User Tools
управление_сервисами_в_linux
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
управление_сервисами_в_linux [2021/07/02 08:24] val [Система загрузки Systemd] |
управление_сервисами_в_linux [2026/04/03 07:38] (current) val [Система загрузки rc.local] |
||
|---|---|---|---|
| Line 31: | Line 31: | ||
| ===== Система загрузки rc.local ===== | ===== Система загрузки rc.local ===== | ||
| + | |||
| + | * [[Сервис SSH#Аутентификация с использованием ключей ssh]] | ||
| + | * [[Управление ядром и модулями в Linux#Переменные ядра]] net.ipv4.ip_local_port_range | ||
| <code> | <code> | ||
| # cat /etc/rc.local | # cat /etc/rc.local | ||
| Line 36: | Line 39: | ||
| #!/bin/sh | #!/bin/sh | ||
| - | /usr/bin/ssh -N -R 200X:localhost:22 userX@gate.isp.un & | + | /usr/bin/ssh -N -R 61000+X:localhost:22 -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes userX@gate.isp.un & |
| exit 0 | exit 0 | ||
| Line 59: | Line 62: | ||
| # /etc/init.d/proftpd stop | # /etc/init.d/proftpd stop | ||
| - | # cat /etc/init.d/sshvpn | + | # cat /etc/init.d/mysshvpn |
| </code><code> | </code><code> | ||
| #!/bin/sh | #!/bin/sh | ||
| ######### CentOS ########## | ######### CentOS ########## | ||
| - | # sshvpn Start/Stop the sshvpn daemon. | + | # mysshvpn Start/Stop the mysshvpn daemon. |
| # | # | ||
| # chkconfig: 2345 90 60 | # chkconfig: 2345 90 60 | ||
| Line 70: | Line 73: | ||
| ######### Debian ########## | ######### Debian ########## | ||
| ### BEGIN INIT INFO | ### BEGIN INIT INFO | ||
| - | # Provides: sshvpn | + | # Provides: mysshvpn |
| # Required-Start: $remote_fs $syslog $local_fs $network | # Required-Start: $remote_fs $syslog $local_fs $network | ||
| # Required-Stop: $remote_fs $syslog $local_fs $network | # Required-Stop: $remote_fs $syslog $local_fs $network | ||
| Line 76: | Line 79: | ||
| # Default-Stop: 0 1 6 | # Default-Stop: 0 1 6 | ||
| - | # Short-Description: sshvpn Secure Shell server | + | # Short-Description: mysshvpn Secure Shell server |
| ### END INIT INFO | ### END INIT INFO | ||
| Line 83: | Line 86: | ||
| if [ "$1" = start ] | if [ "$1" = start ] | ||
| then | then | ||
| - | echo Starting sshvpn... | + | echo Starting mysshvpn... |
| - | /usr/bin/ssh -N -R 200X:localhost:22 userX@gate.isp.un & | + | /usr/bin/ssh -N -R 61000+X:localhost:22 -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes userX@gate.isp.un & |
| - | echo $! > /var/run/sshvpn.pid | + | echo $! > /var/run/mysshvpn.pid |
| elif [ "$1" = stop ] | elif [ "$1" = stop ] | ||
| then | then | ||
| - | echo Stopping sshvpn... | + | echo Stopping mysshvpn... |
| - | kill -TERM `cat /var/run/sshvpn.pid` | + | kill -TERM `cat /var/run/mysshvpn.pid` |
| - | rm /var/run/sshvpn.pid | + | rm /var/run/mysshvpn.pid |
| else | else | ||
| echo Usage: | echo Usage: | ||
| - | echo '/etc/init.d/sshvpn start|stop' | + | echo '/etc/init.d/mysshvpn start|stop' |
| fi | fi | ||
| </code> | </code> | ||
| Line 103: | Line 106: | ||
| # cd /etc/init.d | # cd /etc/init.d | ||
| - | # ln -s ../init.d/sshvpn /etc/rc5.d/S20sshvpn | + | # ln -s ../init.d/mysshvpn /etc/rc5.d/S20mysshvpn |
| - | # ln -s ../init.d/sshvpn /etc/rc0.d/K20sshvpn | + | # ln -s ../init.d/mysshvpn /etc/rc0.d/K20mysshvpn |
| - | # ln -s ../init.d/sshvpn /etc/rc6.d/K20sshvpn | + | # ln -s ../init.d/mysshvpn /etc/rc6.d/K20mysshvpn |
| </code> | </code> | ||
| Line 128: | Line 131: | ||
| # chkconfig --list | # chkconfig --list | ||
| - | # chkconfig --add sshvpn | + | # chkconfig --add mysshvpn |
| - | # chkconfig --list sshvpn | + | # chkconfig --list mysshvpn |
| - | # chkconfig --del sshvpn | + | # chkconfig mysshvpn on |
| - | </code> | + | |
| + | # #chkconfig mysshvpn off | ||
| + | |||
| + | # #chkconfig --del mysshvpn | ||
| + | </code> | ||
| + | ==== Управление ресурсами ==== | ||
| + | <code> | ||
| + | # cat /etc/init.d/asterisk | ||
| + | </code><code> | ||
| + | ... | ||
| + | MAXFILES=65536 | ||
| + | ... | ||
| + | </code> | ||
| ===== Система загрузки Systemd ===== | ===== Система загрузки Systemd ===== | ||
| Line 141: | Line 155: | ||
| * [[https://habrahabr.ru/company/centosadmin/blog/255845/|Systemd за пять минут]] | * [[https://habrahabr.ru/company/centosadmin/blog/255845/|Systemd за пять минут]] | ||
| * [[https://wiki.archlinux.org/index.php/systemd|systemd]] | * [[https://wiki.archlinux.org/index.php/systemd|systemd]] | ||
| + | |||
| + | ==== Управление юнитами Systemd ==== | ||
| + | |||
| + | * [[https://docs.gitea.io/en-us/linux-service/|Run Gitea as Linux service]] | ||
| + | * Сервис SNORT [[Сервис SNORT#Копирование alert_unified2 в syslog]] | ||
| <code> | <code> | ||
| $ systemctl -a | $ systemctl -a | ||
| $ systemctl list-units | $ systemctl list-units | ||
| + | $ systemctl --failed | ||
| + | $ systemctl reset-failed | ||
| centos# find /usr/lib/systemd/system/ | centos# find /usr/lib/systemd/system/ | ||
| debian# find /lib/systemd/system/ | debian# find /lib/systemd/system/ | ||
| + | |||
| + | # find /etc/default/ | ||
| $ systemctl status ssh | $ systemctl status ssh | ||
| Line 158: | Line 181: | ||
| # systemctl enable ssh | # systemctl enable ssh | ||
| - | # cat /etc/systemd/system/sshvpn.service | + | # cat /etc/systemd/system/mysshvpn.service |
| </code><code> | </code><code> | ||
| [Unit] | [Unit] | ||
| Description=ssh client vpn daemon | Description=ssh client vpn daemon | ||
| After=network.target | After=network.target | ||
| + | #StartLimitIntervalSec=60 | ||
| + | #StartLimitBurst=3 | ||
| [Service] | [Service] | ||
| - | ExecStart=/usr/bin/ssh -N -R 200X:localhost:22 userX@gate.isp.un | + | ExecStart=/usr/bin/ssh -N -R 61000+X:localhost:22 -o ServerAliveInterval=5 -o ServerAliveCountMax=1 -o ExitOnForwardFailure=yes userX@gate.isp.un |
| + | ###ExecStart=/usr/bin/java -jar /home/jenkins/agent.jar -url http://server.corp13.un:8081/ -secret NNNNNNNNNNNNNNNNNNNN -name gate -workDir "/home/jenkins/" | ||
| + | ###User=jenkins | ||
| KillMode=process | KillMode=process | ||
| - | Restart=on-failure | + | Restart=always |
| - | RestartSec=42s | + | RestartSec=5s |
| [Install] | [Install] | ||
| WantedBy=multi-user.target | WantedBy=multi-user.target | ||
| </code><code> | </code><code> | ||
| - | # systemctl status sshvpn | + | # systemctl status mysshvpn |
| - | # systemctl enable sshvpn | + | # systemctl enable mysshvpn #--now |
| - | # systemctl start sshvpn | + | # systemctl start mysshvpn |
| - | </code><code> | + | </code> |
| - | # systemctl edit nginx | + | |
| + | ==== Настройка параметров запуска в Systemd ==== | ||
| + | |||
| + | <code> | ||
| + | # systemctl edit имясервиса | ||
| </code><code> | </code><code> | ||
| [Service] | [Service] | ||
| - | LimitNOFILE=16000 | + | LimitNOFILE=65536 # nginx, squid |
| - | LimitNOFILESoft=16000 | + | LimitCORE=infinity |
| + | TimeoutStartSec=180 # elasticsearch | ||
| </code><code> | </code><code> | ||
| - | # systemctl daemon-reload | + | # systemctl daemon-reload # не очевидно, что нужно |
| - | # systemctl restart nginx | + | # systemctl show имясервиса |
| - | # systemctl status nginx | + | # systemctl restart имясервиса |
| + | |||
| + | # systemctl status имясервиса | ||
| # cat /proc/NNNNN/limits | # cat /proc/NNNNN/limits | ||
| </code> | </code> | ||
| + | |||
| + | ==== Systemd Sockets ==== | ||
| + | |||
| + | * [[https://gist.github.com/drmalex07/28de61c95b8ba7e5017c|README-setup-socket-activated-systemd-service.md]] | ||
| + | |||
| + | <code> | ||
| + | # cat /etc/systemd/system/webd.socket | ||
| + | </code><code> | ||
| + | [Unit] | ||
| + | Description=Web Socket | ||
| + | |||
| + | [Socket] | ||
| + | ListenStream=127.0.0.1:9999 | ||
| + | #ListenStream=0.0.0.0:80 | ||
| + | Accept=yes | ||
| + | |||
| + | [Install] | ||
| + | WantedBy=sockets.target | ||
| + | </code><code> | ||
| + | # cat /etc/systemd/system/webd@.service | ||
| + | </code><code> | ||
| + | [Unit] | ||
| + | Description=WebD Service | ||
| + | Requires=webd.socket | ||
| + | |||
| + | [Service] | ||
| + | Type=simple | ||
| + | ExecStart=/usr/local/sbin/webd %i | ||
| + | StandardInput=socket | ||
| + | StandardError=journal | ||
| + | TimeoutStopSec=5 | ||
| + | #RuntimeMaxSec=10 | ||
| + | |||
| + | [Install] | ||
| + | WantedBy=multi-user.target | ||
| + | </code><code> | ||
| + | # systemctl start webd.socket | ||
| + | |||
| + | # curl 127.0.0.1:9999 | ||
| + | |||
| + | # journalctl -u 'webd@*' -n 20 --no-pager | ||
| + | </code> | ||
| + | |||
| + | ==== Systemd Timers ==== | ||
| + | |||
| + | * [[Планирование выполнения заданий в Linux#Systemd timers]] | ||
| ===== Система загрузки OpenRC ===== | ===== Система загрузки OpenRC ===== | ||
| Line 231: | Line 311: | ||
| === Пример файла конфигурации для запуска/остановки сервиса === | === Пример файла конфигурации для запуска/остановки сервиса === | ||
| <code> | <code> | ||
| - | server# cat /etc/init/sshvpn.conf | + | server# cat /etc/init/mysshvpn.conf |
| </code><code> | </code><code> | ||
| description "OpenSSH tunnel" | description "OpenSSH tunnel" | ||
| Line 260: | Line 340: | ||
| === Управление запуском/остановкой === | === Управление запуском/остановкой === | ||
| <code> | <code> | ||
| - | server# echo manual > /etc/init/sshvpn.override | + | server# echo manual > /etc/init/mysshvpn.override |
| </code> | </code> | ||
управление_сервисами_в_linux.1625203466.txt.gz · Last modified: 2021/07/02 08:24 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
