Saturday, April 24, 2010

Ubuntu / Debian Linux: Services Configuration Tool to Start / Stop System Services

SkyHi @ Saturday, April 24, 2010

Your Debian / Ubuntu Linux box security depends upon access to system services (one of many aspects). For example, you may need to provide a web server (Apache service) to serve web pages. However, if you do not need use a service, you should always turn off all unused services to avoid exploits.


Traditionally, Debian provided various tools to manage services. There are various methods for managing access to system services:

a) /etc/init.d/service

b) rcconf

c) update-rc.d etc


Under Red hat and Centos Linux you can use chkconfig command (ntsysv command) to configure Sys V style init script links. There is also service command to stop / start / restart services.


So if you are addicted to the service command under RHEL / CentOS / Mandriva Linux and have wondered what to do in Debian / Ubuntu, Linux try sysvconfig package.


sysvconfig - Services Startup Configuration Tool


Debian and Ubuntu Linux also offers service command. It can be used to execute System V style init script stored at /etc/init.d/service-name { start|stop|restart|action }. This is good if you grown up with Red hat. This tool is equivalent to update-rc.d and invoke-rc.d (rcconf and others).


sysvconfig package


First, install sysvconfig package:

$ sudo apt-get install sysvconfig


To start / restart / stop service, use the following syntax:

$ sudo service {service-name} restart <-- Restart service

$ sudo service {service-name} stop <-- Stop service

$ sudo service {service-name} start <-- Start service


For example to stop apache service, enter:

$ sudo service apache stop


sysvconfig command


This is a text-based application that allows you to configure which services are started at boot time for each runlevel. It is simple interface for configuring runlevels. sysvconfig is just like ntsysv under Red hat Linux. It has dialog based interactive, menus to help automate setting up Sys V style init script links:


  • Enable or disable services.
  • Edit individual links.
  • Restore from backup file if you make a mistake.
  • Menu or command line interface.
  • View all services, each with its status and a brief description.

To start Sys V editor, enter:

$ sudo sysvconfig &



(Fig 01: sysvconfig in action - startup screen with menus)


You can enable or disable any system services:



(Fig 02: sysvconfig in action - Enable or Disable system services)


Please note that when you configure a new service using these tools, you may need to reconfigure firewall as well to open required ports.


REFERENCES

http://www.cyberciti.biz/tips/how-to-controlling-access-to-linux-services.html


Q. Under Red Hat or Cent OS chkconfig command provides a simple command-line tool for maintaining the /etc/rc[0-6].d directory hierarchy by relieving system administrators of the task of directly manipulating the numerous symbolic links in those directories. How do I control (or maintain Ubuntu runlevel) startup service under Debian or Ubuntu Linux with command line tool?


A. chkconfig is Redhat and friends only command. Debian or Ubuntu Linux offers different tools or command for same task.


Task: Command line tool to manage services / Ubuntu runlevel


update-rc.d automatically updates the System V style init script links /etc/rcrunlevel.d/NNname to scripts /etc/init.d/name. These are run by init when changing runlevels and are generally used to start and stop. For example turn on ssh service type the command:

# update-rc.d ssh defaultsOR$ sudo update-rc.d ssh defaults


Task: Remove service


Again use update-rc.d command:

# update-rc.d SERVICE-NAME removeOR$ sudo update-rc.d SERVICE-NAME remove


Task: Use Text based GUI Runlevel configuration tool to add or remove services


rcconf is Debian runlevel configuration tool. Rcconf allows you to control which services are started when the system boots up or reboots. It displays a menu of all the services which could be started at boot. The ones that are configured to do so are marked and you can toggle individual services on and off. If rcconf is not installed use apt-get command:

# apt-get install rcconfOR$ sudo apt-get install rcconf Now run rcconf and just follow on screen instructions:

# rcconf


REFERENCES

http://www.cyberciti.biz/faq/howto-runlevel-configuration-tool-to-start-service/