service

run a System V init script

see also : update-rc.d - init - invoke-rc.d - initctl

Synopsis

service SCRIPT COMMAND [OPTIONS]

service --status-all

service --help | -h | --version

add an example, a script, a trick and tips

: email address (won't be displayed)
: name

Step 2

Thanks for this example ! - It will be moderated and published shortly.

Feel free to post other examples Oops ! There is a tiny cockup. A damn 404 cockup. Please contact the loosy team who maintains and develops this wonderful site by clicking in the mighty feedback button on the side of the page. Say what happened. Thanks!

examples

source

Linux services: is there a GUI for services?

Try sysv-rc-conf to alter the runlevel settings.

and chkconfig to see what's running

Don't forget that ubuntu (and others?) are starting to use the Upstart Startup Manager, so you'll have to keep an eye on the /etc/init directory too

source

How do I prevent Linux services from auto-starting?

In most linux distributions you can manually start/stop services by (as root or using sudo) running the following commands:

# /etc/init.d/apache2 start
# /etc/init.d/mysqld start

# /etc/init.d/apache2 stop
# /etc/init.d/mysqld stop

Which services that are automatically started is controlled by file links in /etc/rc[runlevel].d/ . Find your current runlevel by using the command "runlevel" as root

# runlevel
N 2

Which here indicates runlevel 2 Now you just have to remove those files in /etc/rc2.d/ which you don't want started.

Removing apache and Mysql on a desktop is usually ok, but be aware of removing other services.

source

ClamAV/FreshClam Update Intervals

how often is clamav checking for updates?

Unless you setup a cronjob it will not check for updates.

Do I have to manually run freshclam via a cronjob?

The purpose of a cronjob is to automate the process. You can decide to run it in the following:

/etc/cron.daily

/etc/cron.hourly

/etc/cron.weekly

/etc/cron.monthly

I recommend cron.daily and set it up via a shell script.

sudo gedit /etc/cron.daily/freshclam.sh

#!/bin/sh

/usr/bin/freshclam --quiet

This will now run with all your other cron.daily jobs

Save and exit

chmod 755 /etc/cron.daily/freshclam.sh

source

How do you apply umask settings to an account that doesn't log in?

If the services are started via Upstart or /etc/init.d, edit the appropriate initscripts.

init.d: umask 02 at the top of script (they are ordinary sh scripts)
Upstart: umask 0775 anywhere (don't ask why it's inverted)

Linux does not have a strict definition of "login", and an account is merely an UID that can (or cannot) be associated with a name/homedir/etc.

When you log in on console/over SSH, the login program (or the SSH daemon) uses PAM to set up the environment (possibly pam_umask), then starts your shell with the "login" flag. The /etc/profile script belongs to the sh and bash shells, which only read it for "login" invocations.

When you use sudo touch ... or sudo /etc/init.d/foo start, sudo still calls PAM for auth/account/session setup, but does not start the shell at all, meaning all "profile" or "bashrc" files will be ignored. (That is, unless you use sudo -i ....)

When Upstart runs a service, it simply switches the UID to that of your service, skipping any "profile" scripts or PAM configuration. The only configuration that is read is the service's file in /etc/init, which is where you should put the umask setting.

source

Linux permissions for services

A service is bound by regular permission restrictions. It all depends on what user the service runs as. Services are just regular processes that are always running.

For example,

$ ps aux | grep apache2
root      2845  0.0  0.2  75596  4508 ?        Ss   Sep06   0:19 /usr/sbin/apache2 -k start
www-data 25608  0.0  0.1  74428  2232 ?        S    Sep09   0:00 /usr/sbin/apache2 -k start
www-data 25609  0.0  0.1  75596  2288 ?        S    Sep09   0:02 /usr/sbin/apache2 -k start
www-data 25610  0.0  0.4 2003664 8436 ?        Sl   Sep09   0:37 /usr/sbin/apache2 -k start
www-data 25611  0.0  0.4 2003788 8584 ?        Sl   Sep09   0:36 /usr/sbin/apache2 -k start
www-data 25700  0.0  0.4 2003648 8528 ?        Sl   Sep09   0:36 /usr/sbin/apache2 -k start

You can see that the service is run by root and by www-data. Apache uses the root process only for binding to port 80 (or whatever port you've configured). Recall that binding to ports < 1024 requires you to be root.

For security, though, Apache hands off all request processing to processes that run as www-data. What these processes can access is up to you. If your file permissions in your document root don't permit www-data to access the files, Apache won't be able to serve them.

This is the same for any service; typically they have

A process running as root (if they must bind to a port < 1024; not all services have a root process, though) which delegates tasks to the less-privileged user
A process running as a user they created (bind for BIND, www-data for Apache, proftpd for proftpd, etc.). Keep in mind that the names of these vary by system (Apache sometimes runs as apache or apache2 instead of www-data).

Some processes run as nobody instead of as a specific user, though. This can be a bad idea, but it depends on the process and what it's doing.

These are just general rules; some processes even run entirely as root (such as sshd, although it will use a user process when someone connects). Use ps aux to see what user a process is running under.

source

How to check whether a service is running in linux?

you can use pidof to get pid of process

source

Linux: schedule a service to run in a time period

minutes | hour | day | month | day of week | username | command
0         8      *     *       *             myuser    /etc/init.d/myservice.sh start
0         14     *     *       *             myuser    /etc/init.d/myservice.sh stop

Replace myuser with whatever is appropriate. (probably root)

Also, belongs on serverfault or superuser

source

Controling when services start in Fedora 14 GNU/Linux

The "Device does not seem to be present" message appears to be coming from the network service, which is different from the NetworkManager service (it uses older-style /etc/sysconfig files).

Set your system to only start the NetworkManager service. You can do this in system-config-services, or by running the following as root:

# /sbin/chkconfig network off

And remember that this won't disable NetworkManager, so you'll still be able to connect.

source

Linux service 'named' is not functional - is that an issue?

Quoting from the Linux Documentation Project on,
Security Quick-Start HOWTO for Red Hat Linux:
Step 1: Which services do we really need?

BIND (named) - This often is installed by default, but is only really needed if you are an authoritative name server for a domain. If you are not sure what this means, then you definitely don't need it.
BIND is probably the number one crack target on the Internet.
BIND is often used though in a "caching" only mode.
This can be quite useful, but does not require full exposure to the Internet.
In other words, it should be restricted or firewalled.

^{And, if you really want to use a caching DNS, I guess BIND 9
should also be checked.}

source

start ubuntu service as user

It looks like this server is using an enhanced security model (possibly SELinux, but more likely AppArmour). You would need to update the security profile or disable the Mandatory Access Control.

description

service runs a System V init script or upstart job in as predictable environment as possible, removing most environment variables and with current working directory set to /.

The SCRIPT parameter specifies a System V init script, located in /etc/init.d/SCRIPT, or the name of an upstart job in /etc/init. The existence of an upstart job of the same name as a script in /etc/init.d will cause the upstart job to take precedence over the init.d script. The supported values of COMMAND depend on the invoked script, service passes COMMAND and OPTIONS to the init script unmodified. For upstart jobs, start, stop, status, are passed through to their upstart equivilents. Restart will call the upstart ’stop’ for the job, followed immediately by the ’start’, and will exit with the return code of the start command. All scripts should support at least the start and stop commands. As a special case, if COMMAND is --full-restart, the script is run twice, first with the stop command, then with the start command. This option has no effect on upstart jobs.

service --status-all runs all init scripts, in alphabetical order, with the status command. This option only calls status for sysvinit jobs, upstart jobs can be queried in a similar manner with initctl list’.

environment

LANG, TERM

The only environment variables passed to the init scripts.

exit codes

service calls the init script and returns the status returned by it.

files

/etc/init.d

The directory containing System V init scripts.

/etc/init

The directory containing upstart jobs.

see also

/etc/ init .d/skeleton,
update-rc.d ,
init,
invoke-rc.d .
initctl .

service

Synopsis

add an example, a script, a trick and tips

examples

Linux services: is there a GUI for services?

How do I prevent Linux services from auto-starting?

ClamAV/FreshClam Update Intervals

How do you apply umask settings to an account that doesn't log in?

Linux permissions for services

How to check whether a service is running in linux?

Linux: schedule a service to run in a time period

Controling when services start in Fedora 14 GNU/Linux

Linux service 'named' is not functional - is that an issue?

start ubuntu service as user

description

environment

exit codes

files

How can this site be more helpful to YOU ?

Love it ? Hate it ? Say it !!