Services and logs

Question 1

Log file locations

Answer 1

/var/log/syslog
/var/log/messages
/var/log/auth.log
/var/log/secure
/var/log/

Question 2

Location of configs related to log rotation

Answer 2

/etc/logrotate.d/file_name

Question 3

Remote logging

Answer 3

Rsyslog is used for forwarding log messages in an IP network.
The main configuration file for rsyslog is /etc/rsyslog.conf. Here, you can specify global directives, modules, and rules that consist of filter and action parts.
__
vim /etc/rsyslog.d/my_file.conf
. @1.2.3.4:514 (send all logs from this pc to 1.2.3.4)
1.2.3.4 should be configured to accept requests on 514
@-udp
@@-tcp

Question 4

Report the last login of each user on a system

Report of last log users into a system

Answer 4

lastlog, lastlog -u user_name

last
lastb

Question 5

Conf file for journald

Answer 5

/etc/systemd/journald.conf

Question 6

Query to systemd journal

Answer 6

journalctl [opt] [match]
journalctl -f -o verbose (o=output: short, verbose,json etc)
journalctl -p err (p=priority: err, crit,alert,emerg, notice,warning)
journalct -u ssh (u=unit)

Question 7

Legacy: init startup

Answer 7

After the Linux kernel loads up
and it brings in the initial RAM disk, then seeks out an initialization system.
Kernel look for /sbin/init, then reads configuration at /etc/inittab at what runlevel system to be boot.
init performs some tasks from /etc/rc.d/rc.sysinit and boots up into runlevel

Question 8

Legacy: 1. RH service tools
util that sets and queries rl settings or services
2. Util to manage services
3.Textual util for managing services based on their rl-s

Answer 8

1. chkconfig –list -check all services that enabled or disabled on different rl-s
   chkconfig httpd –level 3 on -sets httpd service to start on boot on rl3
2. service httpd restart (start/stop/status)
3. ntsysv

Question 9

Legacy: Ubuntu’s upstart

Answer 9

/sbin/init=>startup=>in parallel: /etc/init/rc-sysinit.conf and mountall=>tellinit=>runlevel=>/etc/init/rc.conf=>login

Question 10

Systemd Unit Files Location

Answer 10

1. Provided by package installation (do not edit):
/usr/lib/systemd/system
2. For admins:
/etc/systemd/system
3. Runtime unit files:
/run/systemd/system

Question 11

List all unit files on a system

Answer 11

systemctl list-unit-files

Question 12

Components of Unit Files in general

Answer 12

[Unit]
Description=
Documentation=
Requires=units that will be activated when this unit is activated.
or Wants=similar to Requires but if something listed here fails, this will not prevent the unit from starting
Conflicts=units that should not be running when this unit is running
After=this unit starts after listed here units
Before=opposite of After

Question 13

List contents of a unit file

Answer 13

systemctl cat unit_name.unit

Question 14

systemctl

Answer 14

systemctl- show all units status on a system
systemctl status -complete status report in tree manner
systemctl status httpd
systemctl enable/disable httpd
systemctl start/stop httpd
systemctl restart httpd
systemctl is-active/is-enabled httpd
systemctl -H 1.2.3.4 status httpd.service

Question 15

Modifying Unit Files

Answer 15

1. Copy existing unit from /usr/lib64/systemd/system to /etc/systemd/system and edit this file
2. Create drop-in Unit File
   2.1. Create a dir /etc/systemd/system/httpd.service.d/ and file in this new dir my-httpd.conf
   All changes here will be started first
   2.2. systemctl edit
   systemctl edit –full -this copy will replace the original unit file

Run systemd-delta to view modification

Run daemon-reload after any mod in unit files, this command will re-run dependencies

Question 16

Target Unit Files

Answer 16

A target unit will sync up other units when computer boots or changes states.
It dictates the type of environment you would work in.
Often used to bring a system into a new state
multi-user.target similar to rl3
graphical.unit similar to rl5
rescue.target similar to rl1
basic.target set during boot before another target takes over
sysinit.target -system init

Question 17

List units of specified unit-types

Answer 17

systemctl list-unit-files -t target

Question 18

Get default target

Set default target

Answer 18

systemctl get-default

systemctl set-default multi-user.target

Question 19

Change current target to another one

Answer 19

systemctl isolate unit-name.target

systemctl isolate multi-user.target

Question 20

Switch to rescue target or default

Answer 20

systemctl rescue

systemctl default

Question 21

Reboot/poweroff the system with systemctl

Answer 21

systemctl poweroff

systemctl reboot

Question 22

Service Units

Answer 22

Along with typical section this will have:
[Service]
Type=simple/oneshot/forking/dbus/notify/idle
ExecStart=full path with args of command to be execute to start the process
TimeoutSec=This configures the amount of time that systemd will wait when stopping or stopping the service before marking it as failed or forcefully killing it.
[Install] -Contains info about service installation
WantedBy=lists units that will want this unit. Creates a symlink of this service to target unit’s *.wants directory

Question 23

Link/unlink the service unit to /dev/null

Answer 23

systemctl mask httpd.service

systemctl unmask httpd.service

Question 24

Timer Unit Files

Answer 24

[Timer]
Unit= (not necessary, if not present .service will be implied)
1. Monotonic
OnBootSec=, OnActiveSec=
2. Real-time
OnCalendar=--* 21:25:00
year-month-day
3. Transient Timers are setup by systemd-run command and do not require .service file
example: systemd-run –on-active=1m /bin/touch /root/hello
[Install]
WantedBy=timers.target

Question 25

List all timers on the system

Answer 25

systemctl list-timers –all