NO19 Optimizing Linux System--important boot-up service--turn off self-starter

* * How to optimize Linux systems:

1 without root, add a normal user, with sudo authorization management.
2 Change the default remote connection SSH service port and prevent the root user from connecting remotely.
3 Timing automatically updates server time.
4 Configure the Yum update source to download the RPM package from the domestic update source.
5 Turn off SELinux and iptables (iptables work scenario if a WAN IP is typically turned on, except for high concurrency).
6 The number of file descriptors is adjusted, and the file descriptor is consumed by both the process and the file opening.
7 Automatically clean up/var/spool/clinentmquene/directory garbage files regularly, prevent inodes nodes from being stained. (c6.4n is not sendmail by default, so it is not possible).
8 Streamlined boot-up service (Crond,sshd,network,rsyslog).
9 Linux kernel parameter optimization/etc/sysctl.conf. The execution sysctl-p takes effect.
10 change character Set, support Chinese (prevent garbled best or English character set).
11 Lock critical system files:
Chattr +i/etc/passwd/etc/shadow/etc/group/etc/group/etc/gshadow/etc/inittab
After processing the above content, chattr,lsattr renamed Oldboy, so it is much safer.
12 Clear the/etc/issue, remove the system and the kernel version of the screen before the login display.
13 clears the unused default system account or group. (not required).

I. Important start-up service:
1, sshd: Remote connection to the Linux server needs to use this service program, so must be turned on, or the Linux server will not be able to provide remote connection services.

2, Rsyslog: Log-related file software, which is a mechanism provided by the operating system, the system's daemons usually use the Rsyslog program to write various information to the various system log files, C6 formerly the name of the service is: Syslog. 、

3, Network: When the system starts, if you want to activate/deactivate the interface, it will be opened.

4, Crond: The service is used to periodically perform the system and user configuration of the task plan, there are tasks to be performed periodically, it is necessary to open, this service almost when the production scene must use a software.

5, Sysstat: This is a software package, including a set of tools to monitor the performance and efficiency of the system, these tools for our mobile phone system performance data is very helpful, such as CPU usage, hard disk and network throughput data, the collection and analysis of these data, to determine whether the system is functioning properly, All it is to improve the efficiency of the system operation, safe running the server's right-hand.
The main tools for Sysstat package integration are:
1, Iostat: The tool provides the CPU utilization and the hard disk throughput efficiency data.
2. Mpstat: The tool provides data related to single or multiple processors.
3. SAR: The tool is responsible for collecting, reporting and storing the system active information.

To turn off the self-starter:
Ideas:
1, shut down, because the service we need is turned on by default:
Step parsing:
[Email protected] ~]# chkconfig--list|grep 3:on

(Select Level 3 to automatically start the project as an experimental target)
[Email protected] ~]# chkconfig--list|grep 3:on|egrep "Crond|sshd|network|rsyslog|sysstat"

(Filter out the items you want to keep)
[Email protected] ~]# chkconfig--list|grep 3:on|egrep-v "Crond|sshd|network|rsyslog|sysstat"

(Filter out goals other than to keep the project)
[[email protected] ~]# chkconfig--list|grep 3:on|egrep-v "Crond|sshd|network|rsyslog|sysstat" |awk ' {print $} '

( Print the previous step of the target, which can actually omit the direct next step)

[Email protected] ~]# chkconfig--list|grep 3:on|egrep-v "Crond|sshd|network|rsyslog|sysstat" |awk ' {print ' Chkconfiig ", $," Off "} '

(write commands to the operation)
This is just the right step:
[[email protected] ~]# chkconfig--list|grep 3:on| egrep-v  "Crond|sshd|network|rsyslog|sysstat" |awk ' {print "Chkconfiig", $, "Off"} ' |bash 
(to the system script bash, execute the Written action command)
**linux command line is a bash session, and all of the Linux commands we normally knock on are performed by bash parsing.
[[email protected] ~]# chkconfig--list|grep 3:on  (check effect)

2, all services are closed, and then open the services we need.
[Email protected] ~]# chkconfig--list|grep 3:on|awk ' {print "Chkconfig", $, "Off"} ' |bash
[[email protected] ~]# chkconfig--list|egrep "Crond|sshd|network|rsyslog|sysstat" |awk ' {print "Chkconfiig", $ 1, "On"} ' |bash

NO19 Optimizing Linux System--important boot-up service--turn off self-starter