478-482.html

linux-unix130.linux.and.unix.ebooks130 linux and unix ebookslinuxLearning Linux - Collection of 12 E

<HTML>
<HEAD>
<TITLE>Using Linux:Managing Daemons</TITLE>
<META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
<SCRIPT>
<!--
function displayWindow(url, width, height) {
        var Win = window.open(url,"displayWindow",'width=' + width +
',height=' + height + ',resizable=1,scrollbars=yes');
}
//-->
</SCRIPT>
</HEAD>

 -->


<!--ISBN=0789716232//-->
<!--TITLE=Using Linux//-->
<!--AUTHOR=William Ball//-->
<!--PUBLISHER=Macmillan Computer Publishing//-->
<!--IMPRINT=Que//-->
<!--CHAPTER=28//-->
<!--PAGES=478-482//-->
<!--UNASSIGNED1//-->
<!--UNASSIGNED2//-->

<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="474-478.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="482-484.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<H3><A NAME="Heading12"></A><FONT COLOR="#000077">Customizing the Logon Greeting</FONT></H3>
<P>The <TT>getty</TT> programs that manage logons over terminals and network connections print a message to the screen before asking for the logon ID. The default message is as follows:</P>
<!-- CODE SNIP //-->
<PRE>
Red Hat Linux release 5.0 (Hurricane)
Kernel 2.0.32 on an i586
</PRE>
<!-- END CODE SNIP //-->
<P>Many organizations dealing with computer security recommend that there be no information about the operating system, or about the company whose machine is in the logon message. All operating systems have potential security holes that system crackers can exploit if they know which version of the system they are working with. Making this information more difficult to obtain goes a long way toward thwarting an attack. On a more upbeat note, it&#146;s nice to be able to modify this to put either amusing or informative messages at the logon prompt.
</P>
<P>Red Hat Linux generates its <TT>issue</TT> file at every system boot by default, and this should be the first thing that gets turned off if you want to customize the logon greeting. The code that does this is in the file <TT>/etc/rc.d/rc.local</TT>. The lines look like this on my system (I included the comments as well):</P>
<!-- CODE SNIP //-->
<PRE>
# This will overwrite /etc/issue at every boot.  So, make
any changes you
# want to make to /etc/issue here or you will lose them when
you reboot.
echo &#147;&#148; &gt; /etc/issue
echo &#147;Kernel $(uname -r) on $a $(uname -m)&#148; &gt;&gt; /etc/issue

cp -f /etc/issue /etc/issue.net
</PRE>
<!-- END CODE SNIP //-->
<P>Putting the <TT>#</TT> character before each of the offending lines will comment them out and render them harmless to your system&#146;s <TT>issue</TT> file. Then, feel free to edit the <TT>/etc/issue</TT> file with any message that pleases you and, hopefully, your users.</P>

<TABLE BORDER="2" BORDERCOLOR="#0000" ALIGN="CENTER">
<TR><TD><FONT SIZE="+1"><B>Disclaimers and other legal notifications</B></FONT>
<BR>It is possible that some states, countries, or provinces require system administrators to make sure that people logging on to the system understand that their actions or transmissions may be monitored. It can be argued that this possibility is implied in the use of any computer or data network (including public phone systems!), but some people may not feel the same way about this. In this case, the best place to put a message like this is in the <TT>/etc/issue</TT> and <TT>/etc/issue.net</TT> files. If you really want to be safe, mention this in the <TT>motd</TT> (Message of the Day) file as well.</TABLE>

<H4 ALIGN="LEFT"><A NAME="Heading13"></A><FONT COLOR="#000077">Customizing the Logon Greeting for Network Connections</FONT></H4>
<P>Linux copies the <TT>/etc/issue</TT> file to the greeting file for network connections (aptly named <TT>/etc/issue.net</TT>), so I refer you to the previous section for information on where to disable this. Once this is complete, feel free to edit the <TT>/etc/issue.net</TT> file to say the same thing, or anything else.</P>
<P>It is common&#151;and recommended&#151;for corporate Linux systems to have different messages for network and local connections. Most crackers use networks, not local terminals, so on network connections it is especially important not to give out any information that these individuals may be able to use against you.</P>
<H3><A NAME="Heading14"></A><FONT COLOR="#000077">Enabling and Customizing the MOTD</FONT></H3>
<P>MOTD stands for Message of the Day, and has long been something that administrators use to convey important information, like scheduled shutdowns or maintenance to users. The MOTD should be provided for users after they log on but before they come to the shell prompt.
</P>
<P>The file the message of the day is kept in is <TT>/etc/motd</TT>. The contents of this file are displayed every time a user logs on. It&#146;s that simple. When you first install the system, the file is empty.</P>
<P><FONT SIZE="+1"><B><I>Changing the message of the day</I></B></FONT></P>
<DL>
<DD><B>1.</B>&nbsp;&nbsp;Start your favorite editor to edit <TT>/etc/motd</TT>. In this case, I use <TT>vi</TT>, so the command <TT>vi /etc/motd</TT> will do the trick.
<DD><B>2.</B>&nbsp;&nbsp;Press the I key on your keyboard to begin inserting text.
<DD><B>3.</B>&nbsp;&nbsp;Type your message.
<DD><B>4.</B>&nbsp;&nbsp;Press the Esc key to stop inserting text.
<DD><B>5.</B>&nbsp;&nbsp;Type the command <TT>:wq</TT> to save the file and quit <TT>vi</TT>.
</DL>
<H3><A NAME="Heading15"></A><FONT COLOR="#000077">Using the <I>tksysv</I> Tool
</FONT></H3>
<P><TT>tksysv</TT> is the X11 manager for system services. This program allows you to start and stop services and reorganize them for various run levels.</P>
<P>To start <TT>tksysv</TT>, start X11, open an <TT>XTerm</TT>, and type <TT>tksysv &#38;</TT>. Make sure that you&#146;re logged on as or <TT>su</TT>&#146;d to root.</P>
<H4 ALIGN="LEFT"><A NAME="Heading16"></A><FONT COLOR="#000077">Adding a Service with <I>tksysv</I>
</FONT></H4>
<P>The left pane in Figure 28.1 lists which services are currently available for use in the system. The right pane lists the services that are started and stopped for each run level.
</P>
<P><A NAME="Fig1"></A><A HREF="javascript:displayWindow('images/28-01.jpg',552,454 )"><IMG SRC="images/28-01t.jpg"></A>
<BR><A HREF="javascript:displayWindow('images/28-01.jpg',552,454)"><FONT COLOR="#000077"><B>Figure 28.1</B></FONT></A>&nbsp;&nbsp;Don&#146;t worry about the frills on the windows&#151;these vary depending on the X11 window manager that&#146;s installed.</P>
<P>To add a service to a run level, select the service and click the Add button (see Figure 28.2).
</P>
<P><A NAME="Fig2"></A><A HREF="javascript:displayWindow('images/28-02.jpg',747,454 )"><IMG SRC="images/28-02t.jpg"></A>
<BR><A HREF="javascript:displayWindow('images/28-02.jpg',747,454)"><FONT COLOR="#000077"><B>Figure 28.2</B></FONT></A>&nbsp;&nbsp;Choose which run level to add a service to.</P>
<P>Choose whether to start or stop the service, specify the run level you wish to modify, and then click Done (see Figure 28.3).
</P>
<P><A NAME="Fig3"></A><A HREF="javascript:displayWindow('images/28-03.jpg',731,454 )"><IMG SRC="images/28-03t.jpg"></A>
<BR><A HREF="javascript:displayWindow('images/28-03.jpg',731,454)"><FONT COLOR="#000077"><B>Figure 28.3</B></FONT></A>&nbsp;&nbsp;Choose the starting order for the service.</P>
<P><TT>tksysv</TT> then asks for the starting number (order) for the service. If the service has a <TT>chkconfig</TT> entry, <TT>tksysv</TT> reads it and fills in the order number for you&#151;stick with the recommendations unless you have a very good reason not to. Click Add. To cancel, click Done.</P>
<P><FONT SIZE="+1"><B><I>Removing a service with <I>tksysv</I>
</I></B></FONT></P>
<DL>
<DD><B>1.</B>&nbsp;&nbsp;With <TT>tksysv</TT> running, click on the service on the run level side that you want to remove.
<DD><B>2.</B>&nbsp;&nbsp;Click Remove.
</DL>
<P><FONT SIZE="+1"><B><I>Starting and stopping a service</I></B></FONT></P>
<DL>
<DD><B>1.</B>&nbsp;&nbsp;Choose from the left pane the service you want to start or stop (see Figure 28.4).
<P><A NAME="Fig4"></A><A HREF="javascript:displayWindow('images/28-04.jpg',552,453 )"><IMG SRC="images/28-04t.jpg"></A>
<BR><A HREF="javascript:displayWindow('images/28-04.jpg',552,453)"><FONT COLOR="#000077"><B>Figure 28.4</B></FONT></A>&nbsp;&nbsp;The service start/stop dialog box.</P>
<DD><B>2.</B>&nbsp;&nbsp;Click Execute.
<DD><B>3.</B>&nbsp;&nbsp;Click on Start or Stop to start or stop the service, respectively.
</DL>

<TABLE BORDER="2" BORDERCOLOR="#0000" ALIGN="CENTER">
<TR><TD><FONT SIZE="+1"><B>Don&#146;t count on a confirmation request</B></FONT>
<BR><TT>tksysv</TT> does not request confirmation when removing a service from a run level, so pause a moment and ask yourself whether you really want to remove the service before clicking that Remove button.
<P>Make it a habit to ask yourself each time you prepare to perform a serious action as root if that action is really what you want to do. Most system commands, as you will likely have discovered by now, don&#146;t require confirmation.</TABLE>

</P><P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="474-478.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="482-484.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>


</td>
</tr>
</table>
<!-- begin footer information -->



</body></html>