Fedora starts a number of programs automatically when the system is booted. These services (sometimes called Disk And Execution MONitors, or daemons) perform automatic actions on the local computer and, in some cases, perform operations for remote computers on the network, such as sharing files and serving web pages.
Each service consumes memory and processor time, and each network service may provide a weak spot for an attack against your system. Disabling unused services can reduce your boot time, speed up your system, and reduce your security risk.
Select the menu option System→Administration→Services (in KDE, it is System→Services) to start the system-config-services tool, shown in Figure 4-6.
The configuration of the current runlevel is shown by default. Every service with a checkmark in front of it will be started when that runlevel is entered; to add or clear a checkmark, click on the checkbox.
Click on a service name to see a description of that service and its current status (running or stopped). Click on the Save icon (or File→Save Changes) when you’ve configured the services to your liking; your changes will take effect next time you change runlevels or boot the system.
You can edit the settings for another runlevel (3, 4, 5, or all three at the same time) using options on the Edit Runlevel menu.
To start, stop, or restart a service immediately, regardless of whether it’s configured to start automatically at boot time, click on the service name and then click on the Start, Stop, or Restart icon.
If you’re not running a graphical user interface, you can use ntsysv, a character-mode program similar to system-config-services:
# ntsysvThis will configure the current runlevel. To configure a different runlevel, use the --level option:
#ntsysv --level4
The display shown in Figure 4-7 will appear.
Use the arrow keys to select a service, the spacebar to check/uncheck a service, and Tab to switch between the service list and the buttons. When you are done, press Tab to advance to the OK button and then press Enter.
The
chkconfig command provides an easy way to enable and disable services. The --list option displays the current service configuration:
$ chkconfig --list
NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off
NetworkManagerDispatcher 0:off 1:off 2:off 3:off 4:off 5:off 6:off
acpid 0:off 1:off 2:off 3:on 4:on 5:on 6:off
amd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off
apmd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
arptables_jf 0:off 1:off 2:on 3:on 4:on 5:on 6:off
...(Lines snipped)...If you specify a service name, then only the configuration for that service is shown:
$chkconfig --listhttpd 0:off 1:off 2:off 3:off 4:off 5:off 6:offhttpd
Note that each of the seven runlevels is shown, even though the configurations for runlevels 0 and 6 are ignored except for K files (since 0 is halt and 6 is reboot).
To enable a service in a runlevel, use the --level option to specify the runlevel along with the on argument:
#chkconfig --level4 httpdon#chkconfig --listhttpd 0:off 1:off 2:off 3:off 4:on 5:off 6:offhttpd
To disable it, use the off argument:
#chkconfig --level4 httpdoff#chkconfig --listhttpd 0:off 1:off 2:off 3:off 4:off 5:off 6:offhttpd
To reset a service to its default configuration, use the reset argument. The configuration will be reset for the runlevel you specify, or for all runlevels if you don’t include a --level option:
#chkconfig --level4 httpdreset#chkconfighttpdreset
The service command is used to manage running services. Two arguments are always used: first, the name of the service being managed, and second, the action that is to be performed. The most common actions are:
-
start Start the service. This will fail if the service is already running.
-
stop Stop the service. This will fail if the service is not running.
-
restart Restart the service by stopping it and then starting it.
-
reload Reload the configuration files for the service after they have been edited.
-
status Display the current status of the service. This will indicate if the service is stopped or running; depending on the service, additional information may be displayed.
For example, to start the web service (named httpd):
#servicehttpdstartStarting httpd: [ OK ]
You can then check its status:
#servicehttpdstatushttpd (pid 13154 13153 13152 13151 13150 13149 13148 13147 13117) is running...
The pid values printed are the process IDs of the web server processes.
To make the web server reload its configuration file after it’s been edited:
#servicehttpdreloadReloading httpd: [ OK ]
Finally, to stop the web server:
#servicehttpdstopStopping httpd: [ OK ]
Services are managed by scripts in the /etc/rc.d/init.d directory; the name of each script corresponds to the name of the service. Each runlevel has its own directory named /etc/rc.d/rc<X> .d, where <X> is the runlevel.
If you examine a runlevel directory, you’ll see names beginning with K or S, followed by a 2-digit number, followed by a service name:
$lsK01rgmanager K36postgresql K90isicom K01yum K45arpwatch K92ipvsadm K02NetworkManager K46radvd K94diskdump K02NetworkManagerDispatcher K50netdump S01sysstat K05innd K50snmpd S04readahead_early K05saslauthd K50snmptrapd S05kudzu K09dictd K50tux S06cpuspeed ...(Lines snipped)... K35vncserver K85mdmpd S97messagebus K35winbind K85zebra S98cups-config-daemon K36dhcp6s K87multipathd S98haldaemon K36lisa K89netplugd S99local K36mysqld K89rdisc/etc/rc.d/rc5.d
All of these files are actually symbolic links to service scripts in /etc/rc.d/init.d, as shown by a long listing:
$cd$/etc/rc.d/rc5.dls -llrwxrwxrwx 1 root root 13 Oct 5 14:37 S90xfs -> ../init.d/xfsS90xfs
The scripts that start with S are used to start services, and the scripts that start with K are used to kill (stop) services. K scripts are only used when switching between runlevels after the system has been booted.
The digits in the filename are used to control the sequence in which the scripts are executed. This is essential because some services rely on others; for example, the web server relies on the network being up and running, so the network script must be run first.
When you examine the top of a service script, you will find a comment line containing the keyword
chkconfig: followed by three arguments:
$head#!/bin/bash # # Id:$ # # xfs: Starts the X Font Server # # Version: @(#) /etc/init.d/xfs 2.0 # # chkconfig: 2345 90 10 # description: Starts and stops the X Font Server at boot time and shutdown. \/etc/rc.d/rc5.d/S90xfs
The first argument (2345) is a list of the runlevels in which this service will run by default; this information is used to initially set up the system and to handle chkconfig’s reset argument. If the default for this service is to have it turned off in all runlevels, the value - is used. The second argument is the sequence number (00 through 99) for the start link; the value 90 shown here means that the name of the start link will be S90xfs. The third argument is the sequence number for the kill link, which in this case yields a kill-link name of K10xfs.
When service scripts are called, they are passed a keyword such as start, stop, restart, or reload, indicating the action the script must take.
You can use the system-config-services or chkconfig tools to create a custom set of services for a runlevel and then use that either as the default runlevel or an option on the boot menu.
This technique is particularly useful on laptops, which may be used in different locations and need different services in each location.
To create a service:
You can then configure your service in the same way as any of the other services, using system-config-services, service, and chkconfig.
Get Fedora Linux now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
