Daemon Xinted and Syslogd

Daemon Xinted and Syslogd

1. Create a daemon

1. Make the init process the parent process of the newly generated process.

After the fork function is called to create a sub-process, the parent process immediately exits. In this way, the child process will become an orphan process and be taken over by the init process. At the same time, the new process will become running in the background.

2. Call setsid ()

Disconnects the newly created process from the control terminal, creates a new process group, and becomes the first process of the Process Group.

Process Group & session & control terminal

A process group is a collection of one or more processes. The process group ID is determined by the process Number of the lead process.

A session is a collection of one or more Process Groups. Similar to a process group, each session has a lead process.

When a user logs on to the system from a terminal, the system creates a new session. Processes started on the terminal will be assigned to the Process Group of the session by the system.

The process in the session is connected to a terminal through the lead process in the session.

Because the daemon does not need to control the terminal, a new session must be created to avoid the influence of the parent process. The setsid function is provided in Linux to create a new session, the process that calls the setsid function becomes the lead process of the new session.

After the setsid () call is successful, the process becomes a new session leader and a new process leader, and is detached from the original logon session and process group.

At this time, the process does not have a control terminal, but to prevent it from opening the control terminal in the future, you can prevent the process from re-opening the control terminal by making it no longer a session leader:

If (pid = fork ())

Exit (0 );

3. Change the current working directory

The child process generated by using the fork function inherits the current working directory of the parent process. When a process does not end, its working directory cannot be uninstalled. To prevent this problem, the daemon usually changes its working directory to the root directory (/directory ). The function used to change the working directory is chdir.

4. disable file descriptors and redirect standard input, output, and error output

New processes inherit some opened file descriptors from the parent process. If these file descriptors are not used, disable them. The daemon is running on the system background and should not have any output information on the terminal. You can use the dup function to redirect standard input, output, and error output to A/dev/null device (/dev/null is an empty device and no output is written to it ).

5. Set the File Permission creation mask for the daemon.

In many cases, the daemon creates some temporary files. For the sake of security, users often do not want these files to be viewed by other users. In this case, you can use the umask function to modify file permissions and create mask values to meet the requirements of the daemon.

Simple implementation

Void init_daemon (void)

{

Int pid;

Int I;

If (pid = fork ())

Exit (0); // end the parent process

Else if (pid <0)

Exit (1 );

// The first sub-process continues execution in the background

Setsid (); // The first sub-process becomes the new session leader and process leader and is separated from the control terminal.

If (pid = fork ())

Exit (0); // end the first sub-process

Else if (pid <0)

Exit (1 );//

 

// The second sub-process continues to run, and the second sub-process is no longer the session leader

For (I = 0; I <NOFILE; ++ I) // close the opened file descriptor

Close (I );

 

Chdir ("/tmp"); // change the working directory to/tmp

Umask (0); // reset the file to create a mask

Return;

}

Super daemon Xinetd

Xinetd can listen to multiple specified ports at the same time. When receiving user requests, xinetd can start different network service processes to process these user requests based on different user request ports.

Compared with the stand-alone working mode, running a single xinetd can listen to all service ports at the same time, thus reducing the system overhead.

However, xinetd needs to frequently start the corresponding network service process in case of high traffic and frequent concurrent access, which will lead to a reduction in system performance.

The pstree command shows the network services started in two different modes. Generally, Sendmail and Apache services are independently started for some highly-loaded services in the system. Other service types can be managed using xinetd superservers.

2. Daemon log management

Because the daemon does not have a control terminal, the process running information cannot be output. However, sometimes you need to perform system management and maintenance based on the information provided by the process. Therefore, the Linux system provides a special mechanism to solve the log problem of the daemon process. The syslogd daemon can solve the logging problem by receiving information from other daemon and recording the information at the specified location. The syslogd daemon determines whether a message is recorded in a log file or displayed on a user terminal based on the message level.

Linux Log Management:

Kernel Info-> klogd-> syslogd->/var/log/dmesg

Other information-> syslogd->/var/log/messages and other files

Syslog configuration file->/etc/syslog. conf

Syslog Principle

Syslog is responsible for sending and recording the information generated by the system kernel and tools. It consists of the syslog () call, the syslogd daemon process, and the configuration file/etc/syslog. conf. When the system kernel and tool generate information, send the information to syslogd by calling syslog (), and then syslogd according to/etc/syslog. the Configuration Requirements in conf are as follows:

1. Record to system logs

2. output to the system console

3. forward data to a specified user

4. syslogd forwarded to other hosts over the network

Almost all network devices can send log information to the remote server in the form of User Datagram Protocol (UDP) through the syslog protocol. The remote log receiving server must listen to UDP port 514 through syslogd, and according to syslog. the configuration in the conf configuration file processes the local machine, receives the log information of the Access System, and writes the specified event to a specific file for background database management and response. This means that any event can be logged on to one or more servers for the background database to analyze events of remote devices using the off-line (offline) method.

The Syslog. conf configuration format is

Service name [. =!] Record level record file or host

Log Security

Set the hidden attribute chattr + a/var/log/messages. Only append cannot be deleted.

-------------------------------------- Split line --------------------------------------

RHEL5.4 deployment of central Log server rsyslog + Log Analyzer

Deploy a log server using Rsyslog + LogAnalyzer + MySQL in CentOS 6.3

Log servers using rsyslog mysql and logAnalyzer

Deploy a log server using Rsyslog + LogAnalyzer + MySQL in CentOS 6.3

RHEL5.4 deployment of central log server rsyslog + loganalyzer

-------------------------------------- Split line --------------------------------------

This article permanently updates the link address: