サーバのメモリーも無駄なく使い、セキュリティ的にも使わないデーモンを停止したほうが良いということで、不要デーモンを停止することにした。
まずは、ランレベル3で現在稼働中のデーモンを調べる。
[root@server ~]# chkconfig --list | grep 3:on acpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off apmd 0:off 1:off 2:on 3:on 4:on 5:on 6:off atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off avahi-daemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off bluetooth 0:off 1:off 2:on 3:on 4:on 5:on 6:off cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off dovecot 0:off 1:off 2:on 3:on 4:on 5:on 6:off firstboot 0:off 1:off 2:off 3:on 4:off 5:on 6:off gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off hidd 0:off 1:off 2:on 3:on 4:on 5:on 6:off hplip 0:off 1:off 2:on 3:on 4:on 5:on 6:off httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off irqbalance 0:off 1:off 2:on 3:on 4:on 5:on 6:off isdn 0:off 1:off 2:on 3:on 4:on 5:on 6:off kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off lvm2-monitor 0:off 1:on 2:on 3:on 4:on 5:on 6:off mcstrans 0:off 1:off 2:on 3:on 4:on 5:on 6:off mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off messagebus 0:off 1:off 2:off 3:on 4:on 5:on 6:off microcode_ctl 0:off 1:off 2:on 3:on 4:on 5:on 6:off mysqld 0:off 1:off 2:on 3:on 4:on 5:on 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off ntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off pcscd 0:off 1:off 2:on 3:on 4:on 5:on 6:off portmap 0:off 1:off 2:off 3:on 4:on 5:on 6:off postfix 0:off 1:off 2:on 3:on 4:on 5:on 6:off rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off readahead_early 0:off 1:off 2:on 3:on 4:on 5:on 6:off restorecond 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcgssd 0:off 1:off 2:off 3:on 4:on 5:on 6:off rpcidmapd 0:off 1:off 2:off 3:on 4:on 5:on 6:off saslauthd 0:off 1:off 2:on 3:on 4:on 5:on 6:off smartd 0:off 1:off 2:on 3:on 4:on 5:on 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off vsftpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off
この中で不要と思われるデーモンを調べた結果、以下のデーモンを停止することにした。
- acpid
- apmd
- auditd
- avahi-daemon
- bluetooth
- cpuspeed
- cups
- firstboot
- hidd
- hplip
- ip6tables
- irqbalance
- isdn
- mcstrans
- mdmonitor
- netfs
- nfslock
- pcscd
- portmapf
- rawdevices
- restorecond
- rpcgssd
- rpcidmapd
- saslauthd
メインサーバー、予備サーバーで一つ一つ止めるのは面倒なので、サーバー起動時に自動起動しないようにスクリプトを書いて実行することに。
[root@server ~]# vi chkconfigoff.sh #!/bin/bash chkconfig acpid off chkconfig apmd off chkconfig auditd off chkconfig avahi-daemon off chkconfig bluetooth off chkconfig cpuspeed off chkconfig cups off chkconfig firstboot off chkconfig hidd off chkconfig hplip off chkconfig ip6tables off chkconfig irqbalance off chkconfig isdn off chkconfig mcstrans off chkconfig mdmonitor off chkconfig netfs off chkconfig nfslock off chkconfig pcscd off chkconfig portmap off chkconfig rawdevices off chkconfig restorecond off chkconfig rpcgssd off chkconfig rpcidmapd off chkconfig saslauthd off
スクリプトに実行権限を与える。
[root@server ~]# chmod 700 chkconfigoff.sh
スクリプトの実行。
[root@server ~]# ./chkconfigoff.sh
サーバーを再起動させればOK
[root@server ~]# shutdown -r now
変更後の稼働中のデーモンは以下のようになった。
[root@server ~]# chkconfig --list | grep 3:on anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off dovecot 0:off 1:off 2:on 3:on 4:on 5:on 6:off gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off haldaemon 0:off 1:off 2:off 3:on 4:on 5:on 6:off httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off lvm2-monitor 0:off 1:on 2:on 3:on 4:on 5:on 6:off messagebus 0:off 1:off 2:off 3:on 4:on 5:on 6:off microcode_ctl 0:off 1:off 2:on 3:on 4:on 5:on 6:off mysqld 0:off 1:off 2:on 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off ntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off postfix 0:off 1:off 2:on 3:on 4:on 5:on 6:off readahead_early 0:off 1:off 2:on 3:on 4:on 5:on 6:off smartd 0:off 1:off 2:on 3:on 4:on 5:on 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off vsftpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off
ちなみにストップしているデーモンは下記の通り。
[root@server ~]# chkconfig --list | grep 3:off NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off acpid 0:off 1:off 2:off 3:off 4:off 5:off 6:off apmd 0:off 1:off 2:off 3:off 4:off 5:off 6:off auditd 0:off 1:off 2:off 3:off 4:off 5:off 6:off avahi-daemon 0:off 1:off 2:off 3:off 4:off 5:off 6:off avahi-dnsconfd 0:off 1:off 2:off 3:off 4:off 5:off 6:off bluetooth 0:off 1:off 2:off 3:off 4:off 5:off 6:off capi 0:off 1:off 2:off 3:off 4:off 5:off 6:off conman 0:off 1:off 2:off 3:off 4:off 5:off 6:off cpuspeed 0:off 1:on 2:off 3:off 4:off 5:off 6:off cups 0:off 1:off 2:off 3:off 4:off 5:off 6:off dnsmasq 0:off 1:off 2:off 3:off 4:off 5:off 6:off dund 0:off 1:off 2:off 3:off 4:off 5:off 6:off firstboot 0:off 1:off 2:off 3:off 4:off 5:off 6:off hidd 0:off 1:off 2:off 3:off 4:off 5:off 6:off hplip 0:off 1:off 2:off 3:off 4:off 5:off 6:off ibmasm 0:off 1:off 2:off 3:off 4:off 5:off 6:off ip6tables 0:off 1:off 2:off 3:off 4:off 5:off 6:off iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off irda 0:off 1:off 2:off 3:off 4:off 5:off 6:off irqbalance 0:off 1:off 2:off 3:off 4:off 5:off 6:off isdn 0:off 1:off 2:off 3:off 4:off 5:off 6:off mcstrans 0:off 1:off 2:off 3:off 4:off 5:off 6:off mdmonitor 0:off 1:off 2:off 3:off 4:off 5:off 6:off mdmpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off multipathd 0:off 1:off 2:off 3:off 4:off 5:off 6:off netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off netfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off netplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfslock 0:off 1:off 2:off 3:off 4:off 5:off 6:off nscd 0:off 1:off 2:off 3:off 4:off 5:off 6:off oddjobd 0:off 1:off 2:off 3:off 4:off 5:off 6:off pand 0:off 1:off 2:off 3:off 4:off 5:off 6:off pcscd 0:off 1:off 2:off 3:off 4:off 5:off 6:off portmap 0:off 1:off 2:off 3:off 4:off 5:off 6:off psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off rawdevices 0:off 1:off 2:off 3:off 4:off 5:off 6:off rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off readahead_later 0:off 1:off 2:off 3:off 4:off 5:on 6:off restorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off rpcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rpcidmapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rpcsvcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off tcsd 0:off 1:off 2:off 3:off 4:off 5:off 6:off vncserver 0:off 1:off 2:off 3:off 4:off 5:off 6:off wdaemon 0:off 1:off 2:off 3:off 4:off 5:off 6:off winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off wpa_supplicant 0:off 1:off 2:off 3:off 4:off 5:off 6:off ypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off yum-updatesd 0:off 1:off 2:off 3:off 4:off 5:off 6:off