:off 1:off 2:off 3:off 4:off 5:off 6:off cgred 0:off 1:off 2:off 3:off 4:off 5:off 6:off kdump 0:off 1:off 2:off 3:off 4:off 5:off 6:off netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off netfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfslock 0:off 1:off 2:off 3:off 4:off 5:off 6:off ntpdate 0:off 1:off 2:off 3:off 4:off 5:off 6:off oddjobd 0:off 1:off 2:off 3:off 4:off 5:off 6:off psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off quota_nld 0:off 1:off 2:off 3:off 4:off 5:off 6:off rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off restorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off rngd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rpcbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off rpcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rpcidmapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rpcsvcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off sssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off ypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off
On Thu, April 26, 2012 08:55, Johnny Hughes wrote:>> It has the network stack ... you must configure it during the install. >> >> If you do not configure and enable the ethernet card then it does not >> turn on by default ... but it is in the installer to be able to do: >> >> http://wiki.centos.org/FAQ/CentOS6#head-b67e85d98f0e9f1b599358105c551632c6ff7c90 >> > > Don't get the wrong idea here ... I think it is a very silly way to do > installs to not default with the network turned on. It should be turned > on ... but upstream decided it differently and I do not get to be the > decider :DI used to think the same thing. However, on reflection I think that the decision to keep the network down until deliberately enabled is a sensible and prudent security choice. This leaves up to the operator the decision as to whether or not a given system is sufficiently hardened against Internet attacks before connecting. Now, consider upstream's decision to enable network-manager by default on an enterprise distro. THAT I both understand and fundamentally disagree with. -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
On Thursday, April 26, 2012 01:28:04 PM Les Mikesell wrote:> On Thu, Apr 26, 2012 at 11:36 AM, James B. Byrne <byrnejb at harte-lyne.ca> wrote: > > Now, consider upstream's decision to enable network-manager by default on an > > enterprise distro. THAT I both understand and fundamentally disagree with. > Yes, that's a horrible thing for servers.I've said it before, and I'll say it again: enterprise != servers. Regardless, the network manager things is not something CentOS is likely to change unless and until upstream changes, which is not likely at all. But you're of course free to file a bug report against upstream......
On Thursday, April 26, 2012 02:12:20 PM Les Mikesell wrote:> On Thu, Apr 26, 2012 at 1:09 PM, Lamar Owen <lowen at pari.edu> wrote: > >> Yes, that's a horrible thing for servers. > > I've said it before, and I'll say it again: enterprise != servers.> How's that?A distribution being an 'enterprise' distribution does not equate with that distribution being an (exclusively) 'server' distribution. While CentOS makes a great server distribution, that is a subset of what an enterprise distribution needs to be able to do. And I've not had any NetworkManager issues with my upstream EL6.2 box running a local GUI, xrdp and vnc, some reverse ssh tunnels for remote maintenance of some dynamically addressed, behind-the-NAT boxes, among other things (development CMS/web serving, CIFS shares, and more, including a test OpenNMS instance). Multiple NICs, multiple subnets, and solid as a rock with nailed up addresses, running with NetworkManager. I've thus far not seen any of the issues others have seen, once I remembered to set up networking at install, and remembered the two checkboxes to check (which I've posted before on this list).