Friday, October 2, 2009

Adding and quiting services with chkconfig

Adding and quiting services with chkconfig

This implementation of chkconfig was inspired by the chkconfig command present in the IRIX operating system. Rather than maintaining configuation information outside of the /etc/rc[0-6].d hierarchy, however, this version directly manages the symlinks in /etc/rc[0-6].d.

In Redhat Linux you have a powerfull tool called chkconfig, you can list all the services with:
chkconfig --list
To see the services started in runlevel 3:
chkconfig --list | grep 3:on

To turn off a service in all the runlevels:
chkconfig pcmcia off

Turn off a service in a desired runlevel:
[root@monitor1]# chkconfig --list | grep hpoj
hpoj 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@monitor1]# chkconfig --level 3 hpoj off
[root@monitor1 rc3.d]# chkconfig --list | grep hpoj
hpoj 0:off 1:off 2:on 3:off 4:on 5:on 6:off


If you want to add a new service, you created the /etc/rc.d/init.d/ file and now you wans to manage the service, configure it to start and stop on desired runlevels.

Edit the /etc/rc.d/init.d/service-name file, and add this line on the top:
#!/bin/bash
# chkconfig: 2345 55 25
# description: A service that does powerful things
#

This is a description of what this line does:
# chkconfig: 2345 55 25
  | | |
  | | priority for kill scripts
  | |
  | priority for start scripts
  |
  run levels at which to start service

Then execute, for example, adding the qmail service:
[root@monitor1 init.d]# chkconfig --add qmail
[root@monitor1 init.d]# chkconfig --list qmail
qmail 0:off 1:off 2:off 3:on 4:off 5:on 6:off

Now configure it to start on desired runlevels !

Configure ttysnoop with SSH

Configure ttysnoop with SSH in Suse Or Redhat Linux

This time a nice administrator tool called TTYSNOOP, it permits to watch what other persons are doing in other terminals. Usefull for security people.

Steps:
1) Download openssh from http://openbsd.md5.com.ar/pub/OpenBSD/OpenSSH/portable/
wget http://openbsd.md5.com.ar/pub/OpenBSD/OpenSSH/portable/openssh-4.6p1.tar.gz
2) Uncompress it
tar zxvf openssh-4.6p1.tar.gz
3) Compile it, you have to set the "login" program that ssh has to use !
cd openssh-4.6p1
export LOGIN_PROGRAM="/sbin/foo_login"
cd openssh-4.6p1
./configure --prefix=/usr --sysconfdir=/etc/ssh --without-zlib-version-check --with-pam --with-tcp-wrappers
make
make install

4) Modify the sshd_config file, should be located in /etc/ssh/sshd_config and change these variables:
PasswordAuthentication yes
UseLogin yes

Compile ttysnoop
5) Download ttysnoop from http://freshmeat.net/redir/ttysnoop26/
wget http://freshmeat.net/redir/ttysnoop26/50871/url_tgz/ttysnoop-0.12d.k26.tar.gz
6) tar xzvf ttysnoop-0.12d.k26.tar.gz
7) cd ttysnoop-0.12d.k26
8) make
9) make install

10) Copy the new login from ttysnoop:
cp ttysnoops /sbin/foo_login
11) This directory is not created, you have to do it:
mkdir /var/spool/ttysnoop

12) copy snooptab.dist to /etc
cp snooptab.dist /etc/snooptab

13) Edit /etc/snooptab
Comment all lines except:
* socket login /bin/login

Now you can use it:
#w
wlamagna pts/1 192.168.2.20 16:51 0.00s 1:42 0.01s login -- wlamagna

In another terminal write this to snoop terminal 1.
#ttysnoop 1