Skip to content

So I removed some more software from my host

Today I was idly performing some maintainence upon one of my hosts, and it crossed my mind to look beneath /etc in there I found:

/etc/python
/etc/python2.4
/etc/python2.5
/etc/python2.6

That made me look more closely at the contents of /etc - the following command output was surprising:

steve@steve:~$ ls /etc | wc -l
187

Is that average? Heavy? Light? I have no idea, but I purged a hell of a lot of software today. Now I have only python v2.6 although for some reason I still have:

python
python-apt
python-apt-common
python-central
python-minimal
python-support
python2.6
python2.6-minimal

I suspect I could drop the pything2.6-minimal package, but for the moment I'm done. I have to make pretty people look exceptional with my magical camera.

Anyway as part of this cleanup I ran a quick sanity-check on which processes are running and I think, short of kernel processes, I'm as minimal as I can be. I understand the purpose and reason for every running service:

UID        PID  CMD
root         1  init [2]
pdnsd    14091  /usr/sbin/pdnsd --daemon -p /var/run/pdnsd.pid
root     14199  /usr/sbin/monit -c /etc/monit/monitrc -s /var/lib/monit/monit.state
root     14206  /usr/sbin/syslog-ng -p /var/run/syslog-ng.pid
root     14234  /usr/sbin/cron
102      14595  /usr/sbin/exim4 -bd -q30m
redis    14627  /usr/bin/redis-server /etc/redis/redis.conf
root     14637  /usr/sbin/sshd

These are basic services; I use monit to ensure those essential daemons keep running. The only oddity there is probably the local DNS cache, but it is useful if you run any kind of DNS blacklist-using service, for example.

root     14794  /sbin/getty -L ttyS0 9600 vt100

I need a serial console login for emergencies.

root     14796  runsv node-reverse-proxy
root     14797  /bin/sh ./run
root     14799  /opt/node/bin/node node-reverse-proxy.js --config ./rewrites.js

These three processes combine to run my reverse proxy which routes incoming HTTP requests to a number of local thttpd instances.

qpsmtpd  27309    /usr/bin/perl -Tw /usr/bin/qpsmtpd-prefork --port 25 --user qpsmtpd --pid-file /var/run/qpsmtpd/qpsmtpd.pid --detach
..

The perl SMTP daemon which runs my incoming mail, passing it to exim4 which listens upon 127.0.0.1:2525. You can read about my setup in the out-of-date writeup Chris & I put together.

 /usr/bin/memcached -m 64 -p 11211 -u root -l 127.0.0.1

Memory cache for transient items.

s-blog    thttpd -C /etc/thttpd/sites.enabled/blog.steve.org.uk
1030      thttpd -C /etc/thttpd/sites.enabled/edinburgh-portraits.com
s-hg      thttpd -C /etc/thttpd/sites.enabled/hg.steve.org.uk
s-ipv4    thttpd -C /etc/thttpd/sites.enabled/ipv4.steve.org.uk
s-ipv6    thttpd -C /etc/thttpd/sites.enabled/ipv6.steve.org.uk
s-kvm     thttpd -C /etc/thttpd/sites.enabled/kvm-hosting.org
...

One thttpd instance is launched for each distinct HTTP site my server runs. Each site runs under its own UID, with its own chrooted directory tree. This is important for security.

Each local instance listens upon 127.0.0.1 - and the reverse proxy previously mentioned rewrites connections to the appropriate one.

1016     28812     /usr/bin/perl -I./lib/ -I./ /usr/local/bin/blogspam

My anti-spam filter for blog comments.

Here is my christmas challenge. Can you identify each service upon your host? Do you know why you're running what you're running?

Me? I had no idea I had a dbus deamon running. Now I've purged it. Ha!

ObQuote - "I owe everything to George Bailey. Help him, dear Father." - It's a wonderful life.

Comments On This Entry

  1. [gravitar] Bob Proulx

    Are you familiar with 'deborphan' and 'orphaner'? I find them useful tools for machine cleaning efforts. I also set
    Recommends-Important="false" to avoid gratuitous recommends being pulled in too.

  2. [author] Steve Kemp

    I'm familiar with deborphan, but in this case it doesn't help - because deborphan largely removes libraries and not daemons such as dbus.

    It is interesting to see the difference here though:

    steve@steve:~$ deborphan 
    steve@steve:~$ deborphan  --guess-all | wc -l
    52
    

    When invoked with --guess-all it lists such things as libcgi-application-plugins-perl - which I know I need, but that isn't obvious because my web applications are home-grown and installed via fabric rather than Debian packages.

  3. [gravitar] mirabilos

    I found dselect a nice tool for this.

    For example, you would see that:

    • [S]elect, hit space, o, o, I
    • move to python2.6-minimal
    • hit _ to schedule it for purging
    ⇒ oops… (hit space)
    • press R to reject the change (but keep all others you did!)

    This is interactive dependency resolution at its best.
    You just mark some for purging, and every time you hit
    something you now realise you’d better keep, just press
    R and Enter. If you’d like to remove it but define some
    different alternatives, e.g. when purging exim4 you need
    an MTA and don’t like the default choice, press D, move
    to sendmail-bin, press + and Enter.

    This is especially useful to clean old lib*-perl clutter
    and the likes.

  4. [gravitar] Guillaume

    What about something like this?

    aptitude markauto '~i!~M!~nbuild-essential(~E|~prequired|~sdevel|~sinterpreters|~slibdevel|~slibs|~soldlibs|~sperl|~spython|~sshells)'

  5. [gravitar] cstamas

    For node-reverse-proxy it seems you are missing an exec statement in its run file.

  6. [author] Steve Kemp

    cstamas - Good catch! You were right.

    For everybody else, thanks for the tips. I tend to be more manual and just look at package names beneath /usr/share/doc and remove things I "know" I don't need.