Mark Whitis's Website Home Page Linux Book: Linux Programming Unleashed My Resume Genealogical Data Contact Info Security About
[HOME(Mark Whitis)] [Contact] [Resume] [Browser Friendly] [No Spam] [FEL] [DBD]

Disabling unwanted services in RedHat Linux

Here is a script, select_services, which I use under Redhat 5.0 (derived from one I used under 4.0 - it should work under 4.x as well), to selectively enable only those services you really want. Enabling unneeded services results not only in a waste of resources but can open serious security holes.

In developing this script, I first disabled all services on the system until I was sure they were all gone (except for a few core system daemons which are mentioned in the script itself).

This script is intended to be copied to /root/select_services (or some other location) on each machine and run after initial install, any package upgrade using rpm, any system upgrade, or when you change what services you want to enable. You should edit the script to reflect your choices of which services will be enabled. The script will maintain /etc/inetd.conf and all the links in /etc/rc.d/rc*.d/.

Be warned that anytime you upgrade a package using rpm, it will probably be reenabled if you had disabled that service; that is why I recommend running this script after every rpm upgrade. This script will not know about any new packages installed which are not part of one of the tested full installs (i.e. Redhat 4.0, 5.0) unless you add them.

RedHat 5.0 finally added an install screen to allow you to specify which services were to be enabled. This is a good step that many of us have been asking for for quite some time; however I still prefer my script since it is known to prevent upgrade induced regression if used according to instructions, preserves the information about how a package was normally intended to be started if you decide to enable it later, is a simple text file which can easily be copied, edited, distributed, logged, and printed, and it can be run at any time, not merely at install time. The redhat service selection screen only appears during an install and only a first time install, at that. It does not appear if you are upgrading RedHat or package versions.

I have some other original Linux pages, including other application notes.

This file is maintained by Mark Whitis (whitis@freelabs.com).

Senior Engineer for hire
Software Development - Electronic Design - Embedded Systems - Device Drivers - System/Network Administration and Security - Motor Control, RobotCNC - Linux/Un*x - 25+ years experience
The author of these pages is looking for a new gig.
[RESUME]

Engineers and electronic hobbyists: The new Open Symbol Project is creating open schematic symbols and PCB footprints for a variety of different CAD packages.

Mark Whitis's Website Home Page Linux Book: Linux Programming Unleashed My Resume Genealogical Data Contact Info Security About

All email messages received must pass the turing test or they will be considered SPAM. If it could have been written by a machine, it was.

Under no circumstances are you to email me with questions regarding windoze, any other microsoft operating system or application, or any software which runs under any form of windoze.

*