Unix System Administration

1
Unix System Administration

• Chapter 31
• Daemons

2
Out of the Goo, the Primordial Process

• Init
• Always the first process to run after system boot
• Always PID 1
• Ancestor of all user processes and all but a few
  system processes
• Configured using /etc/inittab
• Exorcises undead zombie process
• If init dies, the system will hang or reboot

3
Its a Bird, Its a Plane,No Its the Super
Daemon

• Inetd
• Daemon that manages other daemons
• The daemons it manages must be programmed to be
  started and managed by inetd
• Uses /etc/inetd.conf and /etc/services as
  configuration files
• Simple daemons (echo, discard, etc) are
  built-into inetd
• You need to send SIGHUP to inetd after editing
  /etc/inetd.conf to tell it to reread the file

4
/etc/inetd.conf (abridged)
Syntax for socket-based Internet services
ltservice_namegt ltsocket_typegt ltprotogt ltflagsgt
ltusergt ltserver_pathnamegt ltargsgt ftp
stream tcp nowait root /usr/sbin/in.ftpd
in.ftpd telnet stream tcp nowait root
/usr/sbin/in.telnetd in.telnetd echo stream
tcp nowait root internal echo dgram udp
wait root internal talk dgram udp
wait root /usr/sbin/in.talkd in.talkd
5
/etc/services (abridged)
echo 7/tcp echo
7/udp ftp-data 20/tcp ftp
21/tcp telnet 23/tcp talk
517/udp
6
Mapping Those Pesky Ports

• Portmap (aka Rpcbind)
• Runs on port 111
• Maps between RPC service numbers and TCP/IP port
  numbers
• RPC services register their service number,
  version and port number with portmap/rpcbind when
  the start up
• Clients contact portmap/rpcbind to find the port
  that a particular service is running on.
• Use rpcinfo -p to display registered services

7
Lets Wrap It Up!

• TCP_Wrappers
• Used to provide IP address-level security to
  daemons run from inetd
• Can also be used with non-inetd daemons if they
  can link with the libwrap library
• Logs successful and failed attempts via syslog
  facility
• Requires modification to /etc/inetd.conf
• Written by Wietse Venema of the Netherlands
• ftp//ftp.porcupine.org/pub/security/index.html

8
TCP_Wrapperized /etc/inetd.conf
Syntax for socket-based Internet services
ltservice_namegt ltsocket_typegt ltprotogt ltflagsgt
ltusergt ltserver_pathnamegt ltargsgt ftp
stream tcp nowait root /usr/sbin/tcpd
in.ftpd telnet stream tcp nowait root
/usr/sbin/tcpd in.telnetd echo stream tcp
nowait root internal echo dgram udp
wait root internal talk dgram udp wait
root /usr/sbin/tcpd in.talkd
9
/etc/hosts.allow /etc/hosts.deny
/etc/hosts.allow ALL localhost,krusty
in.telnetd beast,bugs in.rlogind beast,bugs
in.rexecd beast,bugs,159.91. in.rshd
beast,bugs in.fingerd ALL in.talkd ALL
/etc/hosts.deny ALL ALL
10
Daemons Daemons Everywhere ...

• nfsd, rpc.lockd rpc.statd - file sharing
• ypbind, ypserv, ypxfrd - NIS daemons
• comsat - e-mail notification
• talkd - chat server
• routed, gated - routing
• innd, nntpd - Network News
• syslogd - logging server
• httpd - web server

11
Even in Your Underwear

• Ftpd - file transfer
• telnetd - remote terminal
• rshd, rexec - remote shell
• rlogin - remote login
• xntp - time sync
• dhcpd, bootpd, rarpd - IP address servers
• popper, ipopd, imapd - e-mail servers
• sendmail - e-mail routing server

12
Exorcise These Daemons!

• Besides a Unix service, what is a daemon?
• What happens if inetd dies?
• What is the name of the TCP_wrapper daemon?