User:Swapnil durgade/Service management under Linux
3 types of services
Service started by init
edit1. Configured in /etc/inittab 2. Typically non-TCP/IP services, e.g. dial-in Modems, X windows system, serial ports 3. Provide respawn capability 4. Changes to inittab can be activated with init q
Services launched by System V startup scripts
edit1. Process are started by System V init script method 2. Program Name often end in 'd' 3. Script takes start, stop, restart etc. arguments 4. two ways to start services a. /etc/init.d/ldp start b. service ldp start 5. To start service automatically in a runlevel, we need a start and kill symbolic link in appropriate run level /etc/rc.d/rc[0-6].d
Service launched by xinetd
edit1. unlike inetd xinetd does not require that the services in its configuration file be listed in /etc/services
2. It can do access control on all services based on:
a. address of remote host b. time of access c. name of remote host d. domain name of remote host
3. It can prevent denial-of-access attacks by
a. placing limits on the number of servers for each service (avoids process table overflows) b. placing an upper bound on the number of processes it will fork c. placing limits on the size of log files it creates d. placing limits on the number of connection a single host can initiate e. place limits on the rate of incoming connections f. discontinue services if the load exceeds specified limit
Controlling access with 'hosts.allow' and 'hosts.deny'
editACCESS CONTROL FILES
The access control software consults two files. The search stops at the first match: 1· Access will be granted when a (daemon,client) pair matches an entry in the /etc/hosts.allow file. 2· Otherwise, access will be denied when a (daemon,client) pair matches an entry in the /etc/hosts.deny file. 3· Otherwise, access will be granted. A Non-existing access control file is treated as if it were an empty file. Thus, access control can be turned off by providing no access control files.
'chkconfig' to manager services
editDones not modify current state of System V services
Changes to services managed my xinetd comes into effict immediatly
Can also manage xinetd services
Usage Example
1. chkconfig --list :lists all services in all runlevels 2. chkconfig <service> list :lists <service> on/off status in all runlevels 2. chkconfig <service> on :enables service in runlevel 2,3,4 , and 5 3. chkconfig <service> off :disables service in runlevel 2,3,4 , and 5 4. chkconfig <service> add :ensures either a kill or start symbolic link is setup for every runlevel 5. chkconfig <service> del :removes service from chkconfig management 6. chkconfig --level <levels> <service> <on|off|reset> :turn service on/off in specified levels
-Swapnil (Wednesday, December 15, 2005) Email- swapnil_durgade@yahoo.com