System daemons (xinetd, inetd, rsyslogd and cron)
A daemon is a background process that performs a specific function or system task. In keeping with the UNIX and Linux philosophy of modularity, daemons are pro-grams rather than parts of the kernel. Many daemons start at boot time and continue to run as long as the system is up. Other daemons are started when needed and run only as long as they are useful.
Daemons made their way from Multics to UNIX to Linux, where they are so popular that they need a superdaemon ( xinetd or inetd) to manage them.
Before inetd was written, all daemons started at boot time and ran continuously (or more accurately, they blocked waiting for work to do). Over time, more and more daemons were added to the system. The daemon population became so large that it began to cause performance problems. In response, the Berkeley gurus developed inetd, a daemon that starts other daemons as they are needed. inetd successfully popularized this superdaemon model, which remains a common way to minimize the number of processes running on a server. Most versions of UNIX and Linux now use a combination of inetd and always-running daemons.
INIT
init is the first process to run after the system boots, and in many ways it is the most important daemon. It always has a PID of 1 and is an ancestor of all user processes and all but a few system processes. At startup, init either places the system in single-user mode or begins to execute the scripts needed to bring the system to multiuser mode. When you boot the system into single-user mode, init runs the startup scripts after you terminate the single-user shell by typing exit or
In multiuser mode, init is responsible for making sure that processes are available to handle logins on every login-enabled device. Logins on serial ports are generally handled by some variant of getty (e.g., agetty , mgetty , or mingetty. init also supervises a graphical login procedure that allows users to log directly in to X Windows.
In addition to its login management duties , init also has the responsibility to exor-cise undead zombie processes that would otherwise accumulate on the system. init defines several “run levels” that determine what set of system resources should be enabled. There are seven levels, numbered 0 to 6. The name “s” is recognized as a synonym for level 1 (single-user mode). The characteristics of each run level are defined in the /etc/inittab file.
init usually reads its initial run level from the /etc/inittab file, but the run level can also be passed in as an argument from the boot loader. If “s” is specified, init enters single-user mode. Otherwise, it scans /etc/inittab for entries that apply to the re-quested run level and executes their corresponding commands.
The telinit command changes init ’s run level once the system is up. For example, telinit 4 forces init to go to run level 4 (which is unused on our example systems). telinit ’s most useful argument is q, which causes init to reread the /etc/inittab file.
CRON
The cron daemon (known as crond on Red Hat) is responsible for running com-mands at preset times. It accepts schedule files (“crontabs”) from both users and administrators. cron is frequently employed for administrative purposes, including management of log files and daily cleanup of the filesystem.
The atd daemon runs commands scheduled with the at command. Most versions of Linux also include the anacron scheduler, which executes jobs at time intervals rather than at specific times. anacron is particularly useful on systems that are not always turned on, such as laptops.
XINETD
xinetd and inetd are daemons that manage other daemons. They start up their client daemons when there is work for them to do and allow the clients to die grace-fully once their tasks have been completed. The traditional version of inetd comes to us from the UNIX world, but most Linux distributions have migrated to xinetd , a souped-up alternative that incorporates security features similar to those formerly achieved through the use of tcpd , the “TCP wrappers” package. xinetd also provides better protection against denial of service attacks, better log management features, and a more flexi-ble configuration language.
xinetd and inetd only work with daemons that provide services over the network. To find out when someone is trying to access one of their clients, xinetd and inetd attach themselves to the network ports that would normally be managed by the qui-escent daemons. When a connection occurs, xinetd/inetd starts up the appropriate daemon and connects its standard I/O channels to the network port. Daemons must be written with this convention in mind if they are to be compatible.
To change the daemons that loads at boot on Red Hat Linux, in a console, become root (type su -) and type setup, then in the menu select System Services. Various daemons are
| acpid |
This a completely flexible, totally extensible daemon for delivering ACPI events. It listens on a file (/proc/acpi/event) and when an event occurs, executes programs to handle the event. ACPI stands for: Advanced Configuration and Power Interface. |
| aep1000 | For AEP 1000 coprocessors. It's used for hardware cryptographic acceleration under Linux. |
| anacron |
Anacron is a periodic command scheduler. It executes commands at intervals specified in days. Unlike cron, it does not assume that the system is running continuously. Every time Anacron is run, it reads a configuration file that specifies the jobs Anacron controls, and their periods in days. If a job wasn't executed in the last n days, where n is the period of that job, Anacron executes it. Anacron then records the date in a special timestamp file that it keeps for each job, so it can know when to run it again |
| apmd | The apmd package is a set of user-level programs to control the Advanced Power Management system found in all modern laptop computers and most modern desktops. apmd talks to the Linux kernel APM layer, which does all the hardware-dependent stuff. |
| atd | atd runs jobs queued by at. |
| autofs |
Auto-autofs detects Disks, Partitions, CD-ROMs, Floppies etc. and sets up an automount configuration. So it provides an easy access to the hardware. Auto-autofs is a Perl script that searches the hardware for block devices using the /proc directory. It finds partitions on harddisks via fdisk and tries to detect the filesystems. |
| bcm5820 | Hardware cryptographic accelerator support for Broadcom BCM5820 eCommerce Processor. |
| chargen |
Character Generator Protocol. A useful debugging and measurement tool is a character generator service. A character generator service simply sends data without regard to the input. Listens on port 19 TCP/UDP. Details: https://www.networksorcery.com/enp/RFC/Rfc864.txt |
| chargen-udp | See chargen. |
| crond | Daemon to execute scheduled commands. |
| cups | The Common UNIX Printing System ("CUPS") is a cross-platform printing solution for all UNIX environments. It is based on the "Internet Printing Protocol" and provides complete printing services to most PostScript and raster printers. |
| cups-lpd | This is the CUPS Line Printer Daemon ("LPD") mini-server that supports legacy client systems that use the LPD protocol. |
| daytime | The Daytime Protocol (Internet RFC 867) is a simple protocol that allows clients to retrieve the current date and time from a remote server. While useful at a bsic level, the Daytime protocol is most often used for debugging purposes rather than actually acquire the current date and time. The daytime protocol is available on TCP port 13. |
| daytime-udp | See daytime. |
| echo | Service for testing, everything you send to port 7 (echo) would be sent back to you. |
| echo-udp | see echo |
| gpm | General Purpose Mouse Daemon. Necessary only if you want to use your mouse on the console (not xterms). |
| httpsd | The apache web server. |
| iptables | firewall |
| irda | (Infrared Data Association) is an industry standard for infrared wireless communication. |
| irqbalance | Daemon to balance irq's across multiple CPUs. Only useful on SMP systems (more than one processor) |
| isdn | ISDN (Integrated Services Digital Network). Use only with ISDN network interfaces. |
| ktalk | A graphical talk client for KDE. |
| kudzu | Detects and configures new and/or changed hardware on a system. |
| lisa |
LISa is a small daemon which is intended to run on end user systems. It provides something like a "network neighborhood", but only relying on the TCP/IP protocol stack, no smb or whatever. The information about the hosts in your "neighborhood" is provided via TCP port 7741. To use it: from a client computer, open konqueror and type lan://targetIP More information: https://lisa-home.sourceforge.net/ |
| messagebus |
D-BUS is first a library that provides one-to-one communication between any two applications; dbus-daemon-1 is an application that uses this library to implement a message bus daemon. Multiple programs connect to the message bus daemon and can exchange messages with one another. More information: https://www.freedesktop.org/software/dbus/doc/dbus-daemon-1.1.html |
| microcode_ctl |
It decodes and sends new microcode to the kernel driver to be uploaded to Intel IA32 processors. (Pentium Pro, PII, PIII, Pentium 4, Celeron, Xeon etc - all P6 and above, which does NOT include pentium classics) It signals the kernel driver to release any buffers it may hold. The microcode update is volatile and needs to be uploaded on each system boot i.e. it doesn't reflash your cpu permanently, reboot and it reverts back to the old microcode. This driver is designed for Intel IA32 microprocessors only, it will not work with AMD or any other non-Intel processors as they don't support microcode updates or they support it in a manner different from Intel's specs. More information: https://www.urbanmyth.org/microcode/ https://microcodes.sourceforge.net/ |
| mysqld | MySQL database server. |
| named | DNS server. Bind. |
| netfs | Network Filesystem Mounter. Needed for mounting NFS, SMB and NCP shares on boot. |
| network | Activates all network interfaces at boot time. |
| nfslock | To help manage file access conflicts and protect NFS sessions during failures, NFS offers a file and record locking service called the network lock manager. The network lock manager is a separate service NFS makes available to user applications. To use the locking service, applications must make calls to standard lock routines. |
| ntpd | The ntpd sets and maintains the system time of day in synchronism with Internet standard time servers. It is a complete implementation of the Network Time Protocol (NTP) version 4. Allows other computers to synchronize system time with your server. |
| pcmcia | PCMCIA cards. |
| portmap | The portmap service is a dynamic port assignment daemon for RPC services such as NIS and NFS. |
| postgresql | PostgreSQL database server. |
| random | Initialize kernel random number generator |
| rawdevices | Block devices. Links hardware to devices that store data. |
| rhnsd | Red Hat Network Service. Informs you about official security and bug updates for your system. |
| rsync | Its just like rpc with much more features. Provides a very fast method for bringing remote files into sync. |
| saslauthd | SASL (Simple Authentication and Security Layer) authentication server. Server to allow others identify on this server. |
| sendmail | Mail server, allows to send emails using this machine as mail server. |
| services | An internal xinetd services, listing active services. |
| sgi_fam | File Alteration Monitor, provides an API that applications can use to be notified when specific files or directories are changed. For example, consider a graphical file manager, when the user removes a file thru the file manager, their changes are visible immediately. |
| smartd | Self Monitor Analysis and Reporting Technology System. Monitor you hard disk for failures. |
| smb | Samba, allows to share and access MS windows network. |
| snmpd |
Simple Network Management protocol. A standard protocol for non-windows networks. More information: https://www.ncsa.uiuc.edu/UserInfo/Resources/Hardware/IBMp690/IBM/usr/share/man/info/en_US/a_doc_lib/cmds/aixcmds5/snmpd.htm |
| snmptrapd | This is an SNMP application that recieves and logs SNMP TRAP and INFORM messages. Uses UDP port 162. |
| squid | Web proxy cache. https://www.squid-cache.org/ |
| sshd | Secure Shell daemon, allows secure and remote logging to this machine. |
| syslog | Logs all system activities. |
| time | Retrieve the date and time from a host or hosts on the network and set the local system time TCP version. |
| time-udp | Retrieve the date and time from a host or hosts on the network and set the local system time UDP version. |
| tux | The TUX Web Server is an HTTP daemon for Linux . The TUX Web Server is different from other Web servers in that it runs partially from within the Linux kernel as a module, or kernel subsystem. Given sufficient networking cards, it enables direct scatter-gather direct memory access (DMA) and hardware-based TCP/IP checksums from the page cache (the Linux file data cache) directly to the network, avoiding extra data copies. |
| vncserver |
VNC stands for Virtual Network Computing. It is remote control software which allows you to view and interact with one computer (the "server") using a simple program (the "viewer") on another computer anywhere on the Internet. More information: https://www.realvnc.com/ |
| vsftpd |
Secure FTP daemon. More information: https://vsftpd.beasts.org/ |
| winbind |
Winbind is an nss switch module to map Windows NT Domain databases to Unix. |
| xfs |
The X font server (xfs) provides a standard mechanism for an X server to communicate with a font renderer, frequently running on a remote machine. It usually runs on TCP port 7100.You need to be running xfsif you want a remote X terminal to be able to use fonts from your system, or if you want to use fonts that your X server doesn't understand (and the font server does). |
| xinetd |
Service wrapper. xinetd is a replacement for inetd, the internet services daemon. xinetd - eXtended InterNET services daemon - provides a good security against intrusion and reduces the risks of Denial of Services (DoS) attacks. Like the well known couple (inetd+tcpd), it enables the configuration of the access rights for a given machine. More information: https://www.xinetd.org/ |
| yum |
yum is an automatic updater and package installer/remover for rpm systems. It automatically computes dependencies and figures out what things should occur to install packages. It makes it easier to maintain groups of machines without having to manually update each one using rpm. More information: https://linux.duke.edu/projects/yum/ |