Embed Size (px)
DESCRIPTION
LINUXX DAEMONS
Citation preview
DAEMONSDisk And Execution MONitor
• In multitasking computer operating systems, a daemon is a computer program that runs as a background process, rather than being under the direct control of an interactive user.
• Traditionally daemon names end with the letter d: for example, syslogd is the daemon that implements the system logging facility and sshd is a daemon that services incoming SSH connections.
• In Windows, daemons are called services.
• Systems often start daemons at boot time and serve the function of responding to network requests, hardware activity, or other programs by performing some task. Daemons can also configure hardware , run scheduled tasks and perform a variety of other tasks.
• A daemon in the Linux environment is any process that typically runs for a long time, and in the background. This means that a daemon can often run from the time a computer is booted, till it is switched off, and that it will often have no controlling terminal during its lifetime.
Different Daemons used in Linux OS areInitCronCrontabXinetdInetdSshdHttpdAtdServices file.named
init• init (short for initialization) is the first process started
during booting of the computer system.• Init is a daemon process that continues running until the
system is shut down. • It is the direct or indirect ancestor of all other processes and
automatically adopts all orphaned processes.• Init is started by the kernel using a hard-coded filename, and
if the kernel is unable to start it, a kernel panic will result. A kernel panic is an action taken by an operating system upon detecting an internal fatal error from which it cannot safely recover
• Init is typically assigned process identifier 1.• The /etc/inittab configuration tells init what to do
• Upstart is an event-based replacement for the /sbin/init daemon which handles starting of tasks and services during boot, stopping them during shutdown and supervising them while the system is running.
• It was originally developed for the Ubuntu distribution, but is intended to be suitable for deployment in all Linux distributions
Feature Highlights• Tasks and Services are started and stopped by
events• Events are generated as tasks and services are
started and stopped• Events may be received from any other process on
the system• Services may be respawned if they die unexpectedly• Supervision and respawning of daemons which
separate from their parent process• User services, which users can start and stop
themselves
Enabling daemons– To (re)enable a daemon (using the default settings) run
the following command, where <daemon> corresponds to the name of the init script as listed in /etc/init.d/:
– # insserv <daemon>
Disabling daemons– To disable a daemon at its default runlevels.(A run level
is a software configuration of the system which allows only a selected group of processes to exist), execute the following command, where <daemon> corresponds to the name of the init script as listed in /etc/init.d/:
– # insserv -r <daemon>
cron• The software utility cron is a time-based job
scheduler in Unix-like computer operating systems. People who set up and maintain software environments use cron to schedule jobs (commands or shell scripts) to run periodically at fixed times, dates, or intervals.
• It is used to execute command in present time.• Cron is driven by a crontab (cron table) file, a
configuration file that specifies shell commands to run periodically on a given schedule.
• The crontab files are stored where the lists of jobs and other instructions to the cron daemon are kept.
• Users can have their own individual crontab files and often there is a system wide crontab file (usually in /etc or a subdirectory of /etc) that only system administrators can edit.
• The crontab utility instructs cron to execute the commands on a specific date and at a specific time.
• It supplies the Crontab file to the cron daemon
• Crontab syntax– crontab [-u user ] fileexample– crontab cronfile• This command invoke the crontab utility with cronfile
as parameter and send the cronfile to cron daemon• Replicate the same to /var/spool/cron
Crontab file• Crontab file has one line for each task that you
want to automate.• You can assign any name to crontabfile.• Format minute hour day-of-month month-of-year day-
of-week commandSix columns in each line .
column Meaning Valid value
1 Minute of the hour 0-59
2 Hour of the day 0-24
3 Day of the month 1-31
4 Month of the year 1-12
5 Day of the week Sunday=0,Monday=1..Saturday=6
6 Command/shell script name Any utility to execute at that time
• * * * * * echo “This is an example”• 0 18 * * * bash /home/user1/take_backup• 10,30,50 9-18 * * 1-6 cp/home/user1/*
/home/user1/backup• The –e option with crontab allows you to directly modify
the file that resides with the cron daemon.• The –r option will delete the scheduled task.• The system administrator can deny or grant access to
certain users. This can be done by specifying names in the /etc/cron. allow and /etc/cron. deny file.
• Both files contain the login name of the user to whom the access is denied or granted.
• at Utility– used to execute the task at one time– After a job is scheduled with the file system
shutting down and restarting the system will not affect the scheduled task
– Syntax• At <options> [time]at.allowat.denyat – Accepts command/shell script to be executed by
using Bash atq – displays the list of pending jobsatrm – Removes a job from list of pending jobs
-options
• V Prints the version number on the monitor• q queue Specifies a single letter queue
designation• m mail message to the user when the job is
completed• -f file specifies the file name to be executed at the
scheduled time• -l list of jobs pending for current user• -v displays the time when the job will be executed
Atd• Runs jobs queued for later execution.Syntax• A• Atd [-l load_avg] [-b batch_interval] [-d] [-s]• -l for limiting load factor• -b Specify the minimum interval in seconds b/w
the start of two batch process• -d debug :print error message to standard error• -s for compatibility with old versions of at
command
inetd• Provides Internet service management for a network.• inetd listens on designated ports used by Internet
services• When a TCP packet or UDP packet arrives with a
particular destination port number, inetd launches the appropriate server program to handle the connection
• Running inetd for servers that are not heavily used can reduce the overall system load, when compared to running each daemon individually in stand-alone mode.
• inetd [-d] [-R rate] [configuration_file]• -d Turns on debugging. • -R rate Specify the maximum number of times
a service can be invoked in one minute; the default is 256.
• inetd reads its configuration information from a configuration file /etc/inetd.conf
• ubservers of the inetd Daemon• The inetd daemon (a subsystem) controls the following
daemons (subservers):• comsat daemon• Ftpd daemon• Fingerd daemon• rlogind daemon• rexecd daemon• rshd daemon• talkd daemon• telnetd daemon• tftpd daemon• uucpd daemon.
xinetd• xinetd, the eXtended InterNET Daemon, is an open-source
daemon which runs on many Linux and Unix systems and manages Internet-based connectivity.
• It offers a more secure extension to or version of inetd, the Internet daemon.
• xinetd performs the same function as inetd: it starts programs that provide Internet services.
• Instead of having such servers started at system initialization time, and be dormant until a connection request arrives, xinetd is the only daemon process started and it listens on all service ports for the services listed in its configuration file.
• When a request comes in, xinetd starts the appropriate server. Because of the way it operates, xinetd (as well as inetd) is also referred to as a super-server.
• Following are important configuration files for xinetd:
• /etc/xinetd.conf - The global xinetd configuration file.
• /etc/xinetd.d/ directory - The directory containing all service-specific files such as ftp
Syntax• xinetd [options]
• -d Enables debug mode. This produces a lot of debugging output, and it makes it possible to use a debugger on xinetd.
• -syslog syslog_facility This option enables syslog logging of xinetd-produced messages using the specified syslog facility.
• -filelog logfile xinetd-produced messages will be placed in the specified file. Messages are always appended to the file. If the file does not exist, it will be created.
• -f config_file Determines the file that xinetd uses for configuration. The default is /etc/xinetd.conf.
• -pidfile pid_file The process ID is written to the file. • -dontfork Tells xinetd to stay in the foreground• -stayalive Tells xinetd to stay running even if no services are
specified.• -version This option causes xinetd to print out its version
information.
sshd• shd (OpenSSH Daemon) is the daemon program for ssh.
Together these programs replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network.
• sshd listens for connections from clients. It is normally started at boot from /etc/rc.
• It forks a new daemon for each incoming connection. The forked daemons handle key exchange, encryption, authentication, command execution, and data exchange.
• sshd can be configured using command-line options or a configuration file (by defaultsshd_config); command-line options override values specified in the configuration file
• sshd [-46Ddeiqt] [-b bits] [-f config_file] [-g login_grace_time] [-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u len]
• -4' Forces sshd to use IPv4 addresses only.• -6' Forces sshd to use IPv6 addresses only.• -b bits Specifies the number of bits• -D' When this option is specified, sshd will not
detach and does not become a daemon. This allows easy monitoring of sshd.
• -e' When this option is specified, sshd will send the output to the standard error instead of the system log.
• -f config_file Specifies the name of the configuration file. The default is /etc/ssh/sshd_config. sshd refuses to start if there is no configuration file.
• -k key_gen_timeSpecifies how often the ephemeral protocol version 1 server key is regenerated (default 3600 seconds, or one hour). The motivation for regenerating the key fairly often is that the key is not stored anywhere, and after about an hour it becomes impossible to recover the key for decrypting intercepted communications even if the machine is cracked into or physically seized. A value of zero indicates that the key will never be regenerated.
• -g login_grace_timeGives the grace time for clients to authenticate themselves (default 120 seconds). If the client fails to authenticate the user within this many seconds, the server disconnects and exits. A value of zero indicates no limit.
• -h host_key_fileSpecifies a file from which a host key is read. This option must be given if sshd is not run as root (as the normal host key files are normally not readable by anyone but root).
• -p portSpecifies the port on which the server listens for connections (default 22). Multiple port options are permitted.
![Daemons of Chaos[1]](https://img.pdfslide.us/doc/110x75/577c77e31a28abe0548de166/daemons-of-chaos1.jpg)
