12

I just learning about daemon, by that time I came know avahi daemon can you please explain detaily about avahi daemon and why linux has a avahi user ?

einpoklum
  • 8,772
  • 19
  • 65
  • 129
MP Creations
  • 185
  • 1
  • 2
  • 8

3 Answers3

17

In short: avahi is a Linux implementation of a protocol also known as "Rendezvous" or "Bonjour"). Its goal is to let devices, connected to the local network, broadcast their IP-address together with their function. Hence the printer can from time to time broadcasts : My IP is 192.168.23.45 and I can print any postscript document with ipp prottocol; a NAS can say: My IP is 192.168.23.88 and I can stream music, save your backups, and act as a fileserver.

If it is not what you want to hear on your network you can stop / disable the avahi daemon with the standard systemctl command, but if you run a cups-broadcast daemon, it will start the avahi itself.

Linux uses fictive users usually for security reasons, not to give the attacker any chance to hack a process owned by root. So you can see a postfix or mail, and postgres or mysql users. The daemon, owned by such unprivileged user, gives less chance for the attacker to get the superuser rights.

AdminBee
  • 21,637
  • 21
  • 47
  • 71
schweik
  • 1,160
  • 8
  • 16
  • Is the daemon only for broadcasting, or also for reception? – einpoklum Feb 23 '21 at 21:11
  • Definitely yes, the avahi daemon listens UDP port 5353. You can check it with the command `netstat -lup` or `ss -lup` as superuser. – schweik Feb 24 '21 at 10:27
  • But what is this listening used for? What benefits from having avahi running? – einpoklum Feb 24 '21 at 10:30
  • 1
    Well, I do not want to start a flame. But in my local net it is for nothing, I set and thats why I know all IP and function of all devices in my network. For a large network, or for net without an smart admin, this protocol (and hence its daemons) can make the network configuration easier, but you pay for it with more _noise_ on your net. After connecting the new net-printer (which gets its IP by dhcp) you can start to configure your printing subsystem by asking for _all print capable new devices_, without knowing ist IP. – schweik Feb 24 '21 at 10:57
  • 1
    @einpoklum The broadcasts (or multicasts) happen at intervals (like every 30 seconds), so avahi-daemon listens for local Rendezvous/Bonjour broadcasts and caches the list of systems it hears about, so applications using the Avahi libraries will get the list of Rendezvous/Bonjour devices essentially immediately. So when you e.g. open a "select network printer" dialog, you'll get an essentially complete list immediately, instead of having to wait up to 30 seconds for the printers to pop in one by one. – telcoM Feb 24 '21 at 12:38
  • @telcoM: Actually, yours and schweik's comments together constitute a full-blown additional answer, IMHO. Thanks. – einpoklum Feb 24 '21 at 13:14
  • I realize this is a little old, but, just so I understand. If I disable avahi, I still get network discovery capabilities it is just much slower? In my situation I do have a complex network environment around several back-office applications, BUT, those applications are ring-fenced from direct access and have high bandwidth capabilities and requirements between them. If I wanted to end the network chatter, but on the RARE occasion needed to discover something it would still work but slowly? – Bill Wood Mar 05 '22 at 04:24
1

AFAIK: avahi/bonjour/rendezvous service need cooperation of all devices. Each device is announcing its service by several broadcast per minut, while your computer with avahi daemon running/listening keeps a collection of available services. If you stop the avahi daemon on your computer but all devices continue with their advertisement, the list of services can be quickly rebuild, after you start avahi daemon again. But if you somehow force all the device to stop broadcasting of their "rendezvous" info, even the running avahi daemon does have nothing to collect, hence the easy config will not be possible. Yes, there are some other ways how to keep the knowlidge about services, available in your reach, e.g. port scanning, local DNS, etc. The avahi way is very easy and it has a growing support. It is your deal to decide which way to follow.

This was compilled from my and telcoM's comments and Internet.

schweik
  • 1,160
  • 8
  • 16
-3

Dripping faucets are annoying even if we all need running water. I don't use mDns, so I've deleted it without incident (apt-get --purge remove avahi-daemon). Further information about disabling it can be found here: https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/2020-09-03/finding/V-218006

Kenneth M Burke
  • 9
  • 1
    This does not appear to try to answer the given question. – Kusalananda Apr 16 '22 at 12:17
  • 1
    As it’s currently written, your answer is unclear. Please [edit] to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Apr 20 '22 at 17:04
  • 1
    I found that useful; I guess the downvotes are because it doesn't answer the main part of the question, the way the other's do, so would've been better as a comment. – Darren Cook May 24 '23 at 10:24