# service nginx
Usage: nginx {start|stop|restart|condrestart|try-restart|force-reload|upgrade|reload|status|help|configtest}

# service nginx stop
# service nginx start
# service nginx restart
		

[ ] NetworkManager   自動在多種網絡連接中進行轉換，如果你的電腦有Wireless WiFi 和 Ethernet多種網絡連接類型的話，可以選擇開啟。
[ ] acpid            （Advanced Configuration and Power Interface）是為替代傳統的APM電源管理標準而推出的新型電源管理標準。通常筆記型電腦需要啟動電源進行管理。
[*] anacron          自動化運行任務守護進程
[*] atd              自動化運行任務守護進程
[ ] auditd           審核信息，將消息寫入控制台以及 audit_warn 電子郵件別名。用於存放內核生成的系統審查記錄，這些記錄會被一些程序使用。特別是對於SELinux用戶來說。
[ ] autofs           自動掛載/卸載檔案系統服務，可以自動掛載想訪問但還未掛載的檔案系統,自動卸載長期不訪問的檔案系統,自動安裝管理進程automount，與NFS 相關，依賴于NIS
[ ] avahi-daemon     Zeroconf service discovery守護進程，Avahi是zeroconf協議的實現。它可以在沒有DNS服務的區域網路裡發現基于zeroconf協議的設備和服務。它跟mDNS一樣。除非你有兼容的設備或使用 zeroconf 協議的服務，否則就可以關閉。
[ ] avahi-dnsconfd   /etc/avahi/dnsconf.action腳本守護進程
[ ] bluetooth        藍芽
[ ] conman           控制台管理
[ ] cpuspeed         監測系統空閒百分比，降低或加快CPU時鐘速度和電壓
[*] crond            一個傳統的UNIX程序crontab，可以周期地運行用戶調度的任務。
[ ] cups             通用UNIX打印守護進程，（Common UNIX Printing System）公共UNIX打印支持，為Linux提供打印功能。 安裝打印機時需要的服務。
[ ] dnsmasq          Dns cache server守護進程
[ ] dund             藍芽撥號網絡
[ ] firstboot        安裝完之後的用戶配置嚮導，用於第一次設置系統
[ ] gpm              為文本模式下的Linux程序提供滑鼠支持、拷貝、粘貼操作、彈出式菜單
[ ] haldaemon        硬件監控系統
[ ] hidd             藍芽H.I.D.伺服器
[ ] httpd            Apache伺服器
[ ] ip6tables        防火牆守護進程
[*] iptables         防火牆守護進程
[ ] irda             紅外連接埠守護進程
[*] irqbalance       多系統處理器環境下的系統中斷請求進行負載平衡，單CPU無用
[ ] kudzu            硬件自動檢測程序，如不增加新硬件，可以關閉
[ ] lvm2-monitor     LVM2 mirror devices守護進程
[ ] mcstrans         SELinux Context Translation System Daemon
[ ] mdmonitor        RAID相關設備的守護程序
[ ] mdmpd            RAID相關設備的守護程序
[*] messagebus       事件監控服務，在必要時向所有用戶發送廣播信息
[ ] microcode_ctl    可編碼以及發送新微代碼到內核以更新Intel IA32系列處理器守護進程
[ ] multipathd       Manage device-mapper multipath devices
[ ] netconsole       Initializes network console logging
[ ] netfs            安裝和卸載NFS、SAMBA和NCP網絡檔案系統
[ ] netplugd         服務監控網絡界面,根據信號關閉或啟動它,用於手提電腦
[*] network          激活已配置網絡介面的腳本程序
[ ] nfs              網絡檔案系統守護進程
[ ] nfslock          NFS檔案鎖定功能
[ ] nscd             密碼與群查找服務
[ ] ntpd             網絡時間同步
[ ] oddjobd
[ ] pand             藍芽個人區域網絡
[ ] pcscd            智能卡支持
[ ] portmap          用來支持RPC連接，RPC被用於NFS以及NIS 等服務
[ ] psacct           進程審計守護進程
[ ] rawdevices		 rawdevices	to block devices。Oracle資料庫使用
[ ] rdisc            discovers routers守護進程
[ ] readahead_early  開機內存載入優化
[ ] readahead_later  開機內存載入優化
[ ] restorecond      SELinux相關聯
[ ] rpcgssd          manages RPCSEC GSS contexts for the NFSv4 server
[ ] rpcidmapd        rpcidmapd for NFSv4 that maps user names to UID and GID nu
[ ] rpcsvcgssd       rpcsvcgssd manages RPCSEC GSS contexts for the NFSv4 server
[ ] saslauthd        使用SASL的認證守護進程
[*] sendmail         郵件伺服器sendmail守護進程
[*] smartd           監控硬碟故障
[*] sshd             OpenSSH伺服器守護進程
[*] syslog           系統日誌
[ ] winbind          用於Samba伺服器
[ ] wpa_supplicant   無線設備支持
[ ] xfs              X Window字型伺服器守護進程，為本地和遠程X伺服器提供字型集
[ ] ypbind           為NIS客戶機激活ypbind服務進程
[ ] yum-updatesd	 RPM操作系統自動升級和軟件包管理守護進程
		

chkconfig acpid off
			

[root@development ~]# chkconfig --add mysqld 		[在服務清單中添加mysql服務]
[root@development ~]# chkconfig mysqld on			[設置mysql服務開機啟動]
[root@development ~]# chkconfig --list mysqld		[設置mysql啟動級別]
mysqld          0:off   1:off   2:on    3:on    4:on    5:on    6:off
			

chkconfig --level 3 mysqld on
chkconfig --level 3 mysqld off
			

# yum -y install xinetd
		

# yum install -y tftp-server tftp
			

# vim /etc/xinetd.d/tftp
# default: off
# description: The tftp server serves files using the trivial file transfer \
#       protocol.  The tftp protocol is often used to boot diskless \
#       workstations, download configuration files to network-aware printers, \
#       and to start the installation process for some operating systems.
service tftp
{
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args             = -s /tftpboot
        disable                 = yes
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4
}
			

mkdir /tftpboot
/etc/init.d/xinetd restart
			

# yum install -y atftp-server atftp
				

# cat /etc/xinetd.d/tftp
# default: off
# description: The tftp server serves files using the trivial file transfer protocol. The tftp protocol is often used to boot diskless workstations, download configuration files to network-aware printers, and to start the installation process for some operating systems.
service tftp
{
    disable         = no
    socket_type     = dgram
    protocol        = udp
    wait            = yes
    user            = root
    server          = /usr/sbin/in.tftpd
    server_args     = /tftpboot
    per_source      = 11
    cps             = 100 2
    flags           = IPv4
}
				

# vim /etc/xinetd.d/rsync
# default: off
# description: The rsync server is a good addition to an ftp server, as it \
#       allows crc checksumming etc.
service rsync
{
        disable = no
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/bin/rsync
        server_args     = --daemon
        log_on_failure  += USERID
}

			

# cat  /etc/xinetd.d/rsh
# default: on
# description: The rshd server is the server for the rcmd(3) routine and, \
#	consequently, for the rsh(1) program.  The server provides \
#	remote execution facilities with authentication based on \
#	privileged port numbers from trusted hosts.
service shell
{
	socket_type		= stream
	wait			= no
	user			= root
	log_on_success		+= USERID
	log_on_failure 		+= USERID
	server			= /usr/sbin/in.rshd
	disable			= no
}
			

# cat /etc/hosts.allow
#
# hosts.allow	This file describes the names of the hosts which are
#		allowed to use the local INET services, as decided
#		by the '/usr/sbin/tcpd' server.
#
in.rshd : your.example.com 192.168.0.1
			

# cat /etc/hosts.deny
#
# hosts.deny	This file describes the names of the hosts which are
#		*not* allowed to use the local INET services, as decided
#		by the '/usr/sbin/tcpd' server.
#
# The portmap line is redundant, but it is left to remind you that
# the new secure portmap uses hosts.deny and hosts.allow.  In particular
# you should know that NFS uses portmap!
all : all
			

# cat ~/.rhosts
your.example.com user
192.168.0.1	user
			

# rpcinfo -p 192.168.187.75
   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp    697  status
    100024    1   tcp    700  status
    100011    1   udp    864  rquotad
    100011    2   udp    864  rquotad
    100011    1   tcp    867  rquotad
    100011    2   tcp    867  rquotad
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100003    4   udp   2049  nfs
    100003    2   tcp   2049  nfs
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100021    1   udp  32778  nlockmgr
    100021    3   udp  32778  nlockmgr
    100021    4   udp  32778  nlockmgr
    100021    1   tcp  35837  nlockmgr
    100021    3   tcp  35837  nlockmgr
    100021    4   tcp  35837  nlockmgr
    100005    1   udp    880  mountd
    100005    1   tcp    883  mountd
    100005    2   udp    880  mountd
    100005    2   tcp    883  mountd
    100005    3   udp    880  mountd
    100005    3   tcp    883  mountd
		

禁用SElinux編輯/etc/selinux/config，修改如下內容：

SELINUX=disabled
		

使用命令

getenforce
setenforce 0
		

lokkit --selinux=disabled