INTRODUCTION TO SYSTEM SERVICES

In Linux the boot process,

POST---------BIOS---------MBR--------BOOT LOADER
-------------KERNEL
-------------------INIT
init
/etc/rc.d/rc.sysinit
for system initialization
/etc/rc.d/rc.local For kernel
/etc/rc.d/rc.?d
For runlevel
/sbin/mingetty
For terminals
Run levels: 0
Shutdown
1
Single user
2
Multi-user without network
3
Multi-user with network
4
Not used
5
Multi-user with network & one additional graphical console
6
Reboot
To manage different services: 1. services <service name> <action>
start
stop
reload
restart
status
2.chkconfig

<service name> <action>

on
off
--list
--level <num> on

Red Hat Enterprise Linux

More Bhushan

The /etc/sysconfig/ files

Some services are configured for how they run: named
samba
sendmail
dhcpd
init

Red Hat Enterprise Linux

More Bhushan

SELINUX (SECURITY ENHANCED LINUX) : Security enhanced Linux (SELinux) has been around for some time,
but has recently seen a rise in popularity. It was developed by
National Security Agency (NSA), as a research project.
Linux was selected because it is open source and therefore easier to
get people involved. It also makes it easier to prove the technology.
The primary goal of SELinux was to protect user-space from systemspace & protect user data from system services.
With SELinux they introduced a concept called Mandatory Access
Control (MAC). With MAC, the security administrator decides who
can do what to which files.
SELinux installation options : During the installation, SELinux is automatically activated.
Disabled: -This option turn of the SELinux features
Permissive: - This option sets up some default policies &
logging
Enforcing: -SELinux is now enforced, but it will affect certain
daemons.
Controlling SELinux: 1. system-config-securitylevel
2. vim /etc/sysconfig/selinux

Red Hat Enterprise Linux

More Bhushan

DNS (DOMAIN NAME SYSTEM)

DNS makes it possible to refer to Internet Protocol (IP)-based systems
(hosts) by human-friendly names (domain names). Name resolution is
the act of determining the IP address of a given hostname.
The benefits of DNS:1. Domain names can be logical and easily remembered
2. An IP address for a host change, the domain name can still
resolve transparently to the user.
3. It is able to handle any level of name resolution required.
4. Users need to learn only one naming convention to find
resources on either the internet or intranet.
Domain names are separated by dots, with the topmost element on the
right, whereas IP address have the topmost elements on the left. Each
element may be up to 63 characters long; the entire name may be up
to 255 characters long.
The right most element of a domain name is called the top-level
domain (TLD).If a domain name is shortened, it is said to be fullqualified-domain-name (FQDN).DNS works on the server with port
number 53 and on a client by52
Generic Top-level domain names:1.
2.
3.
4.
5.
6.
7.
8.

(.biz): -Small to large companies

(.com): -Commercial organizations
(.edu): -Educational institutions
(.gov): -Government
(.info): -Providing information
(.name): -Individuals
(.net): -Network providers
(.org) Nonprofit organizations

FQDN (Fully Qualified Domain Name); - DNS uses the fully

4

Red Hat Enterprise Linux

More Bhushan

qualified domain name to map a host name to an IP address. An

FQDN describes the exact relationship between a host and its DNS
domain.
Example: Station1.example.com.
In this example station1 represents the computer name, example
represents the second level domain & .com represents the top-level
domain.

DOMAIN-NAMESPACE
It is a hierarchical, tree-structured namespace, starting at an unnamed
root used for all DNS operations. In the DNS namespace, each node
and leaf object in the domain namespace tree represents a named
domain. Each domain can have additional child domains.

Red Hat Enterprise Linux

More Bhushan

How the query is resolved on the internet?

Forward lookup Zone: It is used for resolving the Domain name to an IP address.
Reverse Lookup Zone: It is used for resolving an IP address to the domain name.
Some Full forms for resource records: 1. A
address
2. NS
nameserver
3. SOA
start of authority
4. PTR
pointer
5. MX
mail exchanger
6. CNAME
canonical name

Red Hat Enterprise Linux

More Bhushan

Configuration: 1. yum install bind-chroot

2. yum install system-config-bind
Or rpm -ivh bind-9.3.3-7.el5.i386.rpm
rpm -ivh bind-chroot-9.3.3-7.el5.i386.rpm
rpm ivh system-config-bind-4.0.3-2.el5.noarch.rpm
3. runlevel
4. init 5
5. (in terminal) system-config-bind
6. vim /var/named/chroot/etc/named.conf
Before changes: // Red Hat BIND Configuration Tool
//
// Default initial "Caching Only" name server configuration
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
zone "." IN {
type hint;
file "named.root";
};
zone "localdomain." IN {
7

Red Hat Enterprise Linux

More Bhushan

type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost." IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa." IN {
type master;
file "named.local";
allow-update { none; };
};
zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa."
IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa." IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa." IN {
type master;
file "named.zero";
allow-update { none; };
};
8

Red Hat Enterprise Linux

More Bhushan

include "/etc/rndc.key";
After changes: // Red Hat BIND Configuration Tool
//
// Default initial "Caching Only" name server configuration
//
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
/*zone "." IN {
type hint;
file "named.root";
};*/
zone "localdomain." IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost." IN {
type master;
file "localhost.zone";
9

Red Hat Enterprise Linux

More Bhushan

allow-update { none; };
};
zone "0.0.127.in-addr.arpa." IN {
type master;
file "named.local";
allow-update { none; };
};
zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa."
IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa." IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa." IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "example.com" IN {
type master;
file "forward.zone";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa." IN {
type master;
10

Red Hat Enterprise Linux

More Bhushan

file "reverse.zone";
allow-update { none; };
};
include "/etc/rndc.key";
7. cd /var/named/chroot/var/named/
8. ls
9. cp localhost.zone forward.zone
10.
cp named.local reverse.zone

11.

vim forward.zone

Before changes: $TTL 86400

@
IN SOA

IN NS
IN A
IN AAAA

root (
42
3H
15M
1W
1D )

; serial (d. adams)

; refresh
; retry
; expiry
; minimum

@
127.0.0.1
::1

After changes: 11

Red Hat Enterprise Linux

More Bhushan

$TTL 86400
@
IN SOA

server
www
station1

IN NS
IN A
IN A
IN CNAME
IN A

12.

vim reverse.zone

server.example.com.
root (
42
; serial (d. adams)
3H
; refresh
15M
; retry
1W
; expiry
1D )
; minimum
server.example.com.
192.168.0.254
192.168.0.254
server.example.com.
station1.example.com.

Before changes: $TTL 86400

@
IN
SOA

IN
IN

localhost. root.localhost. (
42
; Serial
28800
; Refresh
14400
; Retry
3600000 ; Expire
86400 ) ; Minimum
NS
localhost.
PTR localhost.

Before changes: -

12

Red Hat Enterprise Linux

More Bhushan

$TTL 86400
@
IN
SOA server.example.com. root.server.example.com.
(
42
; Serial
28800
; Refresh
14400
; Retry
3600000 ; Expire
86400 ) ; Minimum
IN
NS
server.example.com.
254
IN
PTR server.example.com.
1
IN
PTR station1.example.com.
13.
vim /etc/resolv.conf
Add an entry
search example.com
nameserver 192.168.0.254
14.
ifconfig
15.
hostname
16.
service named start
17.
chkconfig named on
18.
service network restart
19.
nslookup
>192.168.0.254
>example.com

DHCP (DYNAMIC HOST CONFIGURATION

PROTOCOL)
13

Red Hat Enterprise Linux

More Bhushan

Before DHCP: - As the development was there, the number of

workstations were increased they have been developed number of
solutions to address the challenge of configuring TCP/IP settings for
organizations with a large number of workstations.
1 RARP (Reveres Address Resolution Protocol): -A RARP client
broadcasts the MAC address in network A RARP server then responds
by transmitting the IP address assigned to the client computer.
2 BOOTP (Bootstrap Protocol): - Because RARP failed to provide
other much-needed settings to the client, such as a subnet mask and a
default gateway; it gave another solution, The BOOTP. It enables a
TCP/IP workstation to retrieve settings for all the configuration
parameters i.e. subnet mask, default gateway, etc. but major drawback
of BOOTP is that an administrator still must specify settings for each
workstation on the BOOTP server.
What is DHCP?
DHCP is an open, industry-standard protocol that reduces the
complexity administering networks based on TCP/IP. It is defined by
the IETF (Internet Engineering Task Force). Dhcp provides method
for hosts on a network to request, and be granted the TCP/IP
configuration including the address of routers and name servers.
Managing IP address and host options is much easier when
configuration information can be managed from a single location
rather than coordinating information across many locations.
Benefits of DHCP: - Centralized administration of IP configuration
- Dynamic host configuration
- Seamless IP host configuration
- Flexibility
- Scalability
How DHCP works: -

14

Red Hat Enterprise Linux

More Bhushan

DHCP work on the basis of dhcp messages, all dhcp messages are
carried in UDP datagrams using the port number 67 at the server
& 68 at the client.
DHCP message types
1 DHCPDISCOVER: - To find out the dhcp availability
2 DHCPPFER: -Response to client computer, along with offered
configuration
parameters.
3 DHCPREQUEST: -Acceptance of the offered address and
parameters
4 DHCPDECLINE: - Declined of the offered address and
parameters.
5 DHCPACK: -To confirm an IP address.
6 DHCPNACK: -To deny an IP address.
7 DHCPRELEASE: - To cancel remaining lease
8 DHCPINFORM: - For additional local Configuration
parameters.
DHCP Leases: - A DHCP lease defines the duration for which a
DHCP server loans an IP address to a DHCP client. The lease
duration can be between 1 minute and 999 days, or it can be
unlimited. The default lease duration is eight days (11520
Minutes).
15

Red Hat Enterprise Linux

More Bhushan

 DHCP Client: - A computer that obtains its configuration

information from DHCP is known as a DHCP client.
DHCP Scope: - A dhcp scope is a set of IP addresses and
associated configuration information that can be supplied to a
DHCP client.
DHCP Reservation: - Reservations enable permanent address
lease assigned by the DHCP server. It is done on the basis of
MAC address of the client computer.

CONFIUGRATION: 1. [root@station1] yum install dhcp

or [root@station1] rpm -ivh /opt/dhcp-3.0.5-3.el5.i386.rpm
2. [root@station1] cat /etc/dhcpd.conf
3. [root@station1] cp /usr/share/doc/dhcp-3.0.5/dhcpd.conf
/etc/dhcpd.conf
4. [root@station1] vim /etc/dhcpd.conf
ddns-update-style interim;
ignore client-updates;
subnet 192.168.0. netmask 255.255.255.0 {
# --- default gateway
option routers
option subnet-mask

192.168.0.1;
255.255.255.0;

option nis-domain
"domain.org";
option domain-name
"domain.org";
option domain-name-servers
192.168.1.1;
option time-offset

-18000;

# Eastern Standard

Time
16

Red Hat Enterprise Linux

More Bhushan

#
option ntp-servers
192.168.1.1;
#
option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this
unless
# -- you understand Netbios very well
#
option netbios-node-type 2;
range dynamic-bootp 192.168.0.128 192.168.0.254
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
host ns {
next-server marvin.redhat.com;
hardware ethernet 12:34:56:78:AB:CD;
fixed-address 207.175.42.254;
}
5.
6.
7.
8.

[root@station1] ifconfig
[root@station1] service dhcpd start
[root@station1] chkconfig dhcpd on
[root@station1] less /var/lib/dhcpd/dhcpd.leases.

NETWORK FILE SHARING SERVICES

17

Red Hat Enterprise Linux

More Bhushan

1. Network file sharing (NFS): The nfs server is used to share a database between to computers
within a network.
The NFS uses the port no 2049.
Configuration: 1. rpm qa | grep nfs*
2. mkdir /share
3. cd /share
4. create the database which you want to share
5. vim /etc/exports
Add an entry,
/share
192.168.0.1/255.255.255.0(rw,sync)
-------------for particular host
/share
192.168.0.0/255.255.255.0(ro,sync)
-------------for particular
network
/share
*(ro,sync)---------------------for all networks
6. service nfs start
7. service portmap restart
8. service nfslock stop
9. chkconfig nfs on
10. chkconfig nfslock off
11. showmount -e

FILE TRANSFER PROTOCOL (FTP): The ftp server is used to share database over network in secure
18

Red Hat Enterprise Linux

More Bhushan

manner means with some kind of authentication. The ftp server

uses port no 21 on a server & 20 for data transfer.
Configuration: 1. yum install vsftpd
Or rpm ivh vsftpd-2.0.5-10.el5.i386.rpm
2. cd /var/ftp/
3. mkdir /share
4. Create a database which you want to share.
5. vim /etc/vsftpd/vsftpd.conf
6. vim /etc/vsftpd/ftpusers
7. vim /etc/vsftpd/user-list
8. service vsftpd on
9. chkconfig vsftpd on
10. ftp <localhost IP address>

SAMBA: The samba server is used for sharing between the Linux &
Windows oss with help of samba services. With the help of samba
19

Red Hat Enterprise Linux

More Bhushan

we can share the database as well as the printer within the network.
The samba uses the port no 445.
The samba works on the two services : a. smbd: - For the authentication & authorization
b. nmbd: -For the resource browsing
Configuration: 1. yum install samba*
Or rpm ivh aid force samba-3.0.23c-2.i386.rpm
rpm ivh aid force samba-swat-3.0.23c-2.i386.rpm
2. vim /etc/samba/smb.conf
Make the changes as follows
On a line 26,
Replace the MYGROUP by the WORKGROUP
On a line 41,
Remove the ; and mention the network id in format 192.168.0.
On a line 274, add entries,
[share name]
comment=Station1 share
path=/share
browsable=yes
public=yes
writable=yes
valid users = user1,user2
create mask = 0765
write list = user1
3. services smb start
4. chkconfig smb on
5. useradd samba
6. smbpasswd -a samba
7. smbclient -L <host IP address> -U <username>

SENDMAIL
Sendmail is an electronic mail transport agent.Sendmail sends a
message to one or more recipients , routing the message over network
s are necessary. Sendmail does internetwork forwarding as necessary
20

Red Hat Enterprise Linux

More Bhushan

to deliver the message to the correct place.

Sendmail is not intended as a user interface routine; other
provides user-friendly front ends; sendmail is used only to deliver
performatted messages. With no flags, sendmail reads the standard
input up to an end-of-line or a line consisting only of a single dot and
sends a copy of the message found there to all of the addresses listed.
It detemines the network (s) to use based on the syntax and contents
of the addresses.
Local addresses are looked up in a file and aliased appropriately.
How the mail is transfered from one user to another?

MUA MAIL USER AGENT

MTA MAIL TRANSFER AGENT
MRA MAIL RETRIVE AGENT
MDA MAIL DELIVERY AGENT
PROTOCOL

DNS
SMTP
UDP
IMAP

DOMAIN NAME SYSTEM

SIMPLE MAIL TRANSFER PROTOCOL
USER DATAGRAM PROTOCOL
INTERNET MESSAGE ACCESS

POP

POST OFFICE PROTOCOL

Configuration: - To configure a sendmail you should have a dns in

your network.
1. rpm -ivh --force /opt/Server/sendmail-8.13.8.-2.el5.i386.rpm
2. rpm -ivh --force /opt/Server/sendmail-cf-8.13.8.-2.el5.i386.rpm
21

Red Hat Enterprise Linux

More Bhushan

3.
4.
5.
6.
7.

rpm -ivh /opt/Server/dovecot-1.0-1.2.rc15.el5.i386.rpm

nslookup
cd /etc/mail/
less sendmail.cf
vim sendmail.mc
On a line 116, insert dnl #
8. m4 sendmail.mc > sendmail.cf
9. vim /etc/dovecot.conf
On a line 17, remove the #
10.
service dovecot start
11.
chkconfig dovecot on
12.
service sendmail restart
13.
useradd user1
14.
passwd user1
15.
useradd user2
16.
passwd user2
17.
login with the user user1 & user2
18.
On a user1, mail [email protected]
19.
On a user2, mail

HTTP (HYPERTEXT TRANSFER PROTOCOL)

The http protocol is used to transfer information on the world wide
web.Http protocol uses the port number 80.
Recommanded Requirements
DNS server within network
22

Red Hat Enterprise Linux

More Bhushan

 Static IP address
Yum server within a network
Configuration: 1. yum install http*
or rpm ivh force /opt/Server/http*
2. vim /etc/httpd/conf/httpd.conf
On a line 264,
Add a line
ServerName <hostname>:80
On a line 280,
Check
DocumentRoot /var/www/html
On a line 383,
DirectoryIndex index.html index.html.var
Remove the index.html.var
3. cd /var/www/html
4. vim index.html
<write the html coding for the home page of your server>
5. nslookup
>hostname
6. ifconfig
7. service httpd start
8. chkconf ig httpd on
9. elinks
URL=http://<hostname>/ or http://<ip address>/
Virtual Hosting
Virtual Hosting is mostly used at the time of internet.With the help of
23

Red Hat Enterprise Linux

More Bhushan

virtual hosting you can publish different web pages over a single
static ip, for the virtual hoasting you requires multiple entries for the
single host in DNS.(Means in forward & reverse zone).
Forward

station1.example.com
IN A 192.168.0.1
www1.example.com
IN A 192.168.0.1
Reverse
192.168.0.1
IN PTR station1
192.168.0.1
IN PTR www1
Configuring the virtual host
1. nslookup
>station1
>www1
2. vim /etc/httpd/conf/httpd.conf
3. On a line 264,
Before editing
ServerName <hostname>:80
After editing
#ServerName <hostname>:80
On a line 280,
Before editing
DocumentRoot /var/www/html
After editing
#DocumentRoot /var/www/html
On a line 383,
Before editing
DirectoryIndex index.html index.html.var
After editing
#DirectoryIndex index.html index.html.var
On a line 971,
Add a line,
NameVirtualHost <IP Address>:80
24

Red Hat Enterprise Linux

More Bhushan

On a line 990,
Add these lines,
<VirtualHost <IP Address>:80>
ServerName
station1.example.com
DocumentRoot /var/www/html
DirectoryIndex station1.html
</VirtualHost>
<VirtualHost <IP Address>:80>
ServerName
www1.example.com
DocumentRoot /var/www/html
DirectoryIndex www1.html
</VirtualHost>
4. cd /var/www/html
5. vim station1.html
<WRITE DOWN THE CODE FOR THE SITE
STATION1.EXAMPLE.COM>
6. vim www1.html
<WRITE DOWN THE CODE FOR THE SITE
WWW.EXAMPLE.COM>
7. service httpd restart
8. chkconfig httpd on
9. elinks
URL=station1.example.com
URL=www1.example.com

SQUID (PROXY SERVER)

Squid is high performance proxy caching server for web clients,
supporting ftp and http data objects.Unlike traditional caching
software, squid handles all requests in a single, non-blocking, I/O25

Red Hat Enterprise Linux

More Bhushan

driven process. Squid keeps meta data and especially hot objects
cached in RAM, caches DNS lookups, supports non-blocking DNS
lookups, and implements negative caching of failed requests.
Squid supports SSL, extensive access controls, full request logging.
By using lightweight Internet caching Protocol, squid caches can be
arranged in a hierarchy or mesh for additional bandwidth savings.
Squid consists of a main server program squid, a Domain Name
System lookup program dnsserver, some optional programs for
rewriting requests and performing authentication, and some
management ans client tools.
Configuration: - The configuration file /etc/squid/squid.conf
Acl is used to define lables for a network.(On a line 2394)
acl <variable anme> <element> <ip address or network
address>
Http_access uses the lables for excuting commands.(On a line
2507)
http_access allow or deny <variable name>
Elements
src
dst
srcdomain
dstdomain
time

:- Source (In coming requests)

:-Destination (Outgoing requests)
:- Source Domainname
:- Destination Domainname
:- time of day & day of week

Example
A
Allow Computer network
acl allow_net src 192.168.0.0/255.255.255.0
http_access allow allow_net
For domain
26

Red Hat Enterprise Linux

More Bhushan

acl allow_net srcdomain example.com

B
Restricting access during particular duration
acl allow_net src 192.168.0.0/255.255.255.0
acl regularday time MTWThF 10.00-17.00
Su=Sunday, M=Monday, T=Thursday
http_access allow allow_net regularday
C
Multiple configuration
acl station1 src 192.168.0.1
acl station2 src 192.168.0.2
acl station3 src 192.168.0.3
acl morning time 10.00-13.00
acl lunch
time 13.00-14.00
acl postlunch time 14.00-17.00
http_access
allow
station1 morning
http_access allow station2 lunch
http_access
allow
station3 postlunch
D Blocking websites
acl allow_client
src 192.168.0.0/255.255.255.0
acl banned url_regex yahoo.com
http_access
allow
allow_client
http_access
deny
banned

IPTABLES (FIREWALL)
If your oraganization network is connected to inertnet oe any other
network you should consider puting a firewall in place between your
network (LAN) and external network.
Firewall is used to secure to internal network by controlling who can
connect to system in internal network and by controlling what kind of
27

Red Hat Enterprise Linux

More Bhushan

information is allowed out of the internal network. It is the job of

firewall to examine every network packet that passes in and out of
your network and to filter out those packets, That you have a risk, To
undersatnd this filtering process you have to understand a little unit
i.e. packet.
When you send a message over a network it is sent in a single unit
instead the message is broken into smaller sized units called packets.
After that those packets are sent whem all packets are reached at final
destination they are reassembled into complete message. In addition
to all a portion of your message each packet also contains some
additional information including source ip address of the packet, the
destination ip address and information in packet. A firewall examines
this administrative fields in each packet to destination whether the
packet are allowed or not.
Iptables is used to set up, maintain, and inspect the tables of IP packet
filter rules in the Linux kernel. Several different tables may defined.
Each table contains a number of built-in chains and may also contain
user-defined chains.
Each chain is a list of rules which can match a set of packets. Each
rule sepcifies what to do with a packet that matches. This is called
target, which may be jump to a user-defined chain in the same table.

SYNTAX

iptables -t filter <options> INPUT <match sepcifications> -j

<target>
<options>
-A Append
-L List
-I
Insert
-H help
-F Flush
28

Red Hat Enterprise Linux

More Bhushan

-D
-R
-N
-X

Delete a chain rule

Replace
new
delete a chain

<match sepcifications>
-s
source
-d
destination
--sport
source port
--dport destination port
-p
protocol
<target>
ACCEPT
DROP
REJECT
Example
1. iptables t filter A INPUT s 192.168.0.254 d 192.168.0.0 -p
tcp dport 22 j REJECT
NOTE
After adding the rules you have start service,
service iptables start
If you want to save the current table,
service iptables save

29

Red Hat Enterprise Linux

More Bhushan