Services are run by servers
Each server is a long-lived process listening on a single port
Each service has a default port and transport mechanism
listed in /etc/services
e.g.
an HTTP server is a TCP service with default port 80
Servers wait for requests and send replies. Some servers
handle each request sequentially, others use multiple
processes to handle each request concurrently
(e.g. the Apache httpd
server)
Older distros use the SysV init mechanism to manage services
This uses startup scripts from
/etc/init.d
linked to the runtime
startup directory
E.g. Apache would be started at boot time by
/etc/rc5.d/S91httpd
linked to
/etc/init.d/httpd
If a service startup script exists in
/etc/init.d
you can make the symbolic
link yourself:
ln -s /etc/init.d/httpd /etc/rc5.d/S91httpd
You can start a service "by hand"
/etc/init.d/httpd start
You can stop a service "by hand"
/etc/init.d/httpd stop
Systemd is used extensively by Fedora 16
and partly by Ubunt 11.10, and uses the
service
command
service --status-all
shows all running services
Start a service by e.g. service httpd start
Stop a service by e.g. service httpd stop
Configuration files are in /lib/systemd/system/
SSH is the secure shell protocol RFC 4251
The main clients are ssh
, scp
and sftp
The main server is sshd
and most
distros will have it and a startup script installed but not
enabled at boot time
E.g. in FC16 the server is /usr/sbin/sshd
and the server is managed by systemd
E.g. in Ubuntu 11.10 the server is /usr/sbin/sshd
and the startup script is /etc/init.d/ssh
The configuration files for SSH clients and server
are in /etc/ssh
The configuration file for the clients is
/etc/ssh/ssh_config
Usually you don't change that file
The configuration file is /etc/ssh/sshd_config
The configuration file includes
Default port 22
Server key files
Allow/disallow root logins
Log level
Allow/disallow X11 forwarding
sshd
will log activities to
/var/log/auth.log
There is a boot-time startup script
/etc/init.d/vsftpd
The configuration file is
/etc/vsftpd.conf
The configuration file includes
Allow anonymous FTP (no)
The log file (/var/log/vsftpd.log
)
Allow/disallow anonymous file uploads (no)
More info at Quick HOWTO : Ch15 : Linux FTP Server Setup
Each service requires at least one process to handle client requests
If there are many services which are idle most of the time, this is a waste of system resources
The xinetd (Extended Internet Services Daemon) daemon looks after a set of ports, and calls an apropriate service when a client request arrives, replacing many processes with only one
There is a boot-time startup script
/etc/init.d/xinetd
Each xinetd-controlled service has a configuration
file in /etc/xinet.d
Insecure terminal emulation - use ssh instead
Telnet is usually run by xinetd
The xinetd configuration file
/etc/xinet.d/telnet
includes
service telnet
{
disable = yes
socket_type = stream
protocol = tcp
user = root
wait = no
flags = REUSE
server = /usr/sbin/in.telnetd
log_on_failure += USERID
}
Ubuntu does not include this file, probably to make it harder for you to setup a telnet server
Rsync is a cool way of synchronising two file systems
It compares two file systems and only copies across files that have changed
Typical use: to synchronise and upload the lecture notes on my machine
to cict:
rsync -avz /home/httpd/html/boxhill/ict213/ cict.bhtafe.edu.au:/var/www/subjects/ict213/
The rsync
client can talk to any remote shell
server such as sshd
or rshd
,
or to an rsyncd
server running
standalone or under xinetd
HTTP version 1.1 is described by RFC 2616
Clients include Firefox, Safari, IE, Konqueror, Lynx, Chrome, ...
Servers include Apache, Lighttpd, IIS, nginx, ...
In FC16 configuration file is
/etc/httpd/conf/httpd.conf
In Ubuntu, files are /etc/apache2/apache2.conf
and subdirectories
The configuration file(s) includes
Server port (80)
Document root (/var/www/html
)
User directories for ~user
urls
Log files (/var/log/httpd/access_log
and /var/log/httpd/error_log
)
Internationalisation: character set, languages (UTF-8, English, ...)
Many other advanced configuration options such as virtual hosting
Servers have a common structure for starting/stopping
The syntax and semantics of configuration files is different for each server
Different distros use different files, different structures
Webmin gives a uniform web interface to lots of different services and configuration parameters
You have to download webmin from http://webmin.com - it isn't on either Fedora or Ubuntu repositories
A DHCP server will supply IP addresses to clients
A client requests an address for a NIC by e.g.
dhclient eth0
A Fedora server is dhcpd with configuration file
/etc/dhcp/dhcpd.conf
The server can specify the interface on the command line
dhcpd eth0
Parameters that can be set include
domain name
domain name servers
default and maximum lease times
For each subnet, the routers and the range of dynamic IP addresses
Fixed IP addresses for particular MAC addresses
default-lease-time 600;
max-lease-time 7200;
# Set the subnet mask for the wireless IP network
option subnet-mask 255.255.255.0;
# Set the Broadcast address. This will be 10.x.x.255,
# the "x.x" will depend upon the network assigned to you by NZWireless.
option broadcast-address 10.1.2.255;
# Set the router address, this will be 10.x.x.1, the address
# of your wireless interface WLAN0
option routers 10.1.2.1;
# Set the Name Server address. This will be the same as your WLAN0 address
# because we intend to run DNS on this machine.
option domain-name-servers 10.1.2.1;
# Set the default domain name for clients on this network.
# i.e. the DNS domain assigned to you by your wireless administrator.
option domain-name "simon.akld.nzwireless.org";
# Allocate a network range for dynamic IP addresses to hand out to clients.
# Again, this range will be in 10.x.x.x, depending upon the network allocated
# to you by your wireless administrator.
subnet 10.1.2.0 netmask 255.255.255.0 {
range 10.1.2.10 10.1.2.20;
}
# You can also assign specific IP addresses based on the clients'
# ethernet MAC address as follows (Host's name is "laser-printer":
host laser-printer {
hardware ethernet 08:00:2b:4c:59:23;
fixed-address 10.1.2.99;
}