Article title: customize your own Linux application environment (1 ). Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Author: Cao Jianghua
Open-source Linux provides users with such a platform: you can customize your own Linux application environment based on your own software and hardware environment. Therefore, you can customize the application environment based on different application scopes of each user to improve the performance of the Linux system to a new level.
Customized system service
During Linux startup, many system services need to be started. they provide Linux system function interfaces to local and network users and are directly oriented to applications and users. However, enabling unnecessary or vulnerable services will affect the operating system security and performance. For System Security, any vulnerability in the operating system can cause the entire system to be attacked. Therefore, the best way to increase system security is to monitor system functions as much as possible. The number of services and functions to be selected depends on the work requirements and capabilities.
Run the following command as root:
# Ntsysv
Remove unnecessary services and processes *
Open the window shown in 1, where you can enable/disable each system service (taking Red Flag 3.0 as an example ). Remove unnecessary services and processes * (use the space bar key) and restart the system so that unnecessary services and processes are no longer started. This method can be used to customize system services as needed at any time, which not only guarantees security, but also improves the system performance. To ensure the normal operation of Linux, some system services must be started, such as crond, syslog, keytable, nfs, and kudzu.
To efficiently and securely customize system services, the following describes the functions of various system services.
Alsasound Alsa audio card driver support. The Alsa sound card driver was originally written for a sound card Gravis UltraSound (GUS). it is compatible with OSS/Free and OSS/Linux.
Apmd is used to monitor the power usage status of the system and write related information through syslogd. It can also be used to shut down when the power supply is insufficient. It is generally used for laptops. if it is a desktop, it is recommended to disable it.
The tasks scheduled by the At command by atd run batch processing tasks when the system load is low.
The file system is automatically reprinted when autofs is required. it is automatically uninstalled when it is not needed.
The abbreviation of character generated by chargen Port chargen, which outputs a rotation sequence of printable characters for testing character terminal devices.
The abbreviation of chargen character generated by the port in chargen udp format. it outputs a rotation sequence of printable characters and is used to test character terminal devices.
Crond periodically runs scheduled tasks according to user requirements. It is safe and easy to configure, similar to scheduled tasks in Windows.
Dhcpd provides access support for the Dynamic Host Control Protocol.
Echo Port echo simply responds to all the data sent to the test connection.
In the echo udp format, Port echo simply responds to all the data sent to the test connection.
Gpm provides mouse support for Linux programs in text mode, such as MC (Midnight Commander. It also supports the copy and paste operations and pop-up menus on the console.
Inetd Internet operation service program. Monitors Network Management service requirements and starts corresponding service programs when necessary. Generally, programs managed by inetd include telnet, ftp, rsh, and rlogin. When inetd is disabled, the services managed by it are disabled.
Http is a famous WWW server that provides HTML files and CGI dynamic content services.
The isdn daemon.
Keytable the function of this program is to reprint the keyboard ing table described in/etc/sysconfig/keyboards. This table can be selected using the kbdconfig tool and the program should be activated.
Kudzu is a hardware detection program, which is similar to adding new hardware to Windows. If the system core supports the hardware and the driver is available, it can be automatically loaded.
Linuxconf is the next effective system configuration tool in Linux, which allows remote operation.
Linuxconf web uses linuxconf in Web mode.
The lpd system prints the daemon and submits lpr and other programs to the print job.
Medusa supports Web browsers.
Mysql is a fast, efficient, and reliable small SQL database engine.
Ntalk allows users to connect their computers to other computers and then transmit information forward or backward.
Netfs is responsible for loading/detaching NFS, Samba, and NCP (Netware) file systems.
Enable/disable network interfaces at startup.
Nfs is a popular TCP/IP network-based file sharing protocol. This service provides the NFS file sharing service. the specific configuration is in the/etc/exports file.
Nscd this service queries passwords and groups and caches query results. If the system has slow services (such as NIS and NIS +), start the service.
Pxe is a service program started in a remote diskless Linux system.
Pcmcia is mainly used to support laptops.
Rexec is a secure and distributed remote execution system for parallel and continuous operation of cluster computers.
Random stores and restores the system's high-quality random number generator. These random numbers are provided by some random behaviors of the system.
Routed the daemon supports the automatic IP route table maintenance of the RIP protocol. RIP is mainly used on small networks. a larger network requires a more complex protocol.
The Ftp Server superimposed by rsync allows loop checks.
Rsh starts a shell on the remote host and executes user commands.
Rwhod allows remote users to obtain a list of all logged-on users on the machines running the rwho daemon, similar to finger.
A tool kit of swat Samba that uses port 901.
Sendmail mail server.
Smb starts and closes the smbd and nmbd daemon to provide SMB network services.
The snmpd Simple Network Management Protocol (SNMP) daemon.
Syslog is a mechanism provided by the operating system. The daemon usually uses this mechanism to write various information to various system log files. Generally, the service should be started.
Font server of xfs X-Window system.
Xinetd is an inherited service of inetd. it monitors network requirements for various managed services and starts corresponding service programs when necessary.
Among the above system services, the security risks are rsh, rwhod, rexec, snmp, named, and sendmail. For system services that are required, try to use the latest version of the program and add other security measures.
In addition, many Linux products start the X-Window manager by default after system initialization. If you only compile the program or edit the configuration file, starting the X-Window manager will consume a lot of system resources. To disable the X-Window manager, edit the/etc/inittab file, find the line whose content is id: 5: initdefault, and change it to id: 3: initdefault, after the system restarts, the command line logon is provided. To run the X-Window manager, you only need to input startx.
Optimize based on hardware
1. CPU
CPU is the core hardware of a Linux host. it is optimized during compilation based on the CPU model for optimal performance. The/etc/profile file contains the system environment and startup program configuration information. when you use-O9 to compile the program, it runs at the fastest speed. Use the-fomit-frame-poinetr option during compilation. when the program is running, the Accessed variable uses the stack. When-mcpu = cpu-type and-march = cpu-type are used, gcc will optimize the CPU model.
If the CPU is Pentium Pro, Pentium II, Pentium III, AMD K6-2, K6-3, Althon, then add in "/etc/profile:
Hard disks using UDMA/33, 66, 100, and 133 have the highest transmission rates of 33 MB/s, 66 MB/s, 100 MB/s, and 100 MB/s. Theoretically speaking, it is an IDE hard drive (here it refers to the PIO MODE4 mode, and its transmission rate is 16.6 MB/s) 3 ~ of the transmission rate ~ 6 times, but in Linux default settings, DMA is disabled, so it must be enabled. We can use the/sbin/hdparm program to open it. Some common hdparm options are as follows:
/Sbin/hdparm-c1/dev/hda or hdb or hdc enable 32-bit I/O mode data transmission on the PCI bus.
/Sbin/hdparm-d1/dev/hda enable DMA mode for data transmission.
/Sbin/hdparm-d1-X66/dev/hda enable the UltraDMA mode for data transmission.
To obtain the list of settings for the current hard drive in the system (as root), enter:
$/Sbin/hdparm/dev/hda
Then enter the command:
$/Sbin/hdparm-kl/dev/hda
Keep the above settings after Reset. After optimizing everything to the optimal state, add various commands to the/etc/rc. d/rc. local file so that these commands will run automatically during each system boot.
3. memory
Use free in Linux to observe memory usage. If you find that Linux can only use a portion of the memory, you can add append = "mem = XXX" to/etc/lilo. conf, where XXX is the physical memory capacity. This tells Linux to use all the memory.
If you have high computing speed requirements, you can increase the memory and use the ramdisk technology. A RamDisk assumes the memory as A hard drive and stores files on it. Assume that several files are frequently used. if you add them to the memory, the program running speed will be greatly improved because the memory read/write speed is much higher than that of the hard disk. Specify part of the memory to improve the overall performance, no less than replacing the new CPU. Computers like Web servers need to read and exchange a large number of specific files. Therefore, the creation of RamDisk on the Web server will greatly increase the network read speed.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
