Open main menu

CDOT Wiki β

Changes

OPS235 Lab 5 - Fedora17

1,957 bytes removed, 09:50, 10 February 2012
no edit summary
{{Admon/important| Security Advice | We have seen that maintaining unneeded packages can be a security risk due to the unnecessary increase in the complexity of your system. Similarly, it is also unnecessarily hazardous, and even more so, to leave unneeded services running. In this investigation, we will learn how to control services, and turn off those that we think are not necessary.}}
#Determine your current runlevel using the <code>runlevel</code> command.#Change Switch to the appropriate startup directory in a terminal window. For example, if your runlevel is 4, change to <code>/etc/rc.d/rc4.d</code>#Observe the names of the symbolic links in that directory. What is the target (destination) of the links to?# If you are not using the graphical user interface (GUI), use the ''startx'fedora2''' command to start itVM.#Run Issue the menu option <code>System>Administration>Services</code>. You will then see the Service Configuration screen.#Find the <code>bluetooth</code> service and select customize from the tool bar. and deselect the checkbox for following Linux command to determine your runlevel from step 1. Quit the app.:#Return to the terminal window you used in Step 2. Get a listing of the symbolic links in the startup directory. Is it any different from what you observed previously?#Using the Service Configuration screen, re-enable the *<code>bluetoothrunlevel</code> service. #Check the symbolic links again. What has changed this time?#Run this command:#*<codebr />chkconfig bluetooth off<br /code>#Now what has changed The number '''5''' indicates that your fedora2 VM is currently in the directory?"runlevel 5" or "graphical mode with networking".#Run this command:#*<code>chkconfig bluetooth on<{{Admon/code>#Now what has changed?#Run the note|The runlevel command:#*<code>chkconfig --list</code>#What does the output show?#What is now depreciated|Although you can still use the relationship between the Service Configuration tool'''runlevel''' command, the symbolic links in the startup directoryit is considered obsolete (deprecated), and the <code>chkconfighas been replaced by '''systemctl'''.<br /code> command?#You can also use <code>chkconfig<br /code> The newer system called '''systemd''' is a newer method to help simplify controlling both runlevels (referred to set as "targets" and system services (referred to be on or off for certain runlevelsas "services"). For example, to turn httpd on for runlevel 4, we issue the command:}}#*<code>chkconfig --level 4 httpd on</code>#To turn it off, we type:#*<code>chkconfig --level 4 httpd off</code>#To increase your computer's security, make sure these services are disabled:#*btseed, bttrack, cups, irda, mdmonitor, netfs, nfs, nfslock, pcscd, rpcgssd, rpcidmapd, rpcsvcgssd, sendmail, ypbind.{{Admon/note|Determining Required Services|You should understand that while most services in this list are often not needed, or are needed under circumstances different than those which occur here, there may be situations in which some of them are required, and it may be up to you as an administrator to determine which services are needed, and which should be turned off.
You can find out some basic information about a particular service by querying <code>rpm</code> for information about the package that installed the service file in <code>/etc/rc.d/init.d</code>. For example, to find out about the <code>cups</code> service, execute: <code>rpm -qif /etc/rc.d/init.d/cups</code>
}}
===Investigation 6: How do we Manage System Services?===
13,420
edits