vps系统CentOS与Debian的精简
原链接:http://blog.pcwuyu.com/2014/458.html
原分类:网站建设, 计算机
Debian系统
第一步、升级Debian系统
apt-get update&&apt-get upgrade
需要说明的是,在操作这些步骤最好是在我们刚重装系统,而不是在已经运行网站中优化机器,以免出现机器问题。
第二步、移除多余的软件
apt-get -y purge apache2-* bind9-* xinetd samba-* nscd-* portmap sendmail-* sasl2-bin
到底这些软件有什么用途呢?
apache2-* //apache服务器,一般我们自己会用一键安装包安装
bind9-* //我们不需要用VPS搭建DNS,所以去掉
xinetd //xinetd是服务守护进程
samba-* //samba能让linux使用windows共享功能,不需要
nscd-* //DNS缓存软件,同bind9,不需要
portmap //端口转发,一般Web服务器不需要
sendmail-* //发送邮件用,如果有需要保留
sasl2-bin //一个权限程序,占用资源,删除
第三步、删除多余组件
apt-get -y purge lynx memtester unixodbc python-* odbcinst-* sudo tcpdump ttf-*
第四、清理缓存文件
apt-get autoremove && apt-get clean
CentOS系统
第一步、删除不必要的自带软件包
yum remove Deployment_Guide-en-US finger cups-libs cups ypbindyum remove bluez-libs desktop-file-utils ppp rp-pppoe wireless-tools irda-utilsyum remove sendmail* samba* talk-server finger-server bind* xinetdyum remove nfs-utils nfs-utils-lib rdate fetchmail eject ksh mkbootdisk mtoolsyum remove syslinux tcsh startup-notification talk apmd rmt dump setserial portmap yp-toolsyum groupremove "Mail Server" "Games and Entertainment" "X Window System" "X Software Development"yum groupremove "Development Libraries" "Dialup Networking Support"yum groupremove "Games and Entertainment" "Sound and Video" "Graphics" "Editors"yum groupremove "Text-based Internet" "GNOME Desktop Environment" "GNOME Software Development"
第二步、升级centos系统
yum update 更新系统yum clean all 清理全部缓存文件
第三步、禁用seLinux
sestatus 先执行看seLinux状态,如果不是disabled,就需要执行下面步骤,否则不要执行vi /etc/selinux/configSELINUX=disabled 禁用SeLinuxSELINUX=enforcing 使用SeLinux
第四步、禁止IPV6(执行后需要reboot重启)
vi /etc/modprobe.conf 打开文件,把下面两行加到最后alias net-pf-10 offalias ipv6 off
第五步、初始化防火墙
touch /etc/sysconfig/iptablesiptables -Fiptables -Xiptables -Zservice iptables saveservice iptables restart
第六步、禁止无用服务
! /bin/bash
service acpid off
service atd stop
service auditd stop
service avahi-daemon stop
service avahi-dnsconfd stop
service bluetooth stop
service conman stop
service cpuspeed stop
service cups stop
service dnsmasq stop
service dund stop
service firstboot stop
service hidd stop
service httpd stop
service ibmasm stop
service ip6tables stop
service irda stop
service kdump stop
service lm_sensors stop
service mcstrans stop
service messagebus stop
service microcode_ctl stop
service netconsole stop
service netfs stop
service netplugd stop
service nfs stop
service nfslock stop
service nscd stop
service ntpd stop
service oddjobd stop
service pand stop
service pcscd stop
service portmap stop
service psacct stop
service rdisc stop
service restorecond stop
service rpcgssd stop
service rpcidmapd stop
service rpcsvcgssd stop
service saslauthd stop
service sendmail stop
service setroubleshoot stop
service smb stop
service vncserver stop
service winbind stop
service wpa_supplicant stop
service xfs stop
service ypbind stop
service yum-updatesd stop
chkconfig acpid off
chkconfig atd off
chkconfig auditd off
chkconfig avahi-daemon off
chkconfig avahi-dnsconfd off
chkconfig bluetooth off
chkconfig conman off
chkconfig cpuspeed off
chkconfig cups off
chkconfig dnsmasq off
chkconfig dund off
chkconfig firstboot off
chkconfig hidd off
chkconfig httpd off
chkconfig ibmasm off
chkconfig ip6tables off
chkconfig irda off
chkconfig kdump off
chkconfig lm_sensors off
chkconfig mcstrans off
chkconfig messagebus off
chkconfig microcode_ctl off
chkconfig netconsole off
chkconfig netfs off
chkconfig netplugd off
chkconfig nfs off
chkconfig nfslock off
chkconfig nscd off
chkconfig ntpd off
chkconfig oddjobd off
chkconfig pand off
chkconfig pcscd off
chkconfig portmap off
chkconfig psacct off
chkconfig rdisc off
chkconfig restorecond off
chkconfig rpcgssd off
chkconfig rpcidmapd off
chkconfig rpcsvcgssd off
chkconfig saslauthd off
chkconfig sendmail off
chkconfig setroubleshoot off
chkconfig smb off
chkconfig vncserver off
chkconfig winbind off
chkconfig wpa_supplicant off
chkconfig xfs off
chkconfig ypbind off
chkconfig yum-updatesd off
此页面于 2014.03.17 构建。
转载于http://www.laozuo.org/
本作品采用 知识共享署名-相同方式共享 4.0 国际许可协议 进行许可。
