User:Swapnil durgade/Service management under Linux

3 types of services

Service started by init
1. Configured in /etc/inittab 2. Typically non-TCP/IP services, e.g. dial-in Modems, X windows system, serial ports 3. Provide respawn capability 4. Changes to inittab can be activated with init q

Services launched by System V startup scripts
1. Process are started by System V init script method 2. Program Name often end in 'd' 3. Script takes start, stop, restart etc. arguments 4. two ways to start services a. /etc/init.d/ldp start b. service ldp start 5. To start service automatically in a runlevel, we need a start and kill symbolic link in appropriate run level /etc/rc.d/rc[0-6].d

Service launched by xinetd
1. unlike inetd xinetd does not require that the services in its configuration file be listed in /etc/services

2. It can do access control on all services based on: a. address of remote host b. time of access c. name of remote host d. domain name of remote host

3. It can prevent denial-of-access attacks by

a. placing limits on the number of servers for each service (avoids process table overflows) b. placing an upper bound on the number of processes it will fork c. placing limits on the size of log files it creates d. placing limits on the number of connection a single host can initiate e. place limits on the rate of incoming connections f. discontinue services if the load exceeds specified limit

Controlling access with 'hosts.allow' and 'hosts.deny'
ACCESS CONTROL FILES The access control software consults two files. The search stops at the first match: 1· Access will be granted when a (daemon,client) pair matches an entry in the /etc/hosts.allow file. 2· Otherwise, access will be denied when a (daemon,client) pair matches an entry in the /etc/hosts.deny file. 3· Otherwise, access will be granted. A Non-existing  access  control  file is treated as if it were an empty file. Thus, access control can be turned off by providing no access control files.

'chkconfig' to manager services
Dones not modify current state of System V services

Changes to services managed my xinetd comes into effict immediatly

Can also manage xinetd services

Usage Example 1. chkconfig --list                                     :lists all services in all runlevels 2. chkconfig list                             :lists on/off status in all runlevels 2. chkconfig on                               :enables service in runlevel 2,3,4, and 5 3. chkconfig off                              :disables service in runlevel 2,3,4, and 5 4. chkconfig add                              :ensures either a kill or start symbolic link is setup for every runlevel 5. chkconfig del                              :removes service from chkconfig management 6. chkconfig --level    :turn service on/off in specified levels

-Swapnil (Wednesday, December 15, 2005) Email- swapnil_durgade@yahoo.com