PSMON User Guide

Process Monitor

AED includes a process monitor to ensure that services configured to run by the chkconfig or systemctl systems continue to run. If a service dies, AED will automatically restart the process.


Adding Services to Monitor

To add a service, simply enable it via chkconfig or systemctl and then generate the AED policy for the systems current start. The following steps accomplish this task:

Step 1: Enable a Service

As the root user, run the following command:

systemctl enable <service_name>

Example:

systemctl enable httpd

Step 2: Generate the AED Policy

Run the following command:

asl -s -f

Removing Services to Monitor

To remove a service, simply disable it via chkconfig or systemctl and then generate the AED policy for the systems current start. Please follow the following steps to do this:

Step 1: Disable a Service

As the root user, run the following command:

systemctl disable <service_name>

Example:

service disable httpd

Step 2: Generate the AED Policy

Run the following command:

asl -s -f

Disabling PSMON

Note

It is NOT recommended that you disable the process monitor. Doing so will also tell AED to not monitor its own services, and if a service fails for any reason AED will not restart the service.

Please follow the steps below to disable PSMON.

Step 1: Edit the AED Configuration File

Inside of /etc/asl/config set the following:

PSMON_ENABLE="no"

Step 2: Update the AED Security Policy

Run the following command:

asl -s -fails

Step 3: Kill the PSMON Process(es)

Run the following command:

killall -9 psmon

Step 4: Remove the Package

Run the following command:

rpm -e psmon --nodeps

Monitoring Processes with Systemd

Centos/Redhat 7 systems use systemd, which has its own process monitoring capability, psmon is only used to monitor processes that do not use systemd.

To monitor and automatically restart a process, please follow the process below:

Step 1: Check to make sure the service is manged by systemd

Each service will have a service file in /etc/systemd/system directory. For the purpose of this example the multi-user run level will be used, which is the most common run level Linux servers will start in. If you do not know what this means, your system is probably pre-configured to boot into the multi-user run level.

Make sure the service has a functional systemd init script located at:

/etc/systemd/system/mult-user.target.wants/service.service

Step 2 (Optional): Enable the Service

If the service is not already enabled, enable the service by running the following command:

sudo systemctl enable service.service

This will create a symlink in /etc/systemd/system/mult-user.wants/ that looks like the following:

lrwxrwxrwx 1 root root 38 Jan 13 11:54 /etc/systemd/system/multi-user.target.wants/service.service -> /usr/lib/systemd/system/service.service

This will enable automatic starting after a reboot.

Step 3: Configure the Service to Automatically Restart

Edit the /etc/systemd/system/mult-user.wants/service.service file. It should contain a line like the example below.

Restart=always

If this is not set to “always”, set it to always and the service will be automatically restarted if it crashes.

Step 4: Reload the Systemd Daemon

Reload the systemd daemon by runing the following command:

sudo systemctl daemon-reload

Step 5: Restart the Service

Restart the service by running the following command:

sudo systemctl restart service.service

Step 6 (Optional but recommended): Test to see if the service is started on reboot

Run the follwing command to reboot the system:

sudo reboot

Step 7: Kill the Process to see if it Automatically Restarts

Run the following command:

killall -9 service

Note

Replace ‘service’ with the service name you want to test, for example httpd.