Main. Deploying Operating Systems Using Cobbler - PXE Boot. Managing Services on Linux with systemd. You've read all about systemd, the new Linux init daemon. You know what it does, and why. Now it's time to dig in and learn how to make it sit up and beg — or at least start, stop, and get information on services. Starting and Stopping Services My earlier piece, "Here We Go Again, Another Linux Init: Intro to systemd" discusses the concepts behind systemd and what it is supposed to do. Now it's time to learn how to use it to control services on our systems. systemd is backwards-compatible with sysvinit and Upstart, so you can try it out by installing it on any Linux that uses sysvinit or Upstart without a lot of extra work.
Arch Linux, Debian, and OpenSUSE all include systemd in their software repositories. A conspicuous omission from distros that support systemd is Ubuntu. Systemadm is a nice graphical systemd manager (figure 1). As pretty as systemadm is, let us adjourn to the command line for the rest of this article. How do you see only available services, running or not? The Geek Stuff. SELinux. 1. Introduction Security-Enhanced Linux (SELinux) is a mandatory access control (MAC) security mechanism implemented in the kernel.
SELinux was first introduced in CentOS 4 and significantly enhanced in later CentOS releases. These enhancements mean that content varies as to how to approach SELinux over time to solve problems. 1.1. Some of the Problems In order to better understand why SELinux is important and what it can do for you, it is easiest to look at some examples. Administrators have no way to control users: A user could set world readable permissions on sensitive files such as ssh keys and the directory containing such keys, customarily: ~/.ssh/ Processes can change security properties: A user's mail files should be readable only by that user, but the mail client software has the ability to change them to be world readable Processes inherit user's rights: Firefox, if compromised by a trojaned version, could read a user's private ssh keys even though it has no reason to do so. 2. All commands | commandlinefu.com.