Oct 242012
The best practice for maintaining a Linux server is to run the smallest optimal set of software. That is, there should be nothing running that isn’t being used, and ideally nothing should be installed that isn’t necessary. But the default installation will give you more than you need. The fat needs to be trimmed.
Hea...hedge-trimming, Old Bolingbroke - - 1565200

There are several good reasons for doing this:

  • Minimize resource utilization – disk space, network bandwidth, CPU time and RAM are all finite; there is no reason to waste these quantities on processes which don’t have a purpose.
  • Greater security – the fewer open ports and running processes, the few vulnerabilities there are likely to be on the system.
  • Easier maintenance – with less software there are fewer dependencies to worry about, less to upgrade, and patching is less problematic.
  • Elegant simplicity – management of a host is easier and cleaner if every component has its utility and nothing is extraneous.

A server freshly built from a Linux DVD – whatever distribution it is – will be automatically installed with a set of software suitable to its function. During the installation process, one selects “Basic Server” or “Desktop”, and a predetermined selection of software packages are selected accordingly. The thing to remember is that this selection is for a general case, and is rarely exactly applicable for any one host in particular. For example, if one were to select the “Web server” option for some distributions, one might by default get both Apache HTTPD and NGINX, although only one of these would probably be used at a time. It would be necessary to uninstall the extra package.
Continue reading »

Matt Parsons is a freelance Linux specialist who has designed, built and supported Unix and Linux systems in the finance, telecommunications and media industries.

He lives and works in London.