My Ubuntu server basically servers a Python Django site using Apache and Postgre. We SSH to it to configure some stuff from time to time but that's about it for the server. Since I'm trying to harden my installation, I'm trying to remove all useless processes and open ports. I've seen that there's something called avahi-daemonrunning in the background:
avahi 1724 1 0 Jul20 ? 00:00:00 avahi-daemon: running [development.local]
avahi 1726 1724 0 Jul20 ? 00:00:00 avahi-daemon: chroot helperI've read that it has something to do with discovering other computers and printers on the same network. (I'm not entirely sure and that's even more the reason i feel the need to rid my os of it.)
Is this something important? Can I remove it? If so, how?
4 Answers
Avahi is the open-source implementation of Zeroconf, used for automatic management of networks without any centralized configuration. Generally, Avahi is only useful in small local networks (such as a home LAN).
The avahi-daemon process handles mDNS, which is used for name resolution and service discovery within the local network. If you don't need its functions, Avahi can be safely removed.
Local name resolution – allows you to reach the computer by a
hostname.localname without any centralized configuration. Since your server most likely has a DNS name, this function is unnecessary.Service discovery – allows programs to find and advertise running services (for example, to allow listing all SSH or PulseAudio servers in the LAN). This is convenient on a home network, but entirely useless for a datacenter-hosted server. This too can be safely removed.
(Other Avahi components, which are inactive on your server, are avahi-autoipd for RFC 3927 and avahi-dnsconfd for discovery of unicast-DNS servers.)
sudo apt-get purge avahi-daemonTo merely disable:
sudo systemctl stop avahi-daemon
sudo systemctl disable avahi-daemon This worked for Linux Mint 13 (based on Ubuntu 12.04)
Edit the /etc/init/avahi-daemon.conf file to something like this: Code:
# avahi-daemon - mDNS/DNS-SD daemon
#
# The Avahi daemon provides mDNS/DNS-SD discovery support (Bonjour/Zeroconf)
# allowing applications to discover services on the network.
description "mDNS/DNS-SD daemon"
start on (never and filesystem and started dbus)
stop on stopping dbus 2 To disable service:
sudo systemctl stop avahi-daemon.socket
sudo systemctl stop avahi-daemon
sudo systemctl disable avahi-daemon.socket
sudo systemctl disable avahi-daemon