Avahi-Daemon is a service that plays an important role in local network discovery on Linux systems. It facilitates communication between devices using the mDNS (Multicast DNS) and DNS-SD (DNS Service Discovery) protocols, allowing them to discover services such as printers, file shares, and more without manual configuration.
However, in certain environments, such as production servers or devices where minimizing the attack surface is critical, you may want to disable Avahi-Daemon to enhance security, reduce unnecessary network traffic, or save system resources.
This guide will walk you through how to properly disable Avahi-Daemon in Linux.
Checking Whether Avahi-Daemon Is Running
Before disabling Avahi-Daemon, you should verify if it is currently active.
Use the systemctl command to check if Avahi-Daemon is running:
systemctl status avahi-daemon
If the status shows “active (running)” then Avahi-Daemon is currently enabled and operational. If you decide to disable it, follow the next steps.
Stopping Avahi-Daemon
If you want to stop Avahi-Daemon temporarily, you can use the following command. This will stop the service until the system is rebooted.
systemctl stop avahi-daemon
The stop command halts the Avahi-Daemon service immediately, but it will not prevent it from restarting on the next boot.
Disabling Avahi-Daemon Permanently
To ensure that Avahi-Daemon does not start again after a reboot, you need to disable it permanently.
Use the following command to disable Avahi-Daemon:
systemctl disable avahi-daemon
The disable command removes the links that cause Avahi-Daemon to start automatically at boot, ensuring it stays inactive.
Masking Avahi-Daemon for Additional Security
For extra security, you can mask the Avahi-Daemon service. Masking prevents it from being started manually or by other services.
Use the following command to mask the service:
systemctl mask avahi-daemon
Masking a service links its unit file to /dev/null, making it impossible to start the service.
Removing Avahi-Daemon
If you are sure that Avahi-Daemon is not required on your system, you can also choose to remove it completely.
For Debian-based distributions like Ubuntu, use:
apt remove avahi-daemon
For Red Hat-based distributions, use:
yum remove avahi
Conclusion
Disabling Avahi-Daemon can be a practical way to enhance the security and performance of your Linux system, especially if the service is not needed. Before deciding to disable Avahi-Daemon, carefully consider your use case. While it provides useful service discovery features in certain environments, it can pose a security risk in others. You can now disable Avahi daemon on dedicated server hosting from Atlantic.Net!