麒麟系统禁用不必要的服务
- 说明
关闭当前不需要的服务,以防止黑客通过相关服务的漏洞入侵主机。 - 检查方法
1)在终端中输入命令:
[test@localhost ~]$ sudo systemctl list-until-files --type=service --state=enabled
2)根据显示结果检查是否存在多余的服务项 - 修改建议
1)正常纯净系统下,以下为默认自启动的服务:
accounts-daemon.service
anacron.service
apparmor.service
atd.service
auditd.service
autovt@.service
avahi-daemon.service
biometric-authentication.service
blk-availability.service
bluetooth.service
console-setup.service
cron.service
cups.service
dbus-fi.w1.wpa_supplicant1.service
dbus-org.bluez.service
dbus-org.freedesktop.Avahi.service
dbus-org.freedesktop.nm-dispatcher.service
dbus-org.freedesktop.resolve1.service
dbus-org.freedesktop.timesync1.service
dmesg.service
dnsmasq.service
e2scrub_reap.service
finalrd.service
getty@.service
grub-initrd-fallback.service
ipsec.service
keyboard-setup.service
lm-sensors.service
lvm2-monitor.service
network-manager.service
networking.service
NetworkManager-dispatcher.service
NetworkManager-wait-online.service
NetworkManager.service
nmbd.service
open-vm-tools.service
pppd-dns.service
rsync.service
rsyslog.service
selinux.service
setvtrgb.service
smbd.service
ssh.service
sshd.service
strongswan-starter.service
syslog.service
systemd-pstore.service
systemd-resolved.service
systemd-timesyncd.service
touchegg.service
udisks2.service
ufw.service
vgauth.service
vmtoolsd.service
wpa_supplicant.service
xrdp-sesman.service
xrdp.service
2)如存在其他多余启动项则可使用命令进行关闭:
[test@localhost ~]$ sudo systemctl disable --now 服务项