While the Firewall may be configured to block the ports utilized by the various Linux services, it is also a good practice to stop any unnecessary services on the Linux system. Not only does this increase Linux security, but it also prevents unneeded programs from running and using system resources.
Before delving deeper into Linux services, it is necessary to first grasp Runlevels. A standard Linux system may be set to boot into one of five distinct runlevels. During boot, the init process searches the /etc/inittab file for the default runlevel. After determining the runlevel, it proceeds to execute the necessary startup scripts to start the system's services. The good news is that both the runlevel and the services that are launched may be customized.
What Are Runlevels?
Consider Linux runlevels to be distinct "modes" in which the operating system operates. Each of these modes, or runlevels, has its own set of processes and services that may be enabled or disabled. Linux is always in some runlevel from the moment it boots up. This runlevel may change while you use your computer, based on the services that the operating system requires.
How Many Runlevels Does Linux Have?
In Linux, there are seven distinct runlevels ranging from zero to six. Because different distributions use the seven runlevels in different ways, compiling a clear list of what the runlevels perform is difficult. Instead, you should investigate how the runlevels function on the distribution that you are using. The list below, for the most part, depicts how Linux distributions typically configure runlevels:
- Runlevel 0 terminates the system.
- Runlevel 1 is a single-user mode for maintenance and administrative duties. This mode may alternatively be referred to as runlevel S.
- The second runlevel is a multi-user mode. This runlevel employs no networking services.
- Runlevel 3 is a networking-enabled multi-user mode. If you use a system that does not boot into a GUI, this is the standard runlevel.
- Runlevel 4 is not employed. The user can modify this runlevel to suit their needs.
- Runlevel 5 is identical to Runlevel 3, except it additionally launches a display manager. If you have a system that boots into a GUI, this is the runlevel you are using.
- Runlevel 6 causes the machine to reboot.
What Is My Current Runlevel? (SysV)
If you want to know your current runlevel, run the command below:
# runlevel |
Alternatively, you can also run the command:
# who -r |
For systemd linux distributions, the setup is a little bit different. This is a list of how runlevels in sysv now compare to systemd:
- Run level 0 is matched by poweroff.target (and runlevel0.target is a symbolic link to poweroff.target).
- Run level 1 is matched by rescue.target (and runlevel1.target is a symbolic link to rescue.target).
- Run level 3 is emulated by multi-user.target (and runlevel3.target is a symbolic link to multi-user.target).
- Run level 5 is emulated by graphical.target (and runlevel5.target is a symbolic link to graphical.target).
- Run level 6 is emulated by reboot.target (and runlevel6.target is a symbolic link to reboot.target).
- Emergency is matched by emergency.target.
To check your current run level, run the command:
# systemctl get-default |
How To Change Runlevel? (Sysv)
Run levels can be changed easily. To change run level root privilege is required. Run the command below to change to runlevel 3:
# init 3 |
The command above would change the run level to runlevel 3. Alternatively, you can also run the command using sudo if you are not a root user. In systemd, you would run the command below to change to the default runlevel 3:
# systemctl isolate multi-user.target |
How To Change the Default Runlevel?
To change default run level in sysv, run the command below:
# vi /etc/inittab |
In a systemd distribution, the command would be a little different. You can run the command below (keeping the list from above in mind):
# systemctl set-default multi-user.target |
Security Vulnerabilities with Linux Runlevels
As stated earlier in this article, the goal of Linux runlevels is to provide an administrator with control over which services run in specific conditions. This degree of granular control over your system helps security by ensuring that no superfluous services are running. When an administrator is unaware of which services are running, he or she may fail to protect those attack surfaces. The methods described in this article can be used to set your default runlevel and control which apps run. These solutions will not only free up system resources, but they will also make your server more secure. Remember to only use the runlevels that you need.For example, beginning runlevel 5 makes little sense if you simply want to utilize the terminal. Changing runlevels may bring in a slew of new services, some of which may run fully in the background and you may forget to secure them.
What Are Services?
A service in Linux is a program or application that runs or intends to operate in the background. That is, it runs without requiring the user to be aware of it at all times. In general, a Linux service has no graphical interface, which means that users cannot interact with them via an interface, and the services are initiated by the system. Third-party services like MySQL can be set to start or stop alongside the system. They run in the background and wait for a signal to begin a certain activity.
What Do You Need to Know about Services?
As a system administrator, you must know how to query the status of services, stop and restart them, and customize them to fit the needs of your firm. If you're operating a DNS server, for example, you'll need to specify the DNS zones that you wish to serve. In general, any unique security and backup standards should be applied to all of your services. The configuration files for the installed services are found in the /etc directory on Linux. While some products may have graphical configuration editors, you will almost always need to change the configuration files on linux. It is important to keep in mind what services are running as well as their configuration files so that you can appropriately set them up.
How To Configure Services
Without having to go into the depths of your Linux system, there are a variety of ways to manage what services start using both command line and graphical tools. Run the command(s) below to start and stop services on systemd:
$ sudo systemctl start application.service |
$ sudo systemctl stop application.service |
To restart or reload services, you can run the following commands below:
$ sudo systemctl restart application.service |
You may use the restart command to restart a running service as shown above. If the program in question can reload its configuration files without restarting, you can start the process with the reload command as shown below:
$ sudo systemctl reload application.service |
The command below, iff available, will reload the settings in-place. Otherwise, it will restart the service to take up the updated configuration:
$ sudo systemctl reload-or-restart application.service |
Below are the commands to disable and enable different services:
$ sudo systemctl enable application.service |
$ sudo systemctl disable application.service |
To check any active, running services, you can run the command below as well:
systemctl list-units |
To completely deny a service from running, lets say mandb in this instance, you can use the mask command as shown below:
sudo systemctl mask mandb.service |
Why Should You Configure Services?
Services do tasks without involving the user, which means they either perform a job at a predetermined frequency or when a specific software with a user front-end requests something from the service. The user is not participating in the call process and is not interested in or needs to know what the service is doing in the background. For these reasons comes the importance of configuring your services. Having your services properly running and configured so you do not run into issues later on down the road is essential to a fully functioning and secure linux system.
Final Thoughts
Hopefully, this tutorial helped you understand the Linux runlevels and services. To review, A run level is a state of init and the whole system that defines what system services are operating while Services are essential processes that usually run in the background, rather than being under the direct control of an interactive user, waiting for requests from other software programs, or to carry out essential tasks at the appropriate time. Knowing what these two things are, how they work, and how you can configure them properly is essential to keeping your system more secure. We hope you stick around for more upcoming articles!