Wise people learn when they can; fools learn when they must - Arthur Wellesley

Sunday, 27 November 2016

LINUX-6 SERVICE MANAGEMENT (RHEL-6)


LINUX-6 SERVICE MANAGEMENT (RHEL-6)

Start | stop | adjust run level of services and their status

Available tools are,
1.  Chkconfig (shell)
2.  Ntsysv (TUI)
3.  System-config-services (GUI)
4.  service

CHKCONFIG:

Will list all service installed, with their corresponding run level settings.

[root@localhost ~]# chkconfig
NetworkManager  0:off   1:off   2:on    3:on    4:on    5:on    6:off
abrt-ccpp       0:off   1:off   2:off   3:on    4:off   5:on    6:off
abrtd           0:off   1:off   2:off   3:on    4:off   5:on    6:off
acpid           0:off   1:off   2:on    3:on    4:on    5:on    6:off
atd             0:off   1:off   2:off   3:on    4:on    5:on    6:off
auditd          0:off   1:off   2:on    3:on    4:on    5:on    6:off
blk-availability        0:off   1:on    2:on    3:on    4:on    5:on    6:off
bluetooth       0:off   1:off   2:off   3:on    4:on    5:on    6:off
cpuspeed        0:off   1:on    2:on    3:on    4:on    5:on    6:off
crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
dnsmasq         0:off   1:off   2:off   3:off   4:off   5:off   6:off
firstboot       0:off   1:off   2:off   3:on    4:off   5:on    6:off
haldaemon       0:off   1:off   2:off   3:on    4:on    5:on    6:off
htcacheclean    0:off   1:off   2:off   3:off   4:off   5:off   6:off
httpd           0:off   1:off   2:off   3:off   4:off   5:off   6:off
ip6tables       0:off   1:off   2:on    3:on    4:on    5:on    6:off

[root@localhost ~]# chkconfig --list auditd
auditd          0:off   1:off   2:on    3:on    4:on    5:on    6:off

It manages both system services as well as XINETD (extended internet service daemon) services.

Chkconfig refers to /etc/init.d for service repository and fetch the info of service from there

[root@localhost ~]# ls -l /etc/rc[2-5].d/*auditd
lrwxrwxrwx. 1 root root 16 Aug 29 15:18 /etc/rc2.d/S11auditd -> ../init.d/auditd
lrwxrwxrwx. 1 root root 16 Aug 29 15:18 /etc/rc3.d/S11auditd -> ../init.d/auditd
lrwxrwxrwx. 1 root root 16 Aug 29 15:18 /etc/rc4.d/S11auditd -> ../init.d/auditd
lrwxrwxrwx. 1 root root 16 Aug 29 15:27 /etc/rc5.d/S11auditd -> ../init.d/auditd

all run levels are forming a sym link to /etc/rc[2-5].d/*auditd and update about the status corresponding to particular run levels.

[root@localhost ~]# chkconfig --level 2 auditd on
Now the auditd service is on at RL-2,
Verify it…

[root@localhost ~]# chkconfig --list auditd
auditd          0:off   1:off   2:on    3:on    4:on    5:on    6:off

………

[root@localhost ~]# chkconfig --level 23456 auditd on
[root@localhost ~]#
[root@localhost ~]# chkconfig --list auditd
auditd          0:off   1:off   2:on    3:on    4:on    5:on    6:on
[root@localhost ~]#
[root@localhost ~]# chkconfig --level 23456 auditd off
[root@localhost ~]# chkconfig --list auditd
auditd          0:off   1:off   2:off   3:off   4:off   5:off   6:off

IN CASE OF XINETD SERVICES…

Chkconfig refers to /etc/xinetd.d/

[root@localhost ~]# chkconfig rsync on
[root@localhost ~]#
[root@localhost ~]# ls -l /etc/xinetd.d/
total 4
-rw-r--r--. 1 root root 331 Nov 25 06:12 rsync
[root@localhost ~]#

See the changes,

[root@localhost ~]# cat /etc/xinetd.d/rsync
# default: off
# description: The rsync server is a good addition to an ftp server, as it \
#       allows crc checksumming etc.
service rsync
{
        disable = no
        flags           = IPv6
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/bin/rsync
        server_args     = --daemon
        log_on_failure  += USERID
}
[root@localhost ~]#

[root@localhost ~]# chkconfig rsync off
[root@localhost ~]# cat /etc/xinetd.d/rsync
# default: off
# description: The rsync server is a good addition to an ftp server, as it \
#       allows crc checksumming etc.
service rsync
{
        disable = yes
        flags           = IPv6
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/bin/rsync
        server_args     = --daemon
        log_on_failure  += USERID
}
[root@localhost ~]#

Xinetd controlled services are automatically on|off by chkconfig.
System controlled services are not automatically start|stop by chkconfig, they need manual intervention like,

#service <service name> start|stop|restart

NTSYSV:

Text userc  interface which works on current run level.

We will ghet a TUI of all services, from there we can enable|disable service. Which is effective for current run level.

We can do this for particular run levels,

[root@localhost ~]# ntsysv --level 2345

[root@localhost ~]# ntsysv --level 35

If no run level specified, it will go only for current run level.

SERVICE:

[root@localhost ~]# service --status-all
abrt-ccpp hook is installed
abrtd (pid  2019) is running...
abrt-dump-oops is stopped
acpid (pid  1798) is running...
atd (pid  2038) is running...
auditd (pid  1685) is running...
Usage: /etc/init.d/bluetooth {start|stop}
cpuspeed is stopped
crond (pid  2027) is running...
dnsmasq is stopped
firstboot is not scheduled to run
hald (pid  1807) is running...
htcacheclean is stopped
httpd is stopped
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all      ::/0                 ::/0                state RELATED,ESTABLISHED
2    ACCEPT     icmpv6    ::/0                 ::/0
3    ACCEPT     all      ::/0                 ::/0
4    ACCEPT     tcp      ::/0                 ::/0                state NEW tcp dpt:22
5    REJECT     all      ::/0                 ::/0                reject-with icmp6-adm-prohibited

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    REJECT     all      ::/0                 ::/0                reject-with icmp6-adm-prohibited

[root@localhost ~]# service sshd status
openssh-daemon (pid  1883) is running...
[root@localhost ~]#


ALL SERVICES AND THEIR OPEN PORTS:

[root@localhost ~]# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1883/sshd
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      1995/master
tcp        0      0 :::22                       :::*                        LISTEN      1883/sshd
tcp        0      0 ::1:25                      :::*                        LISTEN      1995/master
[root@localhost ~]#

SERVICE COMMAND COMPARISON WITH RHEL7:

Purpose
RHEL 6
RHEL 7
Starts a service.
# service sshd start
# systemctl start sshd
Stops a service.
# service sshd stop
# systemctl stop sshd
Restarts a service.
# service sshd restart
# systemctl restart sshd
Restarts a service only if it is running.
# service sshd condrestart
# systemctl try-restart sshd
Reloads configuration.
# service sshd reload
# systemctl reload sshd
Checks if a service is running.
# systemctl status sshd
# systemctl status sshd
# systemctl is-active sshd
Displays the status of all services.
# service --status-all
# systemctl list-units --type service --all





CHKCONFIG & SYSTEMCTL:

purpose
chkconfig
systemctl
Enables a service.
# chkconfig sshd on
# systemctl enable sshd
Disables a service
# chkconfig sshd off
# systemctl disable sshd
Checks if a service is enabled
# chkconfig --list sshd
# systemctl status sshd
# systemctl is-enabled sshd
Lists all services and checks if
they are enabled
# chkconfig --list
# systemctl list-unit-files --type service
Lists services that are ordered to start
before the specified unit
# chkconfig --list
# systemctl list-dependencies --after sshd
Lists services that are ordered to
start after the specified unit
# chkconfig --list
# systemctl list-dependencies --before sshd


Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)