生成删除脚本:把所有在LEVEL 3启动的服务过滤出来,并生成chkconfig service off 这样的命令
#chkconfig --list | grep 3:on | awk '{print "chkconfig "$1" off"}'
chkconfig kudzu offchkconfig syslog off
chkconfig netfs offchkconfig network off
chkconfig random off
chkconfig rawdevices off
chkconfig pcmcia off
chkconfig keytable off
chkconfig apmd off
chkconfig atd off
chkconfig gpm off
chkconfig autofs off
chkconfig iptables off
chkconfig isdn off
chkconfig sshd off
chkconfig portmap off
chkconfig nfslock off
chkconfig sendmail off
chkconfig rhnsd off
chkconfig crond off
chkconfig anacron off
chkconfig xfs off
chkconfig xinetd off
chkconfig kudzu off
chkconfig syslog off
chkconfig netfs off
chkconfig rawdevices off
chkconfig pcmcia off
chkconfig keytable off
chkconfig apmd off
chkconfig gpm off
chkconfig autofs off
chkconfig iptables off
chkconfig isdn off
chkconfig portmap off
chkconfig nfslock off
chkconfig sendmail off
chkconfig rhnsd off
chkconfig xfs off
chkconfig xinetd off
2台机器上都安装的服务:SSH FTP DHCP服务
SSH
基本的登陆服务,对于内部分开发来说一般用缺省的就可以了,但是建议将/etc/ssh/sshd_config中的:
PermitRootLogin yes改成PermitRootLogin no
FTP
建议用proftpd代替原有的ftp服务:http://www.proftpd.org/ 当然如果是vsftpd就不用换了
安装:tar zxf proftpd-version.tar.gz; cd proftpd-version/; ./configure; make; make install
缺省配置/usr/local/etc/proftpd.conf
ServerName "ProFTPD"
ServerType standalone
DefaultServer onAllowOverwrite on
Port 21
Umask 022
UseReverseDNS off
MaxInstances 30
User apache
Group apache
[global]
#别人会通过"网上邻居"看到WORKGROUP组里名为的Linux机器,注释是:My Samba Server
workgroup = WORKGROUP
netbios name = Linux server
string = My Samba Server
#日志设置
log file = /var/log/samba/%m.log
max log size = 50
#安全设置 security = share
#用SAMBA的WINS服务支持,并且用/etc/hosts做内部域名解析
wins support = yes
name resolve order = hosts lmhosts wins bcast
dns proxy = yes
[public]
#一个共享设置
comment = Public Stuff
path = /home/share
public = yes
guest ok = yes
read only = yes
writable = no
printable = no
[docs]
#一个需要密码验证的设置,密码通过#smbpasswd -a user password增加
comment = Public Stuff
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
path = /home/docs
public = yes
guest ok = no
read only = yes
writable = no