Cramsession Linux Newsletter

home

Aug 1 2002

                    LINUX NEWS
            http://www.Cramsession.com
            August 1, 2002 -- Issue #92

TABLE OF CONTENTS

1) Sean’s Notes

2) Linux News

Unix.com Safe For Now
Honeypots Turn The Tables On Hackers (sic)
Red Hat Drops Netscape
Linux Poised To Plug In USB 2

3) Linux Resources

Help With IPSEC VPNs
Better Security
The Road to Better Programming
Small Business Accounting
The Developer's Nightmare

4) App o’ the Week

~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Free Quizzer for all Cramsession subscribers. Your choice of Win2K Professional, A+, Network+, CCNA, CCNP, or MetaFrame. Hundreds of Free multiple-choice questions/answers and detailed explanations, and lots of free reference material in our adaptive simulation test engine. Limit one per Cramsession subscriber. Download your FREE Quizzer at:

http://ad.brainbuzz.com/?RC06&AIU34

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For information on how to advertise in this newsletter please contact mailto:adsales@CramSession.com or visit http://cramsession.com/marketing/default.asp

1) Sean’s Notes

There is one file in /etc that controls a lot of how the system operates, but is rarely understood. It’s the “inittab” file. Some of you might remember it as the one that you use to change the default runlevel, and you’d be right. However, this one file does so much more.

Runlevels need some explanation, first. At any point in time, the system is in one runlevel or another. It’s just a state. Here are some examples:

0 - halt 1 - single user 3 - multiuser, text console 5 - multiuser, X console 6 - reboot

That’s from my Red Hat system; there’s nothing saying that it has to be that way. For instance, X doesn’t need to be it’s own runlevel, there are different ways it can be started up. Normally, the system boots up in runlevel 1, and then switches to 3 or 5 depending on how it’s configured.

“How it’s configured?” How is it configured? /etc/inittab is where it goes:

id:5:initdefault:

Lines in /etc/inittab (other than the comments, prefaced by #), have the form of:

id:runlevels:action:process

(that’s right out of the inittab(5) man page).

id - unique sequence of 1-4 characters runlevels - what runlevels does this apply to? action - a keyword that specifies when the command applies process - what to do?

The “initdefault” action just tells the system (specifically, process ID 1, called “init”) what runlevel to go into after booting. The parameter goes in the runlevels field, and the process field is ignored.

So, to make sure the system boots into runlevel 3, I’d have:

id:3:initdefault:

in /etc/inittab.

“init” is the process that handles runlevels (and a lot of other things). To change a runlevel, you enter:

init runlevel

So, to halt my system, I could run:

init 0

Or, to get into the GUI console:

init 5

What differentiates a runlevel from another is what’s being run at the time. The difference between runlevel 3 and 5 is that a display manager is running. The system that does this is complex, yet elegant, and you guessed it, starts in /etc/inittab.

l0:0:wait:/etc/rc.d/rc 0 l1:1:wait:/etc/rc.d/rc 1 l2:2:wait:/etc/rc.d/rc 2 l3:3:wait:/etc/rc.d/rc 3 l4:4:wait:/etc/rc.d/rc 4 l5:5:wait:/etc/rc.d/rc 5 l6:6:wait:/etc/rc.d/rc 6

The “wait” action tells init to run the command given in the fourth column when it enters the runlevel specified in the second column. Here, /etc/rc.d/rc is being run whenever you change into a new runlevel, with the new runlevel being given as the parameter.

The “rc” script is where the dirty work happens. Upon entry into a new runlevel, the following occurs:

  • processes that aren’t supposed to be running are stopped
  • processes that are supposed to be running are started

To distinguish these from another, each runlevel has its own directory, called /etc/rc.d/rcN.d, where N is the runlevel. Each process or service the system runs has a file in this directory. Each filename begins with K or S, meaning “kill” or “start” respectively. Following this letter is a two digit number, giving each a relative priority. Thus, something with “K01” is killed before “K99”. After the number is a word describing the script, such as:

K30sendmail

To make things simpler, each service uses the same script to start and stop the file. The rc script is nice enough to pass “start” or “stop” to the file depending on what it wants. Thus, K30sendmail will be run as:

K30sendmail stop

I don’t know about you, but I’ve got 62 startup/shutdown scripts on my machine. 62 * 6 runlevels is a lot of files. So, something was done to fix that.

/etc/rc.d/init.d is a directory containing all of the startup scripts (even though they’re startup and shutdown scripts, just call ‘em startup scripts). Each rcN.d directory has a symbolic link back to the appropriate script in init.d, with the name taking the format as above. So, sendmail will have:

/etc/rc.d/init.d/sendmail

with symbolic links…

/etc/rc.d/rc0.d/K30sendmail -> ../init.d/sendmail

to stop it in runlevel 0, and…

/etc/rc.d/rc3.d/S80sendmail -> ../init.d/sendmail

…to start it in runlevel 3.

Normally the priorities don’t matter too much, they’re just there so you can force stuff to happen before other stuff. For example, you want to have your firewall come up before your network interfaces, and your network interfaces to come up before your network daemons. Priorities make sure this happens. In terms of the shutdown priorities, I generally use 100-startup priority, so that they come down in the opposite order they came up in. From the example above, of 30 and 80, you can see it’s not a hard and fast rule.

So, when you change initlevels, the init process consults /etc/inittab to find out what to do. One of the actions is to run /etc/rc.d/rc, which takes care of starting up and shutting down daemons. Each script is a simple shell script that is fed either “start” or “stop”, and it goes about its business.

So, to make sure that sendmail doesn’t start in any runlevel, replace all the S??sendmail symlinks with K??sendmail symlinks. Not surprisingly, it isn’t fun, which is why there are good GUI (tksysv) or command line (chkconfig) tools out there. Again, there are many others you can use.

Before I go, I’ll leave you with a thought. Even though X comes up in runlevel 5, it doesn’t have a script in /etc/rc.d/init.d on most systems. How do you think it gets started? That, and some more trivia about inittab, will be answered next week.

Long live the Penguin,

Sean mailto:swalberg@cramsession.com

2) Linux News

Unix.com Safe For Now

Earlier, I told you about Unix.com being disputed by the X/Open group. The ruling came back, and the owners of Unix.com can keep their name. What I found interesting in this document was both side’s arguments–the current owner basically said that “unix is now generic”. The panel didn’t say they agreed with him, but they said that X/Open’s arguments to the contrary weren’t effective.

http://www.unix.com/pdfs/UNIX_COM_WIPO_Administrative_Decision.pdf

Honeypots Turn The Tables On Hackers (sic)

Here’s some news on using Honeypots to catch crackers in the act. A honeypot’s job is to be broken into, and to log everything, giving you more information about your attacker.

http://itmanagement.earthweb.com/secu/article/0,,11953_1436291,00.h tml

Red Hat Drops Netscape

The next version of Red Hat (7.4 or 8.0) has hit the FTP servers in beta form, but the following note is included: The Netscape Web browser has been removed. I’ve been happy with Mozilla for some time, but it’s still quite the event.

http://mozillaquest.com/Linux02/RHAT_7-4_beta-2-released_story-01.h tml

Linux Poised To Plug In USB 2

The upcoming releases of the Linux kernel are going to support USB 2, which will surely help out its adoption. There’s some interesting words about Linux in general.

http://zdnet.com.com/2100-1104-946529.html

3) Linux Resources

Help With IPSEC VPNs

Free S/WAN is an IPSEC implementation for Linux, funded by John Gilmore, a noted advocate of Internet freedom. This document is a step-by-step list of how to install the S/WAN modules, and how to configure an IPSEC tunnel between two networks.

http://www.linuxlabs.biz/articles/ipsec.htm

Better Security

This isn’t as much a howto document as it is a description of all the security measures that one person takes to secure his system. However, there is lots of useful advice, and it even has a section on what to do if you end up being compromised. There are links to several great projects, such as LIDS, which adds measures into the kernel that even root can’t bypass.

http://www.linuxgazette.com/issue80/tougher.html

The Road to Better Programming

This series of chapters, five in all, present techniques to improve your Perl programming. Alas, it assumes you already know Perl, and wish to become better. If you’re just learning the language, it’s got some good hints, but you’ll appreciate it more once you’ve become more familiar with it. The link is to the final chapter, which has links to the previous four.

http://www-106.ibm.com/developerworks/linux/library/l-road5.html

Small Business Accounting

Windows has several good accounting packages, but Linux seems to be lacking, especially when it comes to the small business. This website, which has lots of useful information for that demographic, has put together a comparison of the major packages.

http://linux4smallbiz.com/Members/l4sb/articles/Po10272758870

The Developer’s Nightmare

So, you’ve started a job as a developer. You’ve inherited an existing application, but all the senior guys have left. What do you do? This article is full of helpful advice.

http://www.kuro5hin.org/?op=displaystory;sid 02/7/26/43016/0846

4) App o’ the Week

PAN is my favourite newsreader. I just noticed that they’ve made a release, so I thought I’d share the link with you.

http://pan.rebelbase.com/

(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.

      This message is from CramSession

You are currently subscribed to the following list Hottest Linux News and Resources as: sean@ertw.com

To un-subscribe from this newsletter by e-mail, send a blank email message to: mailto:leave-linuxnews-3825955Y@list.cramsession.com

To subscribe to this newsletter and many others visit our site at: http://newsletters.cramsession.com/signup/default.asp

github.com/swalberg
twitter.com/seanwalberg