What is a Daemon Process in RedHAT

“Daemon” refers a special kind of process in typical ReadHAT language which works in background even in absence of any user logged in into the system. The term “Daemon” has come from their dormant nature. They works in background without any activity and wait for an suitable event for them to occur to respond. [eg: http daemon (httpd) always run in background and wait for a http or https connection to come or named daemon (RedHAT name of BIND DNS server) wait for a DNS quarry). This post will describe “Daemon” processes technically, their similarity and difference from other processes in system.

Although “Daemon” is a typical RedHAT term same phenomenon discussed bellow is applicable on “Services” in Windows Operating System.

Similarity with any other processes

  1. They are process like any other process: Process refers an executing Program or Script. “Daemons” are definitely executing program and they are written in exactly same kind of language with any other program.

  2. They run as a Specific user: In Linux system all processes need to have an user associated with it, which “Daemons” also need. User may be “root”, “apache”, “pdns” or “nobody” or any other user present in the system.

  3. They have definite permissions in the System: Like all other process “Daemons” are bound with permissions associated with the user under which it’s running. They can only access file, directory or do a job which the user have enough right to do. For example a “Daemon” running as “nobody” can’t initiate a shutdown or reboot of your system.

  4. They use the system resources like RAM, CPU same way other processes do. Operating system schedule CPU time same way to them like other process. Like other process they can run in user and kernel level can create operating system call, access I/O in same way like any other process.

Their Specialty from other process

  1. Operating system Never kill them when user is logged out: The most striking difference is they never get killed irrespective of a user is logged in or not. This make them to remain dormant in system in absence of any logged in user, but why?

  2. Why other processes get killed when user logged out? To understand this first you’ve to understand permission flow between processes. When an user logged in a Linux system a “bash” (Bourne-again shellor “sh” (Bourne shell) shell (which itself is a process) environment is get created under which user run programs. The environment has same permission as the user. When user run a program a process it get called by the existing bash process and is created in child bash environment which have same permission with it’s parent environment (considering the process need a bash) .The process can downgrade it’s permission and change the user to an user which have lower permission than the parent user. Kernel doesn’t allow an user to upgrade it’s rights without “sudo” i.e. “root” access. Now if the user is logged out the “bash” or “sh” shell process get killed as it can’t run without the user. All processed under that environment become “Orphan” or “Zomba” i.e. process who don’t have a running parent and operating system kernel kill all them out (“Orphan” and “Zomba” and how Linux Kernel handle them require a full post itself). So any process run under the user can’t run when the user is logged out. (E.g. You are running an installer over ssh and internet connection got disconnected from your local PC the installer stops, although the remote PC have all resources to run it). Now a question may come to your mind “How an user without “shutdown” right turn off a PC from graphical user interface (GUI)..!!” It’s simply because the GUI has a permission to “shutdown” the system, anyway that’s not our topic.

  3. Then how “Daemons” run even if users are logged out?? Do they not follow the above permission flow of Linux Kernel?? Obviously the answer is not. Any process running under Linux Kernel must follow this process flow and “Daemons” do follow them. Remember the killing was started from a point where “bash” shell was killed due to logging out of user [that is the procedure of bash]. As all process under that user was directly or indirectly called by the bash the process is killed. Here lies the main difference of “Daemon” processes, they doesn’t called by any bash shell rather than directly by “init”, the parent of all process in system. After loading kernel the system get pointed to “init” process first. That is the first process run in a system and launches all “Daemon” processes, if the “Daemon” is supposed to start on startup. If the “Daemon” is called by shell it’s not called directly rather by “init”. Being the parent process of system “init” can’t be killed and hence it’s child “Daemons” never get killed by Kernel whether user is logged in or not using bash.

  4. This also explain that in most of the cases daemons run under users who don’t even have right to access “bash” or “sh” shell. E.g. of such users are “apache”, “pdns”, “nobody” etc.

This discussion completes Daemon and their behavior in details. For any confusion or wrong explanation please leave a comment or email to admin at “admin”@”serverlog.net” or write author directly to “authorname”@”serverlog.net”.

ServerLog welcome all to write here. For more please mail to Serverlog Admin. Thank you for reading us.

Leave a Reply

Your email address will not be published. Required fields are marked *