Linux in Government: Optimizing Desktop Performance, Part III

Continuing to transform your Linux system into a fast desktop by removing unused utilities.
Tools of the Trade

If you use Fedora Core 3, you can find the system-config-services tool on you applications menu by selecting applications -> System Settings --> Server Settings --> Services. When you select that option, you then see a prompt asking for you administrator's password. Enter that and you next see a window similar to the one shown in Figure 2.

Figure 2. system-config-services Screen

On the left side of Figure 2 you can see a list of services currently running in runlevel 5, your default run level.

From time to time, Fedora users happy with their distribution may run across comments on mailing lists and forums that call the distribution "bloatware". Webopedia defines bloatware as:

(n.) jargon Software that has lots of features and requires considerable disk space and RAM. As the cost of RAM and disk storage has decreased, there has been a growing trend among software developers to disregard the size of applications. Some people refer to this trend as creeping featuritis. If creeping featuritis is the symptom, bloatware is the disease.

If you look at the services checked list in Figure 2, you can see that many services have been selected. Keep in mind that Red Hat makes Fedora available to provide a test bed for innovations it plans to incorporate into its Red Hat Enterprise Linux offering. One might consider Fedora bloatware if Red Hat sold the product. As it stands, I consider Fedora to be a good product and one I can modify to suit my preferences.

For desktop purposes, I start by disabling apmd, autofs, identd, ip6tables, iptables, isdn, lpd, nfs, portmap, talkd and sendmail. You can do this using system-config-services. Remember, though, that whatever you disable in runlevel 5, you also should consider disabling in other runlevels. If you run the command #init 3 and don't go into that mode elegantly, you have to go back and check your service settings.

Another way to edit your services in Fedora involves the command-line utility called ntsysv. When you run that command, you see a screen similar to the one shown in Figure 3.

Figure 3. Editing Fedora

Unfortunately, space requirements here do not allow for a detailed discussion of each service. If you are not familiar with them, use the system-config-services utility, shown in Figure 2, and read about each one. Also, use Google to search for the ones with which you are unfamiliar.

Other services people may wish to disable on Fedora include:

  • mDNSResponder: used by Howl clients to perform Zeroconf service discovery on a network; should not be running otherwise.

  • mdmonitor: software RAID monitoring and management multipath device not required for single drive systems.

  • mdmpd: used to create, manage and monitor software RAID volumes.

  • httpd: not necessary unless you're running a Web server.

  • iptables: used for firewalls.

  • kudzu: used to discover new peripheral devices; can be redeployed if you add peripherals later.

  • mysqld: unnecessary if you are not using a database.

If you are not using the Network File System (NFS), you also can disable netfs, netplugd, network, nfslock and nfs. And, if you are not sharing a network with Microsoft Windows, you can disable smb and nmb.

I also chose to disable SELinux on my desktop because of its resource requirements. I consider SELinux important for servers or, when needed, in secure and classified environments but not necessary for normal desktop use. As with other services, test and see if it slows down your boot process or inhibits desktop performance.

Ubuntu Services for Performance Tuning

Unlike Fedora, most Linux users do not consider Ubuntu to be a bloatware distribution. In its default mode, few services run unnecessarily. Still, for strictly desktop use, I have found some tweaks that can increase performance.

Ubuntu does not come with a graphical tool to disable services. If you have the necessary skills to run the commands in text mode to manage services, you probably already know which ones you want enabled or disabled. I downloaded several from Ubuntu repositories, including sysv-rc-conf, rcconf and bum. I found bum to be the most comprehensive and user-friendly tool for Ubuntu.

You'll have to download bum from its Web site. Once you install it and log back into your desktop, you should see it in the menu listed as Boot-up Manager, bum for short. See Figure 4.

Figure 4. Menu for Boot-Up Manager

Once you select bum from the menu, you have to enter your admin password. You should see something similar to the window shown in Figure 5.

Figure 5. Boot-Up Manager for Ubuntu (bum)

As you can see, the Boot-Up Manager for Ubuntu provides significant detail. In many instances it can provide you with enough information to prevent you from making a mistake when you disable or enable a service.

In Ubuntu, I disabled several services for strictly desktop use. I began with the following:

  • ntpdate: a utility that updates the system clock on each reboot.

  • pcmcia: used only with laptops if one has PCMCIA cards.

  • ppp: point-to-point protocol used only if you have a modem. I disabled the built-in modem in my desktop and only use a network interface card.

  • powernowd: I use an AMD processor with Ubuntu and this service does not work with AMD.

  • rsync: a utility that provides fast incremental file transfer if you wish to mirror or back up data. I don't use it.

  • fetchmail: a utility to retrieve and forward mail and act as a gateway to smtp. I use a Linux groupware client, so I do not use this utility.

  • postfix: a mail transfer agent similar to sendmail. I use a mail server from my ISP and our company domain, so I don't see a need for this.

Once I unchecked these services in bum, I rebooted and noticed a significant decrease in the time required to reach my GNOME desktop. I then surveyed my system and disabled additional services, including LVM, mdadm, EVMS and pppd-dns. Again, I rebooted and saw a significant decease in boot-up time.

Another Note: Ubuntu installs with a default kernel set for i386 processors. Because I use an i686 kernel, I found upgrading also increased my system performance significantly. To do this, you can use Synaptic to search for linux-image-2.6.10-5-k7 if you use AMD or linux-image-2.6.10-5-686 for Pentium Pro/Celeron/Pentium II/Pentium III/Pentium IV.

The developers generally produce kernel image packages if you wish to create a custom kernel from the sources. We will cover that process in a future article.

By selecting and installing the kernel package, you can upgrade your default kernel to one optimized for new processors. You should experience a performance increase.

If you decide to disable the services mentioned above, consider using the graphical Boot-Up Manager (bum). I have read some disturbing suggestions from users concerning modifying init scripts. You want to have the ability to go back and enable services if disabling them causes you trouble. With bum, you can do that. With some command-line techniques, you might discover yourself in a nest of mad hornets without an escape plan.



Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

powernowd should work fine with AMD-k6-2+

Mads's picture

This might be wrong about disabling PowerNow services: "powernowd: I use an AMD processor with Ubuntu and this service does not work with AMD."

This service should work fine with amd-k6-2+.

Check this: AMD K6-2+ In Detail

Of course the PowerNow technology requires a special motherboard with the appropriate voltage controller.

Warning not to call Helpline

Boney's picture

A helpline called Sheffield Gayphone is being laughed at after its been revealed that its telephone number ends in 69 69.

Investigated by authorities for making an arse of its self, the helpline stuggles to continue.

After doing a google search on Sheffield Gayphone I have come to the conclusion that they are in some serious shit!

Help Line providing False Information - Dont Call

Pat Middleton's picture

Warning not to call helpline after it issued death threats to well known actor.

A warning has been issued not to call a helpline called Sheffield Gayphone after it has been found to be making false claims that it is affilated to (The Consortium of Lesbian, Gay and Bisexual Voluntary Groups and Organisations). This company actually doesn't exist.

Sheffield Gayphone have also been under investigations from the Police and Local Authorities after callers complained of intimidation, sexual harrassment, breaching of confidentiality and Death Threats

People are strongly advised not to call it

Sheffield Gayphone are Perverts

RT's picture

Yes and i can assure anyone out their never to phone it, and especially dont go to the meetings

On their website they state 'you should not be approached sexually' well why did they pester me to get me in bed. and it looks as though many gay people in sheffield are fully about what they do as well.

Sheffield gayphone is a definate no no

Thanks, Tom

Colin from Bklyn's picture

I appreciated being able to Google this up right quick to find a clear, step-by-step presentation of a solution that quickly resolved my problem. To me, this is the big part of the open-source revolution: Usable documentation, easy to find (in about a gazillion languages, too). It's a standard rant of mine, but worth repeating. Anyway, my wife thanks you too, for stopping my constant cussing.

Great Job

André's picture

Hi Tom,

i just tried your tips. I am a pretty satisfied Kubuntu user but now after the tweaking my system runs like charm. It's so snappy!

I mean after the first article i thought: "Oh look, nice tips, maybe i gain some seconds..." but experiencing my desktop running like it is right now is more than satisfying.

Thanks very much for a pretty cool tutorial on making my linux experience even more enjoyable



forrestcupp's picture

I followed the tweaking steps perfectly for Ubuntu. Ever since I did this I can't get my fglrx drivers to work for my ATI video card. I even uninstalled them, and reinstalled them and re-edited my xorg.conf file to work with fglrx. I can't get it to work for anything. No matter what I do, fglrxinfo shows the mesa-3d drivers. It only happened after I followed these tweaks, and I didn't disable any of the services that weren't listed in this article for Ubuntu. Also, I did install the linux kernel optimized for K7 because I have an Athlon proc. Anyone have a solution for me?


forrestcupp's picture

If anyone cares, my problem was from installing the k7 kernel. I didn't install the linux restricted modules for k7 with it. After I did that my ATI card worked.

Nothing useful

WereCat's picture

Sad, but none of the tricks in any of these were of any real use for me. Trading agetty to mingetty, or disabling a few virtual terminals doesn't really save much memory, DMA is enabled by default, etc. And it seems most of these 'tricks' are aimed for OpenOffice. But oh well, the best way to get everything possible out of your box is to install Gentoo on it and tweak every single package yourself. The only thing I can't do anything about is the fact that Gnome eats alot of memory.

Nothing useful?

Anonymous's picture

I wish the editors would moderate the comments on Linux Journal so useless ones would disappear. Comments like Werecat's are expletives. He got nothing out of it and has nothing to add but then he votes anyway.

Hey Editors, you don't print every single letter from readers in your print edition - why do you do it here? People can go to slashdot and write anything they want - you don't need it here.

It's such a let down to read a good article, then you want to see if anyone added any hacks or tips and you have to wade through junk.

This is not customer service. This is not useful. This lowers your customer satisfaction. MODERATE!

Intelligent init.d scripts in Ubuntu

Anonymous's picture

Many of the services you 'disabled' in Ubuntu (fetchmail, rsync...) aren't enabled by default. Take a look in the /etc/default directory to see what I mean. You have to configure them before they run. The first thing their init.d scripts do is check to see wether anyone has configured them or not. If no, then the scripts just exit without starting the service.

Otherwise, postfix only delivers the local system mail from cron, etc., and ntpdate is probably best left enabled.

powernowd certainly works wit

Anonymous's picture

powernowd certainly works with AMD processors. It does a great job of throttling my Athlon 1800+

Not always true... It is not

Anonymous's picture

Not always true... It is not working on my PC, so I wrote to the author, and here is his reply:
" I'm afraid that desktop AMD K7's and most Sempron's don't support
powernow (or "Cool 'n' Quiet" as it's called on desktop chips). All K8
class cpus (Athlon64, later Semprons) support it, but not yours... Sorry.."

It doesn't work on all Athlon64's either.

Scott's picture

If you have a CPU fan that did not come with the CPU, then one is not able to use Cool-N-Quiet regardless of OS.

My CPU fan was purchased separately.

powernowd certainly works wit

Anonymous's picture

It's broken in several distributions. If you get an error message booting down, turn it off. If it works, it cools down AMD processors. If not, you'll see error messages. Don't forget cpufreq. for example.

It's fixed in some kernels. Problems exist with some BIOS errors too.


J Morris's picture

I'd be very surpised if you found that SELinux had any effect on desktop performance. With targeted policy (the default in Fedora), you should not see any impact on desktop performance. If you run a personal web server, or several other network facing services, SELinux is providing protection via strong kernel separation between the service and the desktop environment (and system).


tadelste's picture

While I appreciate your comment, I hope you agree that it's a speculative statement and doesn't have any empirical data to back it up.

We tested Red Hat Enterprise Desktop, Fedora Core III and Ubuntu which all have SELinux kernel extensions and policy files. We also wrote an article earlier this year about SELinux and interviewed the author of the SELinux book from O'Reilly.

SELinux implementations do use resources and shutting it down provides a meaningful boost in performance. Any process that runs in an operating system environment will use resources. The amount of resoures used will have a correlation to the policy files written for SELInux.

No doubt SELinux provides protection and will propel Linux into a trusted status within Common Criteria. Does it provide a cost/benefit ratio in a dekstop or laptop in an otherwise protected environment? No.

We run RHEL 4 on our primary, mission critical web server application within our company. We chose our distribution because it has the added security of Security Enhanced Linux. In a large networked work environment, I can understand why one might want to use SELinux to protect the system from O day attacks.

We continue to suggest that individuals look at SELinux as an option. We do not advocate getting rid of it or say that it does not provide an important function.

Thanks again

Don't disable the "network" service in fedora

Anonymous's picture

Umm, if you want to surf the internet, you probably shouldn't disable the network service or you won't bring up your network interfaces.

Don't disable the "network" service in fedora

tadelste's picture

We do not advocate disabling Network service in Fedora. However, if you do not use NFS, we recommend disabling that service. NFS is a file sharing protocol developed by Sun Microsystems. Network service in Fedora deals with protocols that allow the operating system to enable connectivity in a local area or wide area network such as the Internet.

An alternative to rebooting.

Nigel Cunningham's picture

Another option is starting all the services you want, but then using Suspend-to-disk. You don't need to become a kernel expert to do so - there are prebuilt kernels for many distributions and lots of help available through the web site.



The 1999 quote is actually ta

Anonymous's picture

The 1999 quote is actually talking about using Linux as an X terminal, not as a desktop. That is, running nothing but X on the Linux machine and all of the programs on a remote server. As the quote suggests, this rarely makes much sense, since an X terminal runs fine with a graphics card and a 386, and the necessary local computing power for a capable workstation or desktop is probably cheaper that the graphics card, monitor, and peripherals that people want. The author clearly doesn't know what an X terminal is (or was), which is unsurprising, since it was already an inefficient use of technology in 1999.

X terminals work great

Anonymous's picture

You can even run full screen video with sterio audio across a network connection. The best part of the LTSP is that you can have 30 or 40 X terminals with nothing installed on the individual workstations, and boot everything across the network. This way you can just throw in a single workstation for a new employee and they are up and running in a couple of minutes. Since everyone's home directories are on the heavy duty server they can be backed up everynight. And the best thing is that you can log into any server and have full access to all your files, printers, and applications from any terminal.

Most of the time you really don't need to have much processing power to run a monitor, speakers, keyboard and mouse with business and graphics design programs.

The 1999 Quote

tadelste's picture

Thank your for your comment. Early uses for X in Linux and UNIX often allowed someone to manage text based windows and nothing more. We called them Window Managers because they allowed us to manage windows. I might do one job in one windows and something else in another or another, etc.

Obviously, that was not the point of the statement. Before gnome and kde, we had many choices for Window managers and anyone can see them at They may have suited Linux users for various tasks. Six years ago, we didn't even have a graphical dialer for modems.

The point then is that Linux has come a long way since the days when people only thought of it as a sever platform. Little doubt exists that during the timeframe of the book, Linux was looked at primarily as server and then as a workstation.

Disabling IPTables is wrong

Anonymous's picture

Disabling iptables is totally irresponsible. A desktop user is not going to strain their system by running a firewall, but not running that firewall leaves them open to attack and makes their system a potential zombie or attack platform. Even Microsoft does this right with Windows XP SP2. IPTables doesn't take any boot time and doesn't impact runtime performance, especially for the simple rules required for a desktop machine.

Re: Disabling IPTables is wrong

Mike's picture

Disabling iptables is totally irresponsible [snip]

I think you have a very limited world view, perhaps one conditioned by running the thrill-a-minute rocketship that is a Windows machine where the user has Administrator access.

I run all of my workstations without iptables enabled. Why? Because I am doing the *really* responsible thing, and running them behind a NAT and firewall. Also, any that are not development boxes simply don't run any services so there is nothing to firewall. They run SSH, and SSH only. Behind a NAT, with a reasonable password policy and users not having root access to their machines, it is very secure.

No stock IPtables setup I know of firewalls outgoing traffic.

Try Firestarter

Anonymous's picture

Firestarter in Ubuntu has firewalling of outgoing connections. Along with BackupPC it made my switch in Ubuntu to yet more GUI-goodness. Before I was using narc, which allowed for customized iptables, along with a sane config-file, but handling it over to Firestarter made it much easier although it doesn't support all the details in iptables (TCP vs UDP etc).

Disabling IPTables is wrong

Anonymous's picture

If your system is hardened, you could disable iptables. Some distros don't have iptables enabled after installation. Windows XP and earlier versions need a firewall because they're wide open. If you have all your ports closed and don't use smb protocols and sit behind a firewall/proxy, you could disable it. That's not irresponsible. Besides, you didn't read the article or you would have seen what was written.

Role of iptables on a desktop system

Anonymous's picture

A desktop system should not be running any daemons that listen on a port, or even have the daemons installed, so iptables as conventionally used is redundant.

The reason for running iptables on a desktop is to log and drop suspicious outgoing traffic so you can deal with malware or a problem local user.

You should probably be using the package manager to remove the unneeded daemons, not just disabling them. That way you won't get prompted to update them when security fixes come out, and you can concentrate on real security fixes.

Uptime has nothing to do with

Nathan Howell's picture

Uptime has nothing to do with avoiding reboots on the desktop (at least for sane people...). Personally, I just don't want to waste the time restarting everything. My desktop should be a persistent set of apps and info that I can walk away from and return to at any time.

Rebooting is a matter of

Scott's picture

Rebooting is a matter of personal preference more than anything else. I usually leave my PC on 24X7 just for the convenience factor. I'll often run backups or large downloads when I'm away from it (such as overnight).

In spite of that, I do reboot often. But only when it crashes (Yes folks, despite rumors to the contray Desktop Linux is really no more or less stable than Windows XP -sans spyware/malware-).

erm.. what about wasting electricity and CO2 emissions?

Ruth's picture

Sorry I don’t want to be too PC and gung ho greenie here but I think I must still comment about this never turning a PC off. I know TFT monitors take a lot less power compared to old CRT models but still, leaving a computer on all the time 24/7 just for convenience of a minute or two bootup isn’t good. I know America isn’t that bothered about C02 (well some aren’t, namely Mr Bush and the ones in power, I am sure there are still lots of others who disagree with him) but we all share planet Earth and the electricity to power a few million PC's overnight for no good reason is probably worth a large number of trees (nice big green and brown plant things that liberate 02 for us to breath)
We should all take responsibility to try and limit wasting resources.
Ok off my soapbox now
Thanks for listening.
: )

I PAY for the power my

Apallo's picture

I PAY for the power my computer consumes. If I want to run it 24/7 365 then that is my prerogative. I am sick and tired of people trying to tell me to save electricity, or gas for that matter. I work so that I can pay for these things, and will be damned if I am gonna let some tree hugger tell me what I should do with the things I bought. As for "global warming", take a planetary astronomy class. You will find out that volcanoes and other forms of outgassing contribute to more than 99% of all "greenhouse gasses", and guess what? These gasses are regularly flushed out of our atmosphere by precipitation. Don't believe me? READ A BOOK.


Jay Fude's picture

OK, to risk both sounding anti-pc (which I am) and getting off topic, but I'm sick of greenhouse nuts. One volcano puts up more greenhouse gasses than the ENTIRE industrial age, and we have at least 25 of them per year. Also the peat bog fires in indonesia are puttiing the equivilant of 40% of the greenhouse gasses from all the automobiles in the world. It is egotistical to think the we puny humans make a damn bit of difference to the world ecology. Just ask the mastadon's or the dinosaurs, both of which went extinct from climate changes unrelated to our insignifigant selves.


Frapazoid's picture

Personally I've kinda rethought the global warming thing too and I'm not too keen on it anymore. In fact, there have been similar debates in history, back in the 70s people even thought we were going into an ice age. It's kinda clear at this point that on Earth and many planets we're investigating (Mars, Titan, Pluto for example), climates seem to vary wildly for no apparent reason at all, just cause things get out of balance.

Anyway, that said, it's still wasteful, and here's a more practical reason to turn off your computer, is virii!!!

Yes, the risk is low, but might as well... I mean, the more uptime you have, the more risk of getting hit, and if something's in there, the more uptime you have, the more uptime the virus has :)

Uptime has nothing to do with

Anonymous's picture

Obviously, you aren't a mobile user. I am. But, I don't see where the author implied anything related to your comment.

Obviously. When I said deskto

Nathan Howell's picture

Obviously. When I said desktop, that's what I meant.

Right at the start of the article, uptime is implied to be the (or the main) reason not to reboot. I disagree. :-)

Obviously. When I said deskto

Anonymous's picture

An old Inidian Proverb says, the dog barks at the mountain.

Where's Inidia?

Anonymous's picture

Where's Inidia?

It's over in the Mniddle East

Ghost|BTFH's picture

It's over in the Mniddle East. You know, around Inran, Inraq, Pnakistan, etc...but I'm not familar with that quote...perhaps he meant this one, it's the only Indian (east indian, since Native Americans are not called Indians by anyone with half a brain and I'm giving him the benefit of the doubt):

"Only mad dogs and Englishmen go out in the noonday sun." - Indian Proverb

Of course, I could think of two dog quotes that are appropriate for this thread:

"One dog barks at something, the rest bark at him." - Chinese Proverb

"Do not respond to a barking dog." - Jewish Proverb


Meanwhile, those of us with w

Anonymous's picture

Meanwhile, those of us with whole brains don't assume that lack of political correctness implies stupidity or evilness.

"Indian" has always been a misnomer for "Native Americans." Suggested alternatives during the years have included "American Indians" and "Amerinds". Some have even used the term "Skraelings" used by the Vikings who encountered them.

What's the big deal? Life is full of misnomers. Live with it, and don't assume that people who use the popular if less correct terms are backwards or ignorant. They may just be less uptight.

Indian proverb - no

An English man's picture

Mad dogs and english men ... is a line from a Noel Coward song and not an Indian proverb, though I can see why you'd think so.

Where did you think Noel Cowa

Anonymous's picture

Where did you think Noel Coward got this line ??