Difference between revisions of "Psmon"
m (→monitoring processes with systemd) |
m (→monitoring processes with systemd) |
||
Line 90: | Line 90: | ||
This will create a symlink in /etc/systemd/system/multi-user.target.wants/ that looks like the following ('''do NOT create this symlink manually'''): | This will create a symlink in /etc/systemd/system/multi-user.target.wants/ that looks like the following ('''do NOT create this symlink manually'''): | ||
− | + | ''lrwxrwxrwx 1 root root 38 Jan 13 11:54 /etc/systemd/system/multi-user.target.wants/service.service -> /usr/lib/systemd/system/service.service'' | |
This will enable automatic starting after a reboot. | This will enable automatic starting after a reboot. | ||
Line 98: | Line 98: | ||
Edit the /etc/systemd/system/multi-user.target.wants/service.service file. It should contain a line like the example below under the [Service] section: | Edit the /etc/systemd/system/multi-user.target.wants/service.service file. It should contain a line like the example below under the [Service] section: | ||
− | Restart=always | + | ''Restart=always'' |
If this is not set to "always", set it to always and the service will be automatically restarted if it crashes (and systemd is able to restart it). | If this is not set to "always", set it to always and the service will be automatically restarted if it crashes (and systemd is able to restart it). | ||
Line 104: | Line 104: | ||
4) Reload the systemd daemon | 4) Reload the systemd daemon | ||
− | sudo systemctl daemon-reload | + | ''sudo systemctl daemon-reload'' |
5) Restart the service | 5) Restart the service | ||
− | sudo systemctl restart service.service | + | ''sudo systemctl restart service.service'' |
6) (Optional but recommended) Test to see if the service is started on reboot | 6) (Optional but recommended) Test to see if the service is started on reboot | ||
− | sudo reboot | + | ''sudo reboot'' |
7) Kill the process to see if it automatically restarts | 7) Kill the process to see if it automatically restarts | ||
Line 119: | Line 119: | ||
As root, run these commands: | As root, run these commands: | ||
− | killall -9 service | + | ''killall -9 service'' |
− | ps auxwww | grep service | + | ''ps auxwww | grep service'' |
Note: Replace service with the service name you want to test, for example httpd | Note: Replace service with the service name you want to test, for example httpd | ||
Wait a few seconds and verify if the service has been restarted. | Wait a few seconds and verify if the service has been restarted. |
Revision as of 16:05, 7 June 2017
Contents |
Process Monitor
ASL includes a process monitor to ensure that services configured to run by the chkconfig or systemctl systems continue to run. If a service dies, ASL will automatically restart the process.
Adding services to monitor
To add a service, simply enable it via chkconfig or systemctl and then generate the ASL policy for the systems current start. The following steps will do this:
Step 1: enable a service
As the root user, run the command:
systemctl enable <servicename>
Example:
systemctl enable httpd
Step 2: Generate the ASL policy
asl -s -f
And you're done.
Removing services to monitor
To remove a service, simply disable it via chkconfig or systemctl and then generate the ASL policy for the systems current start. The following steps will do this:
Step 1: enable a service
As the root user, run the command:
systemctl disable <servicename>
Example:
systemctl disable httpd
Step 2: Generate the ASL policy
asl -s -f
And you're done.
Disabling PSMON
Note: It is not recommended that you disable the process monitor. Doing so will also tell ASL to not monitor its own services, and if a service fails for any reason ASL will not restart the service.
1) edit /etc/asl/config, set the following:
PSMON_ENABLED="no"
2) Update the security policy:
asl -s -f
3) kill the psmon process(es):
killall -9 psmon
4) Remove the packaage:
rpm -e psmon --nodeps
Centos/Redhat 7
These platforms use systemd, which has its own process monitoring capability. psmon is only used to monitor processes that do not use systemd.
monitoring processes with systemd
systemd is a system and service manager for Linux which has replaced the initd system. It can also monitor and restart processes like psmon can do. To monitor and automatically restart a process, follow the process below:
1) Check to make sure the service is managed by systemd
Each service will have a service file in the /etc/systemd/system directory for the run level the service is to start in. For the purposes of this example, the multi-user run level will be used, which is the most common run level Linux servers will start in. If you do not know what this means, your system is probably pre-configured to boot into the multi-user run level.
Make sure the service has a functional systemd init script located at:
/etc/systemd/system/multi-user.target.wants/service.service
Where service.service is the name of the service, for excample httpd.service.
2) (Optional) If the service is not already enabled, enable the service
sudo systemctl enable service.service
Again, replace service.service with the name of the service you want to enable, for example, httpd.service
This will create a symlink in /etc/systemd/system/multi-user.target.wants/ that looks like the following (do NOT create this symlink manually):
lrwxrwxrwx 1 root root 38 Jan 13 11:54 /etc/systemd/system/multi-user.target.wants/service.service -> /usr/lib/systemd/system/service.service
This will enable automatic starting after a reboot.
3) Configure the service to automatically restart
Edit the /etc/systemd/system/multi-user.target.wants/service.service file. It should contain a line like the example below under the [Service] section:
Restart=always
If this is not set to "always", set it to always and the service will be automatically restarted if it crashes (and systemd is able to restart it).
4) Reload the systemd daemon
sudo systemctl daemon-reload
5) Restart the service
sudo systemctl restart service.service
6) (Optional but recommended) Test to see if the service is started on reboot
sudo reboot
7) Kill the process to see if it automatically restarts
As root, run these commands:
killall -9 service
ps auxwww | grep service
Note: Replace service with the service name you want to test, for example httpd
Wait a few seconds and verify if the service has been restarted.