Archive:Docs/Drafts/AdministrationGuide/ManagingServices

Introduction
Services (daemons) are programs that perform useful functions on a system but are not normally started by the user. For example, MySQL runs normally as a service; it is not started every time another service needs to connect to the database. Instead, it is normally always running once configured, unless manually shut down.

Services can be started at other times than at system boot. They may be turned on,off, or restarted without restarting the machine as well as being set to run only at certain run levels.

Run levels are various states the machine can exist in. There are two main run levels most Linux users see. Run level 5 is usually the default for most systems, and presents a full graphical environment. The other is run level 3, which is typically used on servers that don't run a graphical environment, or for trouble shooting and low level system driver installation. Run level 0 is a system halt. Run level 6 is a system reboot. To change run levels, use the  command.

Services and Security
Turn off any service not being used. Leaving a service running that is not used leaves a potential system vulnerability for no benefit. For example, Bluetooth in Fedora is enabled by default. If the system isn't actively connecting to a Bluetooth device, there is no reason to keep the service running. Until recently an ISDN service ran by default. If the system does not use ISDN to connect to the Internet, there is no reason to have it installed and always running. There are several ways to find out what a running system's purpose is. [[The GUI service menus often ]have descriptions.??  On the command line, the command  produces documentation about most services. The general rule is to leave it running unless it is known what the services does.

Configuring Services

 * 1) In KDE (presumes the   tools are installed): Click on the Fedora icon in the toolbar on the default desktop, then navigate to Administration > Server Settings > Services.
 * 2) In Gnome, in the toolbar click on System > Server Settings > Services.
 * 3) Give the root password when prompted.

In the KDE services application, clicking on a service produces a description of that service and its status. Services without a check mark are not started at run (boot) time. To prevent a service from running on system start up, uncheck the box next to it.
 * To enable a service at start up, check the box.
 * To stop a service select it, then click on the Stop button.

In the GNOME services application, the On Demand Services tab is for services that are loaded when a client program calls them. For example, the backup system Amanda only runs when an Amanda client talks to the system.

To save the new configuration, click on the Save button. Failing to save changes means the services do not change start up behavior. Clicking on the Revert button erases all the changes.

Services can be configured to start/not start from the command line using. The basic usage of  is to check the list of services and what run level they start in:

/sbin/chkconfig --list NetworkManager 0:off   1:off   2:on    3:on    4:on    5:on    6:off NetworkManagerDispatcher       0:off   1:off   2:off   3:off   4:off   5:off   6:off acpid          0:off   1:off   2:off   3:off   4:off   5:off   6:off anacron        0:off   1:off   2:on    3:on    4:on    5:on    6:off apmd           0:off   1:off   2:on    3:on    4:on    5:on    6:off atd            0:off   1:off   2:off   3:on    4:on    5:on    6:off auditd         0:off   1:off   2:on    3:on    4:on    5:on    6:off autofs         0:off   1:off   2:off   3:on    4:on    5:on    6:off avahi-daemon   0:off   1:off   2:off   3:on    4:on    5:on    6:off ...


 * 1) Open a terminal window (Applications > Accessories > Terminal)
 * 2) To disable a service such as  : su -c 'chkconfig --level 2345 sendmail off' This stops   from being started in run levels 2,3,4, and 5.
 * 3) To turn sendmail on for run levels 3 and 5: su -c 'chkconfig --level 35 sendmail on'

A full list of  options is available on the manual page: man chkconfig

To manually stop, restart, or start a service that wasn't already running, use the  command. This example starts the service:

su -c 'service sendmail restart'

In the screen capture you see an example of stopping a service that failed. In this case because the service was already stopped. You will also see an example of starting NFS. Notice that not just NFS started. 3 other services started automatically when NFS started. Many services are like this.

There is one final way to edit services.

To stop a service, use  to acquire its PID, then stop the PID using the  command. To modify the stop/start of a service in a particular run time level, edit the  files:

ls -d /etc/rc* rc         rc1.d/      rc3.d/      rc5.d/      rc.d/       rc.sysinit rc0.d/     rc2.d/      rc4.d/      rc6.d/      rc.local

Each directory corresponds with the same numbered run time level. To start a service for run time level 5, add a link in the  directory to the corresponding start script in .  The   and   prefix with a number refers to the order in which that service is started or stopped when the system is starting up or shutting down.

These last methods are recommended only for experienced users. On rare occasions it is necessary to modify these files to change default behavior. Generally, an administrator never has to directly touch these files.

xinetd-Based Services
Many services run as sub-services managed by the  service. FTP servers, backup servers,, and a host of others. To enable or disable these services, use the  command as with   based services.

A default configuration of  services is:

/sbin/chkconfig --list ... xinetd based services: amanda:        off amandaidx:     off amidxtape:     off apgd:          off chargen-dgram: off chargen-stream: off csync2:        off cups-lpd:      off cvs:           off daytime-dgram: off daytime-stream: off discard-dgram: off discard-stream: off echo-dgram:    off echo-stream:   off eklogin:       off ekrb5-telnet:  off gssftp:        off klogin:        off krb5-telnet:   off kshell:        off ktalk:         off rsync:         off tcpmux-server: off time-dgram:    off time-stream:   off

For example, to turn on the  service for , use the following command:

/sbin/chkconfig rsync on

Then reload the service's configuration with the command.

Re-issueing the  command you now see

/sbin/chkconfig --list | grep rsync rsync:         on

To customize the configuration of an  service, edit the file for that service in the   directory. For more information on the syntax of these configuration files, refer to the  page for.

Common Services
Some services commonly found on Fedora installations.

{| border="1"
 * Service || Description
 * Amanda BackupPC || Backup software
 * amd || Runs the automount daemon for remote filesystem mounting such as nfs.
 * anacron and crond || Runs certain programs at specified times.
 * apmd || Monitors laptop battery power and shuts down if power gets too low.
 * atd || at scheduler. Automatically runs programs/scripts that meet certain criteria.
 * auditd || System audit daemon
 * autofs || Used to automatically mount filesystems listed in fstab.
 * avahi-daemon, avahi-dnsconfd || Supports Apple's Zeroconf protocol.
 * bluetooth || Provides Bluetooth functionality.
 * btseed, bttrack || Bittorrent related utils.
 * cfenvd, cfexecd, cfservd || Part of the cfengine services. cfengine is a system configuration an anomaly detection.
 * cman || Cluster manager
 * cpuspeed || System sensor and CPU speed adjustment.
 * cups || Printing support
 * dbmail, Postfix, Sendmail, spamassassin, dovecot || Email services and spam protection.
 * dc_client, dc_server || Caching services
 * denyhosts || Log watcher that bans hosts with too many failed login attempts.
 * dhcdbd || Allow systems to use a DHCP server to obtain an IP address.
 * dund || Bluetooth dial-up networking
 * firstboot || Used after installation for post-installation configuration. You should turn this off after these configurations are complete.
 * gpm || Mouse support on the console
 * haldaemon || Hardware detection layer
 * hidd || Bluetooth HID daemon
 * hplip || HP Linux Imaging and Printing
 * httpd || Apache web server
 * ip6tables and iptable || Firewall
 * ipsec || IPsec encryption/authentication
 * irda || Provides infrared device services.
 * irqbalance || Distributes hardware interrupts across processors on a multi-processor system.
 * isdn || Provides ISDN functionality.
 * kdump || kexec based crash dumping mechanism for Linux.
 * kudzu || Looks for new hardware at boot. Runs only at boot time.
 * ldap || LDAP server
 * lirc || Linux infrared support
 * lisa || Network discovery and protocols
 * lm_sensors || Support for hardware sensors such as CPU temp.
 * lpd || local printer services
 * mcstran || SELinux related
 * mdmonitor || Software RAID support. Turn off if you are not using it.
 * mdmpd || Multipath device support
 * messagebus || App to app communications
 * multipathd || failover and multipath support
 * microcode_ctl || Support for IA32 (Intel PII and newer) microcode
 * mysqld, Postgresql, Oracle || Database servers
 * named || Bind DNS server
 * netfs || Mounts NFS, SMB and other remote filesystems.
 * netplugd || Linux networking related services
 * network || Brings up the network.
 * nfs, nfslock || Provides NFS services.
 * nscd || Name service cache daemon
 * ntpd || Syncs your computer clock with time servers.
 * openais || Clustering, failover, checkpointing and related API.
 * pand || BlueZ Bluetooth PAN daemon
 * pcmcia || Provides pcmcia support. May be safely stopped if you are not using a laptop.
 * pcscd || Smart card support
 * portmap || Support for port mapping and RPC.
 * psacct || Monitors system activity and provides audit trail of user actions.
 * pxe || Provides pxe support. (Preboot execution environment)
 * raduisd || Provides radius VPN support.
 * random || Kernel random number generator.
 * rdisc || Network discovery daemon
 * readahead_early, readahead_later || Used in speeding up boot time.
 * restorecond || Sets default SELinux context on new files.
 * rpcgssd, rpcidmap, rpcsvcgssd || Network file-sharing support
 * rsync || rsync run as a service. Synchronises files mostly between remote systems.
 * saslauthd || SASL authentication server
 * sgi_fam || File alteration monitor
 * smartd || Watches hard-drives for problems.
 * smb || Samba server
 * snmpd, snmtrapd || Linux SNMP support
 * squid || Proxy server
 * sshd || SSH server
 * syslog || System logging service
 * sysstat || Starts special system logging services.
 * tux || Tux web server
 * vncserver || VNC server
 * vsftpd || FTP server
 * winbind || Maps Windows domain databases to UNIX
 * wpa_supplicant || WPA (Wi-Fi Protected Access) supplicant for Linux
 * xend, xendomains, VMware, libvirtd || Provides a virtual machine.
 * xfs || X Font Server
 * ypbind || YP/NIS support
 * yum-updatesd || Automatic yum updates
 * multipathd || failover and multipath support
 * microcode_ctl || Support for IA32 (Intel PII and newer) microcode
 * mysqld, Postgresql, Oracle || Database servers
 * named || Bind DNS server
 * netfs || Mounts NFS, SMB and other remote filesystems.
 * netplugd || Linux networking related services
 * network || Brings up the network.
 * nfs, nfslock || Provides NFS services.
 * nscd || Name service cache daemon
 * ntpd || Syncs your computer clock with time servers.
 * openais || Clustering, failover, checkpointing and related API.
 * pand || BlueZ Bluetooth PAN daemon
 * pcmcia || Provides pcmcia support. May be safely stopped if you are not using a laptop.
 * pcscd || Smart card support
 * portmap || Support for port mapping and RPC.
 * psacct || Monitors system activity and provides audit trail of user actions.
 * pxe || Provides pxe support. (Preboot execution environment)
 * raduisd || Provides radius VPN support.
 * random || Kernel random number generator.
 * rdisc || Network discovery daemon
 * readahead_early, readahead_later || Used in speeding up boot time.
 * restorecond || Sets default SELinux context on new files.
 * rpcgssd, rpcidmap, rpcsvcgssd || Network file-sharing support
 * rsync || rsync run as a service. Synchronises files mostly between remote systems.
 * saslauthd || SASL authentication server
 * sgi_fam || File alteration monitor
 * smartd || Watches hard-drives for problems.
 * smb || Samba server
 * snmpd, snmtrapd || Linux SNMP support
 * squid || Proxy server
 * sshd || SSH server
 * syslog || System logging service
 * sysstat || Starts special system logging services.
 * tux || Tux web server
 * vncserver || VNC server
 * vsftpd || FTP server
 * winbind || Maps Windows domain databases to UNIX
 * wpa_supplicant || WPA (Wi-Fi Protected Access) supplicant for Linux
 * xend, xendomains, VMware, libvirtd || Provides a virtual machine.
 * xfs || X Font Server
 * ypbind || YP/NIS support
 * yum-updatesd || Automatic yum updates
 * restorecond || Sets default SELinux context on new files.
 * rpcgssd, rpcidmap, rpcsvcgssd || Network file-sharing support
 * rsync || rsync run as a service. Synchronises files mostly between remote systems.
 * saslauthd || SASL authentication server
 * sgi_fam || File alteration monitor
 * smartd || Watches hard-drives for problems.
 * smb || Samba server
 * snmpd, snmtrapd || Linux SNMP support
 * squid || Proxy server
 * sshd || SSH server
 * syslog || System logging service
 * sysstat || Starts special system logging services.
 * tux || Tux web server
 * vncserver || VNC server
 * vsftpd || FTP server
 * winbind || Maps Windows domain databases to UNIX
 * wpa_supplicant || WPA (Wi-Fi Protected Access) supplicant for Linux
 * xend, xendomains, VMware, libvirtd || Provides a virtual machine.
 * xfs || X Font Server
 * ypbind || YP/NIS support
 * yum-updatesd || Automatic yum updates
 * syslog || System logging service
 * sysstat || Starts special system logging services.
 * tux || Tux web server
 * vncserver || VNC server
 * vsftpd || FTP server
 * winbind || Maps Windows domain databases to UNIX
 * wpa_supplicant || WPA (Wi-Fi Protected Access) supplicant for Linux
 * xend, xendomains, VMware, libvirtd || Provides a virtual machine.
 * xfs || X Font Server
 * ypbind || YP/NIS support
 * yum-updatesd || Automatic yum updates
 * wpa_supplicant || WPA (Wi-Fi Protected Access) supplicant for Linux
 * xend, xendomains, VMware, libvirtd || Provides a virtual machine.
 * xfs || X Font Server
 * ypbind || YP/NIS support
 * yum-updatesd || Automatic yum updates
 * xfs || X Font Server
 * ypbind || YP/NIS support
 * yum-updatesd || Automatic yum updates
 * yum-updatesd || Automatic yum updates
 * yum-updatesd || Automatic yum updates