Auditing system services with systemctl

On Linux systems that come with systemd, the systemctl command is pretty much a universal command that does many things for you. In addition to controlling your system's services, it can also show you the status of those services, like so:

donnie@linux-0ro8:~> sudo systemctl -t service --state=active

Here's the breakdown of the preceding command:

  • -t service: We want to view information about the services – or, what used to be called daemons – on the system.
  • --state=active: This specifies that we want to view information about all the system services that are actually running.

A partial output of this command looks something like this:

UNIT                                                  LOAD   ACTIVE SUB     DESCRIPTION
accounts-daemon.service                               loaded active running Accounts Service
after-local.service                                   loaded active exited  /etc/init.d/after.local Compatibility
alsa-restore.service                                  loaded active exited  Save/Restore Sound Card State
apparmor.service                                      loaded active exited  Load AppArmor profiles
auditd.service                                        loaded active running Security Auditing Service
avahi-daemon.service                                  loaded active running Avahi mDNS/DNS-SD Stack
cron.service                                          loaded active running Command Scheduler
. . .
. . .

Generally, you won't want to see quite this much information, although you might at times. This command shows the status of every service that's running on your system. What really interests us now is the network services that can allow someone to connect to your system. So, let's look at how to narrow things down a bit.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.222.240.21