Processes and systemd

From Chalphy Cyber Cavaliers
Revision as of 17:50, 10 March 2024 by Duffsigpatch (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

The term systemd refers to one of the most important and controversial pieces of software in Linux. Though if you weren't tuned in to less mainstream Linux distributions, you wouldn't know just how controversial it is. What does systemd do? Well, in a sense, everything.

The D in systemd is for daemon. Don't be confused, a daemon is just a process running in the background. Something that silently runs to keep the system going. Systemd is a manager for these daemons, but it also doubles as being process number 1, or the process needed to start the system. Older daemon managers did not have these features, nor did older versions of process number 1 (aka init) have the functionality to do quite literally everything.

The controversy with systemd comes with the idea that it bloated and does way too much. It handles logins, networking, daemons, booting, scheduling tasks, devices, and logs for daemon processes. Some claim that it creates a wide attack area because a vulnerability in any one of these areas could gain you control to any of these areas, others are angry because systemd sometimes uses it's config files to manage other config files.

One of the things that I had a rather rude awakening to recently for instance, was that on older systems you can use ifconfig to configure network interface addresses. You can even set flags to make them static like ifconfig wlan0 192.168.1.234 netmask 255.255.255.0. This code will cause weird behavior now because the address isn't being set within systemd, so some parts of the system think that you have one ip address, while others think it is configured for another (usually the default, which is DHCP in most cases). I could not find why I could not assign static hosting forever. Low and behold, one day I look at the interface configuration files associated with systemd and notice that it still says DHCP. But ifconfig said that the address was different. That's why none of my network tests worked.

Now, if I'm used to configs being done one way, I get being upset at them changing. But in some ways, this is also progress. If everything is together, it's more usable (though it's also more vulnerable). But, the cool thing about Linux is there are several distributions that have not adopted systemd. They are, not coincidentally, some of the harder to use ones. So you can really just pick which system you like to use.

Processes

You may have noticed me talking about "process number 1" earlier. What exactly does that mean? Well, similar to Windows, Linux also has many different processes running at once. Processes are numbered and process number 1 is the first process started by the Linux kernel.

That's great, but how do I work with them you may ask. Well, there are a few commands to consider when working with processes.

  • ps: The general command for viewing information about processes. It has all kinds of information about what processes are running. One of my favorite things to do with it is ps -ax | grep python, which will basically show you if there are any processes with the string "python" in them.
  • top: This command displays CPU and memory usage top to bottom by processes. Useful for live monitoring of system resources.
  • kill: Ends the process with the provided id. If you had a python script running as process 12345, and you typed kill 12345, it would end the python script.
  • killall: Ends processes with the matching name. killall python3 will end all python3 processes.
Retrieved from "https://cybersec.chalphychateau.com//index.php?title=Processes_and_systemd&oldid=46"