Difference between revisions of "Psmon"
m |
m (→monitoring processes with systemd) |
||
Line 86: | Line 86: | ||
''sudo systemctl enable service.service'' | ''sudo systemctl enable service.service'' | ||
− | Again, | + | Again, replace service.service with the name of the service you want to enable, for example, httpd.service |
This will create a symlink in /etc/systemd/system/multi-user.target.wants/ that looks like the following ('''do NOT create this symlink manually'''): | This will create a symlink in /etc/systemd/system/multi-user.target.wants/ that looks like the following ('''do NOT create this symlink manually'''): |
Revision as of 16:03, 7 June 2017
Contents |
Process Monitor
ASL includes a process monitor to ensure that services configured to run by the chkconfig or systemctl systems continue to run. If a service dies, ASL will automatically restart the process.
Adding services to monitor
To add a service, simply enable it via chkconfig or systemctl and then generate the ASL policy for the systems current start. The following steps will do this:
Step 1: enable a service
As the root user, run the command:
systemctl enable <servicename>
Example:
systemctl enable httpd
Step 2: Generate the ASL policy
asl -s -f
And you're done.
Removing services to monitor
To remove a service, simply disable it via chkconfig or systemctl and then generate the ASL policy for the systems current start. The following steps will do this:
Step 1: enable a service
As the root user, run the command:
systemctl disable <servicename>
Example:
systemctl disable httpd
Step 2: Generate the ASL policy
asl -s -f
And you're done.
Disabling PSMON
Note: It is not recommended that you disable the process monitor. Doing so will also tell ASL to not monitor its own services, and if a service fails for any reason ASL will not restart the service.
1) edit /etc/asl/config, set the following:
PSMON_ENABLED="no"
2) Update the security policy:
asl -s -f
3) kill the psmon process(es):
killall -9 psmon
4) Remove the packaage:
rpm -e psmon --nodeps
Centos/Redhat 7
These platforms use systemd, which has its own process monitoring capability. psmon is only used to monitor processes that do not use systemd.
monitoring processes with systemd
systemd is a system and service manager for Linux which has replaced the initd system. It can also monitor and restart processes like psmon can do. To monitor and automatically restart a process, follow the process below:
1) Check to make sure the service is managed by systemd
Each service will have a service file in the /etc/systemd/system directory for the run level the service is to start in. For the purposes of this example, the multi-user run level will be used, which is the most common run level Linux servers will start in. If you do not know what this means, your system is probably pre-configured to boot into the multi-user run level.
Make sure the service has a functional systemd init script located at:
/etc/systemd/system/multi-user.target.wants/service.service
Where service.service is the name of the service, for excample httpd.service.
2) (Optional) If the service is not already enabled, enable the service
sudo systemctl enable service.service
Again, replace service.service with the name of the service you want to enable, for example, httpd.service
This will create a symlink in /etc/systemd/system/multi-user.target.wants/ that looks like the following (do NOT create this symlink manually):
lrwxrwxrwx 1 root root 38 Jan 13 11:54 /etc/systemd/system/multi-user.target.wants/service.service -> /usr/lib/systemd/system/service.service
This will enable automatic starting after a reboot.
3) Configure the service to automatically restart
Edit the /etc/systemd/system/multi-user.target.wants/service.service file. It should contain a line like the example below under the [Service] section:
Restart=always
If this is not set to "always", set it to always and the service will be automatically restarted if it crashes (and systemd is able to restart it).
4) Reload the systemd daemon
sudo systemctl restart service.service
5) Restart the service
sudo systemctl daemon-reload
6) (Optional but recommended) Test to see if the service is started on reboot
sudo reboot
7) Kill the process to see if it automatically restarts
As root, run these commands:
killall -9 service
ps auxwww | grep service
Note: Replace service with the service name you want to test, for example httpd
Wait a few seconds and verify if the service has been restarted.