Linux in Government: Optimizing Desktop Performance, Part III

Continuing to transform your Linux system into a fast desktop by removing unused utilities.

As we discussed in Part I and Part II of this article series, for most of its existence, people have distributed Linux as a workstation or a server rather than as a desktop. The default workstation that evolved has existed mostly for use by developers. So, when you install a Linux distribution with a graphical interface, it generally fits the preferences of a developer. In addition, it performs like many UNIX workstations do, which can seem sluggish.

Some default features of Linux that seem slow to a new desktop user appear perfectly acceptable to long-time workstation users. When we begin to disable services that slow down the boot process, some Linux users might object. For instance, killing the mail transfer agent could mean that service messages meant for root or admin are not sent. Someone wanting to boot up her laptop quickly, however, might not care about that. For system administrators and developers, though, the missing chance to analyze a program flaw becomes a lost opportunity.

Most developers and administrators do not reboot their workstations. They consider uptime an important measurement of Linux's stability and do not seem to mind if services run that they do not use. If you run the command top, you can see why. Take a look at Figure 1.

Figure 1. Running top to View Processes

As you can see in Figure 1, 70 processes or tasks exist, but 68 are sleeping. Open a terminal and run top on your own system, and watch as processes come alive and go to sleep. To quit the program, simple type q. So even if you started a service, it may rarely wake up and take up many CPU cycles or need much memory.

For desktop and laptop users who want a fast-booting operating system, getting rid of services you do not need can appear to improve performance. Obviously, if you are new to Linux, though, you probably do not know which processes you can get rid of safely nor how to stop them and keep them from restarting at boot time.

Note: In the first part of this series we said we would concentrate on Fedora Core 3 and Ubuntu 5.04. That has not changed. Depending on your distribution, some of the tweaks discussed in this series may not apply.

Also, some readers have suggested we put a warning label on our tweaks. When you try any suggestion we discuss, realize that they could have risks associated with them. Although we want to maximize performance, you have to experiment with some of our suggestions. Some of our examples may exist simply for illustration sake, such as the exercise with hdparm. We illustrated and stressed that hard drives had the potential to increase or decrease performance. You may understand how a hard drive can improve performance and choose to live with your existing situation anyway.

The Initialization Process in Linux

Before you can scale down processes in your installation of Linux to achieve increased performance, it helps to understand a little about how the operating system initializes services at boot time. Although this represents a simplistic explanation, it can provide enough background for you to accomplish the task of disabling unwanted services.

During boot up, the init process runs and starts software after the kernel initializes all devices. Depending on the distribution, Linux defines system states or runlevels such as text mode or graphics mode. In Fedora when you issue the command #init 3, for example, you put Linux in a full multiuser support state with the full range of services available, but you only see a text or command-line interface. Running #init 5 causes you to change states and run in graphical mode.

Linux-dedicated servers often run in init 3 mode. To give you an idea of how people regarded Linux before the maturity of GNOME and KDE, here's a 1999 quote from Craig Hunt (Linux Network Servers, Sybex):

Runlevel 5 initializes the system as a dedicated X Windows terminal. I don't think that is the best use for a powerful Linux system, but if you want to, you can use the system as a terminal by starting in runlevel 5.

Linux developers have taken the operating system from a simple X manager during the 1998-1999 timeframe to a complete graphical desktop that competes with Microsoft's and Apple's offerings. So, if you simply want a Linux desktop, you probably want to start out in graphical mode instead of text mode. In Fedora that means you live in runlevel 5, and in Ubuntu you live in runlevel 2.



Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

powernowd should work fine with AMD-k6-2+

Mads's picture

This might be wrong about disabling PowerNow services: "powernowd: I use an AMD processor with Ubuntu and this service does not work with AMD."

This service should work fine with amd-k6-2+.

Check this: AMD K6-2+ In Detail

Of course the PowerNow technology requires a special motherboard with the appropriate voltage controller.

Warning not to call Helpline

Boney's picture

A helpline called Sheffield Gayphone is being laughed at after its been revealed that its telephone number ends in 69 69.

Investigated by authorities for making an arse of its self, the helpline stuggles to continue.

After doing a google search on Sheffield Gayphone I have come to the conclusion that they are in some serious shit!

Help Line providing False Information - Dont Call

Pat Middleton's picture

Warning not to call helpline after it issued death threats to well known actor.

A warning has been issued not to call a helpline called Sheffield Gayphone after it has been found to be making false claims that it is affilated to (The Consortium of Lesbian, Gay and Bisexual Voluntary Groups and Organisations). This company actually doesn't exist.

Sheffield Gayphone have also been under investigations from the Police and Local Authorities after callers complained of intimidation, sexual harrassment, breaching of confidentiality and Death Threats

People are strongly advised not to call it

Sheffield Gayphone are Perverts

RT's picture

Yes and i can assure anyone out their never to phone it, and especially dont go to the meetings

On their website they state 'you should not be approached sexually' well why did they pester me to get me in bed. and it looks as though many gay people in sheffield are fully about what they do as well.

Sheffield gayphone is a definate no no

Thanks, Tom

Colin from Bklyn's picture

I appreciated being able to Google this up right quick to find a clear, step-by-step presentation of a solution that quickly resolved my problem. To me, this is the big part of the open-source revolution: Usable documentation, easy to find (in about a gazillion languages, too). It's a standard rant of mine, but worth repeating. Anyway, my wife thanks you too, for stopping my constant cussing.

Great Job

André's picture

Hi Tom,

i just tried your tips. I am a pretty satisfied Kubuntu user but now after the tweaking my system runs like charm. It's so snappy!

I mean after the first article i thought: "Oh look, nice tips, maybe i gain some seconds..." but experiencing my desktop running like it is right now is more than satisfying.

Thanks very much for a pretty cool tutorial on making my linux experience even more enjoyable



forrestcupp's picture

I followed the tweaking steps perfectly for Ubuntu. Ever since I did this I can't get my fglrx drivers to work for my ATI video card. I even uninstalled them, and reinstalled them and re-edited my xorg.conf file to work with fglrx. I can't get it to work for anything. No matter what I do, fglrxinfo shows the mesa-3d drivers. It only happened after I followed these tweaks, and I didn't disable any of the services that weren't listed in this article for Ubuntu. Also, I did install the linux kernel optimized for K7 because I have an Athlon proc. Anyone have a solution for me?


forrestcupp's picture

If anyone cares, my problem was from installing the k7 kernel. I didn't install the linux restricted modules for k7 with it. After I did that my ATI card worked.

Nothing useful

WereCat's picture

Sad, but none of the tricks in any of these were of any real use for me. Trading agetty to mingetty, or disabling a few virtual terminals doesn't really save much memory, DMA is enabled by default, etc. And it seems most of these 'tricks' are aimed for OpenOffice. But oh well, the best way to get everything possible out of your box is to install Gentoo on it and tweak every single package yourself. The only thing I can't do anything about is the fact that Gnome eats alot of memory.

Nothing useful?

Anonymous's picture

I wish the editors would moderate the comments on Linux Journal so useless ones would disappear. Comments like Werecat's are expletives. He got nothing out of it and has nothing to add but then he votes anyway.

Hey Editors, you don't print every single letter from readers in your print edition - why do you do it here? People can go to slashdot and write anything they want - you don't need it here.

It's such a let down to read a good article, then you want to see if anyone added any hacks or tips and you have to wade through junk.

This is not customer service. This is not useful. This lowers your customer satisfaction. MODERATE!

Intelligent init.d scripts in Ubuntu

Anonymous's picture

Many of the services you 'disabled' in Ubuntu (fetchmail, rsync...) aren't enabled by default. Take a look in the /etc/default directory to see what I mean. You have to configure them before they run. The first thing their init.d scripts do is check to see wether anyone has configured them or not. If no, then the scripts just exit without starting the service.

Otherwise, postfix only delivers the local system mail from cron, etc., and ntpdate is probably best left enabled.

powernowd certainly works wit

Anonymous's picture

powernowd certainly works with AMD processors. It does a great job of throttling my Athlon 1800+

Not always true... It is not

Anonymous's picture

Not always true... It is not working on my PC, so I wrote to the author, and here is his reply:
" I'm afraid that desktop AMD K7's and most Sempron's don't support
powernow (or "Cool 'n' Quiet" as it's called on desktop chips). All K8
class cpus (Athlon64, later Semprons) support it, but not yours... Sorry.."

It doesn't work on all Athlon64's either.

Scott's picture

If you have a CPU fan that did not come with the CPU, then one is not able to use Cool-N-Quiet regardless of OS.

My CPU fan was purchased separately.

powernowd certainly works wit

Anonymous's picture

It's broken in several distributions. If you get an error message booting down, turn it off. If it works, it cools down AMD processors. If not, you'll see error messages. Don't forget cpufreq. for example.

It's fixed in some kernels. Problems exist with some BIOS errors too.


J Morris's picture

I'd be very surpised if you found that SELinux had any effect on desktop performance. With targeted policy (the default in Fedora), you should not see any impact on desktop performance. If you run a personal web server, or several other network facing services, SELinux is providing protection via strong kernel separation between the service and the desktop environment (and system).


tadelste's picture

While I appreciate your comment, I hope you agree that it's a speculative statement and doesn't have any empirical data to back it up.

We tested Red Hat Enterprise Desktop, Fedora Core III and Ubuntu which all have SELinux kernel extensions and policy files. We also wrote an article earlier this year about SELinux and interviewed the author of the SELinux book from O'Reilly.

SELinux implementations do use resources and shutting it down provides a meaningful boost in performance. Any process that runs in an operating system environment will use resources. The amount of resoures used will have a correlation to the policy files written for SELInux.

No doubt SELinux provides protection and will propel Linux into a trusted status within Common Criteria. Does it provide a cost/benefit ratio in a dekstop or laptop in an otherwise protected environment? No.

We run RHEL 4 on our primary, mission critical web server application within our company. We chose our distribution because it has the added security of Security Enhanced Linux. In a large networked work environment, I can understand why one might want to use SELinux to protect the system from O day attacks.

We continue to suggest that individuals look at SELinux as an option. We do not advocate getting rid of it or say that it does not provide an important function.

Thanks again

Don't disable the "network" service in fedora

Anonymous's picture

Umm, if you want to surf the internet, you probably shouldn't disable the network service or you won't bring up your network interfaces.

Don't disable the "network" service in fedora

tadelste's picture

We do not advocate disabling Network service in Fedora. However, if you do not use NFS, we recommend disabling that service. NFS is a file sharing protocol developed by Sun Microsystems. Network service in Fedora deals with protocols that allow the operating system to enable connectivity in a local area or wide area network such as the Internet.

An alternative to rebooting.

Nigel Cunningham's picture

Another option is starting all the services you want, but then using Suspend-to-disk. You don't need to become a kernel expert to do so - there are prebuilt kernels for many distributions and lots of help available through the web site.



The 1999 quote is actually ta

Anonymous's picture

The 1999 quote is actually talking about using Linux as an X terminal, not as a desktop. That is, running nothing but X on the Linux machine and all of the programs on a remote server. As the quote suggests, this rarely makes much sense, since an X terminal runs fine with a graphics card and a 386, and the necessary local computing power for a capable workstation or desktop is probably cheaper that the graphics card, monitor, and peripherals that people want. The author clearly doesn't know what an X terminal is (or was), which is unsurprising, since it was already an inefficient use of technology in 1999.

X terminals work great

Anonymous's picture

You can even run full screen video with sterio audio across a network connection. The best part of the LTSP is that you can have 30 or 40 X terminals with nothing installed on the individual workstations, and boot everything across the network. This way you can just throw in a single workstation for a new employee and they are up and running in a couple of minutes. Since everyone's home directories are on the heavy duty server they can be backed up everynight. And the best thing is that you can log into any server and have full access to all your files, printers, and applications from any terminal.

Most of the time you really don't need to have much processing power to run a monitor, speakers, keyboard and mouse with business and graphics design programs.

The 1999 Quote

tadelste's picture

Thank your for your comment. Early uses for X in Linux and UNIX often allowed someone to manage text based windows and nothing more. We called them Window Managers because they allowed us to manage windows. I might do one job in one windows and something else in another or another, etc.

Obviously, that was not the point of the statement. Before gnome and kde, we had many choices for Window managers and anyone can see them at They may have suited Linux users for various tasks. Six years ago, we didn't even have a graphical dialer for modems.

The point then is that Linux has come a long way since the days when people only thought of it as a sever platform. Little doubt exists that during the timeframe of the book, Linux was looked at primarily as server and then as a workstation.

Disabling IPTables is wrong

Anonymous's picture

Disabling iptables is totally irresponsible. A desktop user is not going to strain their system by running a firewall, but not running that firewall leaves them open to attack and makes their system a potential zombie or attack platform. Even Microsoft does this right with Windows XP SP2. IPTables doesn't take any boot time and doesn't impact runtime performance, especially for the simple rules required for a desktop machine.

Re: Disabling IPTables is wrong

Mike's picture

Disabling iptables is totally irresponsible [snip]

I think you have a very limited world view, perhaps one conditioned by running the thrill-a-minute rocketship that is a Windows machine where the user has Administrator access.

I run all of my workstations without iptables enabled. Why? Because I am doing the *really* responsible thing, and running them behind a NAT and firewall. Also, any that are not development boxes simply don't run any services so there is nothing to firewall. They run SSH, and SSH only. Behind a NAT, with a reasonable password policy and users not having root access to their machines, it is very secure.

No stock IPtables setup I know of firewalls outgoing traffic.

Try Firestarter

Anonymous's picture

Firestarter in Ubuntu has firewalling of outgoing connections. Along with BackupPC it made my switch in Ubuntu to yet more GUI-goodness. Before I was using narc, which allowed for customized iptables, along with a sane config-file, but handling it over to Firestarter made it much easier although it doesn't support all the details in iptables (TCP vs UDP etc).

Disabling IPTables is wrong

Anonymous's picture

If your system is hardened, you could disable iptables. Some distros don't have iptables enabled after installation. Windows XP and earlier versions need a firewall because they're wide open. If you have all your ports closed and don't use smb protocols and sit behind a firewall/proxy, you could disable it. That's not irresponsible. Besides, you didn't read the article or you would have seen what was written.

Role of iptables on a desktop system

Anonymous's picture

A desktop system should not be running any daemons that listen on a port, or even have the daemons installed, so iptables as conventionally used is redundant.

The reason for running iptables on a desktop is to log and drop suspicious outgoing traffic so you can deal with malware or a problem local user.

You should probably be using the package manager to remove the unneeded daemons, not just disabling them. That way you won't get prompted to update them when security fixes come out, and you can concentrate on real security fixes.

Uptime has nothing to do with

Nathan Howell's picture

Uptime has nothing to do with avoiding reboots on the desktop (at least for sane people...). Personally, I just don't want to waste the time restarting everything. My desktop should be a persistent set of apps and info that I can walk away from and return to at any time.

Rebooting is a matter of

Scott's picture

Rebooting is a matter of personal preference more than anything else. I usually leave my PC on 24X7 just for the convenience factor. I'll often run backups or large downloads when I'm away from it (such as overnight).

In spite of that, I do reboot often. But only when it crashes (Yes folks, despite rumors to the contray Desktop Linux is really no more or less stable than Windows XP -sans spyware/malware-).

erm.. what about wasting electricity and CO2 emissions?

Ruth's picture

Sorry I don’t want to be too PC and gung ho greenie here but I think I must still comment about this never turning a PC off. I know TFT monitors take a lot less power compared to old CRT models but still, leaving a computer on all the time 24/7 just for convenience of a minute or two bootup isn’t good. I know America isn’t that bothered about C02 (well some aren’t, namely Mr Bush and the ones in power, I am sure there are still lots of others who disagree with him) but we all share planet Earth and the electricity to power a few million PC's overnight for no good reason is probably worth a large number of trees (nice big green and brown plant things that liberate 02 for us to breath)
We should all take responsibility to try and limit wasting resources.
Ok off my soapbox now
Thanks for listening.
: )

I PAY for the power my

Apallo's picture

I PAY for the power my computer consumes. If I want to run it 24/7 365 then that is my prerogative. I am sick and tired of people trying to tell me to save electricity, or gas for that matter. I work so that I can pay for these things, and will be damned if I am gonna let some tree hugger tell me what I should do with the things I bought. As for "global warming", take a planetary astronomy class. You will find out that volcanoes and other forms of outgassing contribute to more than 99% of all "greenhouse gasses", and guess what? These gasses are regularly flushed out of our atmosphere by precipitation. Don't believe me? READ A BOOK.


Jay Fude's picture

OK, to risk both sounding anti-pc (which I am) and getting off topic, but I'm sick of greenhouse nuts. One volcano puts up more greenhouse gasses than the ENTIRE industrial age, and we have at least 25 of them per year. Also the peat bog fires in indonesia are puttiing the equivilant of 40% of the greenhouse gasses from all the automobiles in the world. It is egotistical to think the we puny humans make a damn bit of difference to the world ecology. Just ask the mastadon's or the dinosaurs, both of which went extinct from climate changes unrelated to our insignifigant selves.


Frapazoid's picture

Personally I've kinda rethought the global warming thing too and I'm not too keen on it anymore. In fact, there have been similar debates in history, back in the 70s people even thought we were going into an ice age. It's kinda clear at this point that on Earth and many planets we're investigating (Mars, Titan, Pluto for example), climates seem to vary wildly for no apparent reason at all, just cause things get out of balance.

Anyway, that said, it's still wasteful, and here's a more practical reason to turn off your computer, is virii!!!

Yes, the risk is low, but might as well... I mean, the more uptime you have, the more risk of getting hit, and if something's in there, the more uptime you have, the more uptime the virus has :)

Uptime has nothing to do with

Anonymous's picture

Obviously, you aren't a mobile user. I am. But, I don't see where the author implied anything related to your comment.

Obviously. When I said deskto

Nathan Howell's picture

Obviously. When I said desktop, that's what I meant.

Right at the start of the article, uptime is implied to be the (or the main) reason not to reboot. I disagree. :-)

Obviously. When I said deskto

Anonymous's picture

An old Inidian Proverb says, the dog barks at the mountain.

Where's Inidia?

Anonymous's picture

Where's Inidia?

It's over in the Mniddle East

Ghost|BTFH's picture

It's over in the Mniddle East. You know, around Inran, Inraq, Pnakistan, etc...but I'm not familar with that quote...perhaps he meant this one, it's the only Indian (east indian, since Native Americans are not called Indians by anyone with half a brain and I'm giving him the benefit of the doubt):

"Only mad dogs and Englishmen go out in the noonday sun." - Indian Proverb

Of course, I could think of two dog quotes that are appropriate for this thread:

"One dog barks at something, the rest bark at him." - Chinese Proverb

"Do not respond to a barking dog." - Jewish Proverb


Meanwhile, those of us with w

Anonymous's picture

Meanwhile, those of us with whole brains don't assume that lack of political correctness implies stupidity or evilness.

"Indian" has always been a misnomer for "Native Americans." Suggested alternatives during the years have included "American Indians" and "Amerinds". Some have even used the term "Skraelings" used by the Vikings who encountered them.

What's the big deal? Life is full of misnomers. Live with it, and don't assume that people who use the popular if less correct terms are backwards or ignorant. They may just be less uptight.

Indian proverb - no

An English man's picture

Mad dogs and english men ... is a line from a Noel Coward song and not an Indian proverb, though I can see why you'd think so.

Where did you think Noel Cowa

Anonymous's picture

Where did you think Noel Coward got this line ??