#950 Cleanup of the default enabled services list
Closed None Opened 11 years ago by lennart.

The list on

https://fedoraproject.org/wiki/Starting_services_by_default

currently includes a number of really questionnable entries. I'd like to ask for their removal (so that I can also remove them from the preset list). More specifically:

  • autofs
  • coda-client
  • iscsi-initiator-utils
  • isdn4k-utils
  • nfs-utils
  • ocfs2-tools
  • rp-pppoe
  • xinetd

These all don't do much without configuration of a map, a mount, a network interface resp. devices/file systems to export or import and hence make no sense to be automatically enabled before configuration by the admin. If the admin has to configure something before it is useful we should not enable it by default. Especially since all of these are actually network facing in one way or another.

  • dbus

This one is nowadays statically enabled (i.e. via packaged symlinks in /usr rather than managed symlinks in /etc), hence can be dropped from the list.


Moreover, we probably should add a couple of new items to the exception list:

  • chrony
  • bluetooth
  • cups
  • syslog-ng
  • iptables/ip6tables
  • libvirtd

These all use some network address family of one kind or another but should probably be enabled by default after package installation -- if they are installed at all.

Not sure about bluetooth, at least in KDE can be switched on in panel. Not sure how much is it this service used.

syslog-ng would also need additional setting, because it's not the default logging service.

iptables are not the default anymore, so I wouldn't add them.

Replying to [comment:2 mmaslano]:

Not sure about bluetooth, at least in KDE can be switched on in panel. Not sure how much is it this service used.

I am pretty sure KDE will just talks to the bluetooth daemon there and asks it to turn the antenna on or off, and that won't work if the service is not enabled. Bluetooth should just work and hence when installed it should be enabled I think. (Note that it actually always has been enabled by default so far, but never was on this list. Since AF_BLUETOOTH is a network address family I think it should be listed on this list if we continue to enable it by default, and I think we should.)

syslog-ng would also need additional setting, because it's not the default logging service.

That is true for sysklogd as well. We could say: enable all three by default so that package installation is the admins way to choose one. Or we could say (as you suggest): enable only rsyslog, since that is the Fedora default. I could live with either, however I think either all three should be off, or only rsyslog on, but not have this special rule for sysklogd that we haven't for syslog-ng.

iptables are not the default anymore, so I wouldn't add them.

Hmm, given that firewalld pulls in iptables it probably makes sense to leave iptables off, and only include firewalld in the enables list.

The current preset list looks like this BTW:

http://pkgs.fedoraproject.org/cgit/systemd.git/tree/90-default.preset?h=f18

The network related services on this list are currently not in sync with the wiki text. I'd appreciate if FESCO could review this list, so that we can fix what is necessary.

And while we are at it, I'd appreciate a FESCO comment regarding:

https://bugzilla.redhat.com/show_bug.cgi?id=850814

Replying to [ticket:950 lennart]:

The list on

https://fedoraproject.org/wiki/Starting_services_by_default

currently includes a number of really questionnable entries. I'd like to ask for their removal (so that I can also remove them from the preset list).
While I prefer running as little as possible by default, I don't it makes any sense to do a blanket "cleanup" like that.

  1. All of these were added for some reason. This needs to be ''individually'' discussed with the respective package maintainers, or at the very least traced back to the original reason for adding them.
  2. At least some of these packages currently don't use presets, so removing them from this list without, again, changing the packages themselves, would just lead to an inconsistency.

<snip>

These all don't do much without configuration of a map, a mount, a network interface resp. devices/file systems to export or import and hence make no sense to be automatically enabled before configuration by the admin.

AFAIK iSCSI can be set up in anaconda. We really need to find the original reasons for every package.

  • dbus

This one is nowadays statically enabled (i.e. via packaged symlinks in /usr rather than managed symlinks in /etc), hence can be dropped from the list.

No, the wiki page it is a list if of services that can be enabled by default, not a list of services that can be added to the presets file. Or to put it another way, making something "statically enabled" is not a way to bypass the wiki page requirements.

Replying to [comment:3 lennart]:

syslog-ng would also need additional setting, because it's not the default logging service.

That is true for sysklogd as well. We could say: enable all three by default so that package installation is the admins way to choose one. Or we could say (as you suggest): enable only rsyslog, since that is the Fedora default. I could live with either, however I think either all three should be off, or only rsyslog on, but not have this special rule for sysklogd that we haven't for syslog-ng.

I'm pretty sure sysklogd is a historical oversight here. I was actually rather surprised that we still package it.

Package installation is ''not'' the way to choose which daemon to run; that's just not how it works (if it were like that, all daemons would be enabled by default).

Replying to [comment:4 lennart]:

The current preset list looks like this BTW:

http://pkgs.fedoraproject.org/cgit/systemd.git/tree/90-default.preset?h=f18

The network related services on this list are currently not in sync with the wiki text. I'd appreciate if FESCO could review this list, so that we can fix what is necessary.

I'm ''really'' uncomfortable about dealing with a group of network-facing packages like that. We used to leave this to the judgment of individual packagers; if we want to control this from outside the package, the package owner ''still'' needs to be involved to discuss the details.

For example, libvirtd can listen on a network, but ''doesn't'' by default. Therefore, the default configuration of libvirt falls under the general permission and doesn't need to be on the wiki page list, but it can still be enabled. Adding it to the wiki page list would make it allowed for libvirtd to listen on the network by default, which I don't think we want to do.

And while we are at it, I'd appreciate a FESCO comment regarding:

https://bugzilla.redhat.com/show_bug.cgi?id=850814

I agree with Tomas here - this is not useful without configuration. (But note that it is not really network-facing in the sense that the wiki page cares about.)

I guess we should solve it before F-18 is released.

FESCo:

agreed those who have strong opinions will prepare list of services. The next discussion will be at 17 oct meeting

We will vote about services, which should stay, which should go.

FESCo agreed on today's meeting to revisit this after specific proposals are ready.

In the mean time, a call out for package maintainers will be sent to fedora-devel to get them involved.

Should this ticket be closed and a new ticket opened when a specific proposal has been made?

Closing as there's been no response to my query on whether to close the ticket.

Login to comment on this ticket.

Metadata