Linux services are basically programs that start at boot time to provide certain features and services (Apache, the web server for example). After installation, every Linux distribution provides a list of enabled services. However, you might not need some of these services or you might need others that are not enabled by default. Having only the services you need running will make your system faster, more stable and secure. So the first thing you need to do after installing a Linux distribution is to manually edit the list of enabled services. Unfortunately, some services don’t provide a description, others provide a description that’s not understandable so you might end-up disabling a vital system service just because you didn’t know what it did and you thought you didn’t need it.
In this post, I’ll try to explain as good as I can, most services you’ll see on a Linux distribution. However, most services list are based on what programs you have installed on your system so in this list, it’s possible to see services you don’t have or don’t see services your system has.
I’ll start by explaining how to manage the system services, how to choose which ones will start on system boot and which don’t.
For Fedora systems, just use the system-config-services tool that comes with the system. If it’s not installed, get it by running this command in a terminal:
$ sudo yum install system-config-services
Run it with:
$ sudo system-config-services
This is a GUI (graphical) application. If you have a server running Fedora with no monitor or no desktop environment installed, use ntsysv console-based application:
Install with:
$ sudo yum install ntsysv
Run with:
$ sudo ntsysv
For Debian (Ubuntu) systems, there’s a graphical application that comes with Gnome, I think. You can find it in the menu, under Administration / Services or run it by typing services-admin in a terminal. However, I’ve noticed that this tool doesn’t list all daemons in /etc/init.d so it’s better to use another. I don’t know of any other GUI system managers for Debian/Ubuntu so use one of the few console-based ones:
sysv-rc-conf
Install it with:
$ sudo apt-get install sysv-rc-conf
Run it with:
$ sudo sysv-rc-conf
or, sysvconfig
Install it with:
$ sudo apt-get install sysvconfig
Run it with:
$ sudo sysvconfig
Just use the one you’re most comfortable with.
SERVICES LIST
915resolution
Enable this if you have a video card with an Intel chipset.
This is a resolution modify tool for video cards with an Intel chipset. It allows you to modify the video BIOS of the 800 and 900 series Intel graphics chipsets. This includes the 845G, 855G, and 865G chipsets, as well as 915G, 915GM, and 945G chipsets. This modification is necessary to allow the display of certain graphics resolutions for an Xorg or XFree86 graphics server.
acpid and acpi-support
Enable this if you have a laptop or a fairly new desktop.
It provides utilities for using ACPI Modern computers support the Advanced Configuration and Power Interface (ACPI) to allow intelligent power management on your system and to query battery and configuration status. It’s also a flexible and extensible daemon for delivering ACPI events. These events are triggered by certain actions, such as pressing the Power button, pressing the Sleep/Suspend button, closing a notebook lid or (un)plugging an AC power adapter from a notebook.
alsa
Enable this if you have a sound card that uses ALSA. If you also have the ‘alsa-utils’ service, disable alsa and enable that.
ALSA is a sound driver for many sound card chipsets.
alsa-utils
Enable this if you have a sound card that uses ALSA and disable the alsa service, if you have it.
This provides several utilities for the ALSA driver, such as alsaconf, the ALSA driver configuration tool, alsamixer, a volume mixer and so on.
anacron
It’s up to you if you enable it or not.
This is a cron subsystem. Cron allows you to run an application at a certain time. For example, you can set it to run ‘updatedb’ every day at 4am. However, your computer might be turned off at 4am so this is when anacron comes into play. The next time you start your computer, it will run scheduled commands that couldn’t be run by cron because your system was shut off. It basically catches-up with system duties. So if you have any important schedules in cron, enable this.
apache2 or httpd
Enable it if you host a website on your computer.
I don’t think there’s a description needed here. Everyone knows what Apache or a web server is.
apmd
Disable it
This does what acpid does but as far as I know, this only monitors batter levels for old laptops. So you should disable it if your system supports ACPI.
apport
Disable it
apport automatically collects data from crashed processes and compiles a problem report in /var/crash/. This is a command line frontend for reporting those crashes to the developers. It can also be used to report bugs about packages or running processes.
atd
Disable it
atd runs the jobs scheduled by at, a daemon used to execute scheduled commands, just like cron. You don’t need this if you’re using cron.
avahi-daemon
Disable it unless you need it or have compatible devices or services.
Avahi is an implementation of zeroconf. In simple terms, Zero Configuration Networking is a standardised way of setting up a network without performing any manual configuration. A networked device that implements Zeroconf can obtain its own IP address, assign itself a human readable host name and advertise and discover services available on the local network without any human interaction what so ever. To give an example, the Pidgin chat client uses Zeroconf technology to discover chat parners on the local network. If you’re at a conference and you want to talk to other attendees about what is going on on the stage, you don’t have to know their names, IP addresses or what sort of computer they’re using. They simply appear in your buddy list as available to chat to. Zeroconf is widely supported in desktop applications and networked appliances. Almost every networked printer that currently ships advertises its printing service and HTTP configuration interface via Zeroconf. Applications such as the popular iTunes music player use Zeroconf to share music libraries and discover other people’s music on the network.
autofs
Safe to disable.
This mounts removable disks (such as USB harddrives) on demand. It is recommended to keep this enabled if you use removable media. I think this automounts a device when you plug it in (an usb storage device for example).
backuppc
Disable it.
This is the startup init script for BackupPC on Redhat linux.
binfmt-support
Disable it unless you need it.
If you don’t know what it is, just disable it. binfmt is a capability of the Linux kernel which allows arbitrary executable file formats to be recognized and passed to certain user space applications, such as emulators and virtual machines.
bluetooth
Disable it unless you have a bluetooth device.
Bluetooth is for portable local wireless devices (NOT wifi,802.11). Some laptops come with bluetooth support. There are bluetooth mice, headsets and cell phone accessories. Most people do not have bluetooth support or devices, and should disable this.
bootclean
Disable it.
I don’t exactly know what this does, but as far as I know, it cleans up the /tmp dir at boot time and also cleans pid files of daemons that were aggressively stopped for whatever reason. You might not even have this on your system.
bootlogd
Disable it.
This daemon logs boot messages to /var/log/boot. Pretty useless unless you have a problem at boot time and you can’t read it while booting.
bootmisc
Disable it.
This does miscellaneous during bootup such as update the /etc/motd.tail file.
brltty
Disable it unless you need it (hope not).
I don’t even know how i got this installed. BRLTTY is a daemon which provides access to the Linux console (text mode) for a blind person using a soft braille display. It drives the braille terminal and provides complete screen review functionality.
cpuspeed
Enable it if you need it.
This throttles your CPU runtime frequency to save power. Many modern laptop CPU’s support this feature and now many desktops also support this. Most people should enable only if they are users of Pentium-M, Centrino, AMD PowerNow, Transmetta, Intel SpeedStep, Athlon-64, Athlon-X2, Intel Core 2 hardware. Disable this if you want your CPU to remain at a fixed state.
cron
You should leave this on.
Cron is a daemon to execute scheduled commands. By default, it runs a couple of system checks scripts and other things.
cupsys or cups
Disable it unless you use a printer.
Cups is a cross-platform printing solution for all UNIX environments. It is based on the “Internet Printing Protocol and provides complete printing services to most PostScript and raster printers.
dbus or messagebus
Enable it.
D-BUS is first a library that provides one-to-one communication between any two applications; dbus-daemon-1 is an application that uses this library to implement a message bus daemon. Multiple programs connect to the message bus daemon and can exchange messages with one another.
dc_client or dc_server
Safe to disable.
Distcache is for distributed session caching. It is primarily for SSL/TLS servers. Apache can use this. Most desktop users should have these disabled.
dhcdbd
You can disable this.
This basically an interface for the DBUS system to control DHCP on your computer.
dns-clean
Disable it unless you have a dial-up connection.
Mainly for cleaning up the dns info when using dial-up connection.
dund
Disable it unless you need it.
This is a bluetooth Dial-Up-Networking Daemon. Provides PPP over RFCOMM services.
exim4
Disable it unless you know you need it.
Exim is a mail transfer agent (MTA) meant to replace sendmail.
festival
Disable it unless you know you need it.
Festival is a general purpose text-to-speech system. As well as simply rendering text as speech it can be used in an interactive command mode for testing and developing various aspects of speech synthesis technology.
firstboot
Safe to disable.
This service is specific to Fedora’s installation process meant to perform certain tasks that should only be executed once upon booting after installation. Even though it verifies it has been run before (using /etc/sysconfig/firstboot), it can be disabled.
functions
Leave it enabled if you have it.
This file contains functions to be used by most or all shell scripts in the /etc/init.d directory.
gdm
Leave it enabled unless you use KDE’s kdm. Don’t enable both.
This is the Gnome display manager. It allows you to boot directly into a GUI which prompts for your username and password and then starts a desktop manager like Gnome or KDE.
hal or haldaemon
Leave it enabled.
It’s a daemon for collecting and maintaining information about hardware.
halt
Leave it enabled.
A set of utilities which allow a system administrator to reboot, halt or poweroff the system.
hdparm
Leave it enabled.
This is a hard disk tunning script. It sets up certain disc parameters (such as DMA) at boot time.
hotkey-setup
Enable it if you need it.
hotkey-setup is used to setup some hotkey mappings for laptops. It’s a trivial init script that uses DMI information to attempt to detect the type of laptop in use. It then uses this information to bind keyboard scancodes to keycodes. The keycodes used are (in general) the same as those used on Microsoft keyboards. Supports most laptop manufacturers.
iptables
Leave it enabled unless you don’t need it.
his is the standard Linux software firewall. This is required if you are directly connected to internet (cable, DSL, T1). It is not required if you use a hardware firewall (D-Link, Netgear, Linksys, etc) but it is highly recommended.
irda
Disable it unless you have an infrared device.
This shell script takes care of starting and stopping IrDA support.
irqbalance
Save to disable unless you need it.
This service is to increase performance across processors on a multiprocessor system. Since most people do not have multiple processors, it should be disabled. However I do not know how it affects multi-core CPU’s or hyperthreaded CPU’s (?). There should be no problems on single CPU systems that do not use this.
kde-guidance
Enable it if you use KDE and need it.
kde-guidance is a collection of KDE system administration tools which currently consists of four programs designed to help you look after your system. Running this at start-up will allow you to swap video cards and always have a system that will run Xorg.
kdm
Enable it if you use KDE and don’t use Gnome’s gdm. Don’t leave both enabled.
kdm is the KDE Display Manager, also known as login manager. It shows a graphical login screen for username and password. After authenticating the user it starts a session.
keyboard-setup
Safe to disable.
This is a tool to set the console keyboard as early as possible so during the file systems checks the administrator can interact.
killprocs
Leave it on.
This is a script executed by init(8) upon entering runlevel 1 (single).
klogd
Leave it on unless you have sysklogd enabled.
klogd is a system daemon which intercepts and logs Linux kernel messages.
kudzu
Disable it and enable it only when you change your computer’s hardware (add or remove devices).
This runs the hardware probe, and optionally configures changed hardware. If you swap hardware or need to detect/re-detect hardware this can be left enabled. However most desktop or servers can disable this and run it only when necessary.
laptop-mode
Disable it unless you have a laptop.
This starts and stops “laptop-mode” - tweaks system behavior to extend battery life.
libpam-foreground
Safe to disable.
A tool used to clean old status files during boot.
linux-restricted-modules
Leave this on unless your system doesn’t use any restricted kernel modules (such as nvidia or madwifi).
Take a look in /lib/linux-restricted-modules/. If it’s empty (unlikely), it’s safe to disable it.
ldap
Disable it unless you need it.
This shell script takes care of starting and stopping ldap servers (slapd and slurpd).
lm-sensors
Safe to disable.
This monitors motherboard sensor values or specific hardware (commonly used with laptops). It is useful for watching realtime values for PC health, etc. It requires configuration before being able to use it.
loopback
Leave it on.
This brings up the loopback (127.0.0.1) network device so that DHCP and other such things will work.
makedev
Leave it on.
Creates device files in /dev.
mdmonitor
Disable it unless you have RAID arrays.
Is useful for monitoring Software RAID or LVM information. It is not a critical service and may be disabled.
module-init-tools
Disable it if you don’t need it. Investigate first.
This is an utility to load the modules listed in /etc/modules. Check that file ($ cat /etc/modules) and if empty, disable this.
mountoverflowtmp
Safe to disable unless you have a very small and full hard drive.
Tool used to mount emergency /tmp if there would otherwise be too little space to log in.
multipathd
Safe to disable.
The multipathd daemon is in charge of checking for failed paths. When this happens, it will reconfigure the multipath map the path belongs to, so that this map regains its maximum performance and redundancy.
mysql or mysqld
Enable it if you need it.
This runs the MySQL database server at system start-up.
netplugd
Disable it.
Netplugd can monitor network interfaces and executes commands when their state changes. This can be left to default disabled.
networking or network
Leave it on.
This will bring up network interfaces and configure them via dhcp during boot time.
NetworkManager and NetworkManagerDispatcher
Enable it if you need it.
Scripts to start NetworkManager at bootup. NetworkManager is an advanced network connection tool. It attempts to make networking invisible to the end user, so that when moving into areas you’ve been before, NetworkManager automatically connects to the last network you chose to connect to.
nfs-common / nfs-kernel-server / netfs / nfs / nfslock
Safe to disable if you don’t need it.
NFS is a popular protocol for file sharing across TCP/IP networks. Unless you require to share data in this manner, disable this.
nvidia-kernel
Leave it on.
This enables the nvidia driver from the restricted kernel modules.
nscd
Disable it unless you need it.
This is a daemon which handles passwd and group lookups for running programs and cache the results for the next query. You should start this daemon if you use slow naming services like NIS, NIS+, LDAP, or hesiod.
ntpd
Enable it if you want your clock to be auto-synced.
This automatically updates the system time from the internet. If you have an active (”always-on”) internet connection it is recommended you enable this, but it is not required.
pand
Disable it unless you need it.
Bluetooth Personal Area Networking Daemon. Provides network services over Bluetooth.
pcmciautils or pcmcia
Disable it unless you need it.
This service provides PCMCIA hardware support for systems running Linux kernel newer than 2.6.13.
pcscd
Disable it unless you need it.
Provides support for Smart Cards and Smart Card Readers. This are small chip like devices that are embedded in certain credit cards, identification cards, etc. Unless you have such a reader, this should be disabled.
portmap
Disable it unless you need it.
This is complementary service to NFS (file sharing) and/or NIS (authentication). Also provides support for those rare apps that use rpc. Unless you use those services you should disable this. Useful for servers.
powernowd
Disable it unless you need it.
This is a tool used to control the speed and voltage of cpus. It’s a simple client to the cpufreq driver and it’s useful mainly for laptops that support CPU speed stepping technology.
ppp or pppd-dns
Disable it unless you have a dial-up connection.
Utility for dial-up connections.
psacct
Disable it.
A Tracker of active processes, a waste of resources really.
readahead or readahead_early or readahead_later
Safe to disable.
Loads into memory programs before they are needed. Leave it enabled if you want applications to start faster.
reboot
Leave it on.
Tool used to execute the reboot command.
racoon
Disable it.
racoon is an IKE (ISAKMP/Oakley) key management daemon.
rdisc
Disable it.
rdisc implements client side of the ICMP router discover protocol. rdisc is invoked at boot time to populate the network routing tables with default routes.
restorecond
Disable it if you don’t run selinux.
restorecond uses inotify to look for creation of new files listed in the /etc/selinux/restorecond.conf file, and restores the correct security context.
rmnologin
Safe to disable.
This tool removes /etc/nologin at boot if it finds it.
rpc*
Disable them unless you need them.
rpcgssd, rpcidmapd, rpcsvcgssd, rpcbind, rpcgssd and so on are only usefull if you require or use NFS v4.
rsyslog
Leave it enabled.
Rsyslog is an enhanced multi-threaded syslogd supporting, among others, MySQL, syslog/tcp, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is a good idea to always run rsyslog.
rsync
Disable it unless you need it.
Its just like rpc with much more features. Provides a very fast method for bringing remote files into sync.
samba or smb
Enable it if you need it.
The SAMBA daemon is required to share files from Linux to Windows. This should be enabled only if you have windows computers that require file access to Linux.
screen
Safe to disable.
This is a script that cleans-up dead screen sessions. For example if you reseted your computer while having a screen session opened.
sendmail
Safe to disable.
Unless you run a server or you like to transfer or support a locally shared IMAP or POP3 service, most people do NOT need a mail transport agent. If you check your mail on the web (hotmail/yahoo/gmail) or you use a mail program such as Thunderbird, Kmail, Evolution, etc. then you should disable this.
sendsigs
Leave it on.
This is a script used to kill all remaining processes.
smartd
Leave it on.
The SMART Disk Monitoring Daemon can be used to monitor and predict disk failure or problems on hard disk that support this. Most desktop users may not need this unless there is possible problems, but is it recommend to be left enabled (especially for servers).
single
Leave it on.
Activates single-user mode.
ssh or sshd
Safe to disable unless you need it.
SSH allows other users to log into or run applications on your computer from another computer on your network or remotely. This is a potential security issue. This is not needed if you have no other computers or no need to login from a remote location (work, school, etc.).
stop-bootlogd and stop-bootlogd-single
Disable it.
Stops the bootlogd daemon. See bootlogd.
stop-readahead
Safe to disable.
This is a script for stopping readahead profiling. See readahead.
sysklogd
Disable it if you have klogd enabled.
This is a script used to start klogd, the system log daemon.
udev / udev-mab / udev-post / udev-finish
Leave it on.
Scripts related to udev. udev provides a dynamic device directory containing only the files for actually present devices. It creates or removes device node files in the /dev directory, or it renames network interfaces.
umountfs
Leave it on.
Turn off swap and unmount all local file systems.
urandom
Leave it on.
This is a system process, don’t mess with it. It provides the kernel random number source devices.
usplash
Safe to disable.
Enable this if you really want to see the nice boot up screen.
vbesave
Leave it on.
This is a video card BIOS configuration tool. Its able to save your video card status.
x11-common or xorg-common
Leave it on unless you’re booting in single user mode (you don’t boot directly into a graphical login manager).
Tool used to set up the X server and ICE socket directories.
yum-updatesd
Disable it.
The YUM Update notifier daemon provides notification of updates which are available to be installed to your computer. If you do NOT have an active (”always-on”) internet connection leave this disabled. Some updates are for security and many are for bug fixes and or newer software versions. Please understand that continuous updating with yum may lead to many problems. Make sure you run yum update regularly, however.
That’s it for now. I might update the list at some point but until then, enjoy this!
splash screen KDE 4.0
Beberapa fitur baru yang disematkan dalam KDE 4.0 adalah Dolphin, sebuah desktop file manager pengganti Konqueror. Namun Konqueror secara default tetap sebagai web browser. Dolphin sebagai file manager baru tangkas melakukan tugas manajemen dan administrasi file. Dolphin terinspirasi oleh file manager mac yaitu, Finder, ditambah dengan Oxygen Theme sehingga tampilannya menjadi sangat cantik.