Title: Unix System Administration
1Unix System Administration
2Out of the Goo, the Primordial Process
- Init
- Always the first process to run after system boot
- Always PID 1
- Ancestor of all user processes and all but a few
system processes - Configured using /etc/inittab
- Exorcises undead zombie process
- If init dies, the system will hang or reboot
3Its a Bird, Its a Plane,No Its the Super
Daemon
- Inetd
- Daemon that manages other daemons
- The daemons it manages must be programmed to be
started and managed by inetd - Uses /etc/inetd.conf and /etc/services as
configuration files - Simple daemons (echo, discard, etc) are
built-into inetd - You need to send SIGHUP to inetd after editing
/etc/inetd.conf to tell it to reread the file
4/etc/inetd.conf (abridged)
Syntax for socket-based Internet services
ltservice_namegt ltsocket_typegt ltprotogt ltflagsgt
ltusergt ltserver_pathnamegt ltargsgt ftp
stream tcp nowait root /usr/sbin/in.ftpd
in.ftpd telnet stream tcp nowait root
/usr/sbin/in.telnetd in.telnetd echo stream
tcp nowait root internal echo dgram udp
wait root internal talk dgram udp
wait root /usr/sbin/in.talkd in.talkd
5/etc/services (abridged)
echo 7/tcp echo
7/udp ftp-data 20/tcp ftp
21/tcp telnet 23/tcp talk
517/udp
6Mapping Those Pesky Ports
- Portmap (aka Rpcbind)
- Runs on port 111
- Maps between RPC service numbers and TCP/IP port
numbers - RPC services register their service number,
version and port number with portmap/rpcbind when
the start up - Clients contact portmap/rpcbind to find the port
that a particular service is running on. - Use rpcinfo -p to display registered services
7Lets Wrap It Up!
- TCP_Wrappers
- Used to provide IP address-level security to
daemons run from inetd - Can also be used with non-inetd daemons if they
can link with the libwrap library - Logs successful and failed attempts via syslog
facility - Requires modification to /etc/inetd.conf
- Written by Wietse Venema of the Netherlands
- ftp//ftp.porcupine.org/pub/security/index.html
8TCP_Wrapperized /etc/inetd.conf
Syntax for socket-based Internet services
ltservice_namegt ltsocket_typegt ltprotogt ltflagsgt
ltusergt ltserver_pathnamegt ltargsgt ftp
stream tcp nowait root /usr/sbin/tcpd
in.ftpd telnet stream tcp nowait root
/usr/sbin/tcpd in.telnetd echo stream tcp
nowait root internal echo dgram udp
wait root internal talk dgram udp wait
root /usr/sbin/tcpd in.talkd
9/etc/hosts.allow /etc/hosts.deny
/etc/hosts.allow ALL localhost,krusty
in.telnetd beast,bugs in.rlogind beast,bugs
in.rexecd beast,bugs,159.91. in.rshd
beast,bugs in.fingerd ALL in.talkd ALL
/etc/hosts.deny ALL ALL
10Daemons Daemons Everywhere ...
- nfsd, rpc.lockd rpc.statd - file sharing
- ypbind, ypserv, ypxfrd - NIS daemons
- comsat - e-mail notification
- talkd - chat server
- routed, gated - routing
- innd, nntpd - Network News
- syslogd - logging server
- httpd - web server
11 Even in Your Underwear
- Ftpd - file transfer
- telnetd - remote terminal
- rshd, rexec - remote shell
- rlogin - remote login
- xntp - time sync
- dhcpd, bootpd, rarpd - IP address servers
- popper, ipopd, imapd - e-mail servers
- sendmail - e-mail routing server
12Exorcise These Daemons!
- Besides a Unix service, what is a daemon?
- What happens if inetd dies?
- What is the name of the TCP_wrapper daemon?