Book Image

Linux Service Management Made Easy with systemd

4.5 (2)
Book Image

Linux Service Management Made Easy with systemd

4.5 (2)

Overview of this book

Linux Service Management Made Easy with systemd will provide you with an in-depth understanding of systemd, so that you can set up your servers securely and efficiently.This is a comprehensive guide for Linux administrators that will help you get the best of systemd, starting with an explanation of the fundamentals of systemd management.You’ll also learn how to edit and create your own systemd units, which will be particularly helpful if you need to create custom services or timers and add features or security to an existing service. Next, you'll find out how to analyze and fix boot-up challenges and set system parameters. An overview of cgroups that'll help you control system resource usage for both processes and users will also be covered, alongside a practical demonstration on how cgroups are structured, spotting the differences between cgroups Version 1 and 2, and how to set resource limits on both. Finally, you'll learn about the systemd way of performing time-keeping, networking, logging, and login management. You'll discover how to configure servers accurately and gather system information to analyze system security and performance. By the end of this Linux book, you’ll be able to efficiently manage all aspects of a server running the systemd init system.
Table of Contents (23 chapters)
1
Section 1: Using systemd
12
Section 2: Understanding cgroups
16
Section 3: Logging, Timekeeping, Networking, and Booting

Understanding Secure Boot

Secure Boot is an EFI/UEFI feature that prevents computers from loading any operating system, operating system modules, or device drivers that haven't been signed by an authorized security key. It helps prevent computers from loading various types of malware, such as rootkits. To enable or disable it, boot your machine to its setup screen, as you see here on my late-model Acer machine:

Figure 17.8 – UEFI setup screen with Secure Boot enabled

For some strange reason, it's still called the BIOS Setup Utility, even though this machine has a UEFI. What I want you to notice is the TPM Support option, which shows as [Enabled]. TPM stands for Trusted Platform Module and is the firmware chip on the motherboard that contains the signing keys that the Secure Boot option needs.

On a Windows machine, Secure Boot is a big deal, because Windows has traditionally been very susceptible to malware infections. Linux is much...