Linux systemd
Manage Systemd Services and Units using Systemctl
Systemctl is a systemd utility which is responsible for Controlling the systemd system and service manager.
Systemd is a collection of system management daemons, utilities and libraries which serves as a replacement of System V init daemon. Systemd functions as central management and configuration platform for UNIX like system.
In the Linux Ecosystem Systemd has been implemented on most of the standard Linux Distribution with a few exception. Systemd is the parent Process of all other daemons oftenly but not always.
Check versions, binaries and libraries
$ systemd --version #Ubuntu 18.04 systemd 237 +PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid $ whereis systemd systemd: /usr/lib/systemd /bin/systemd /etc/systemd /lib/systemd /usr/share/systemd /usr/share/man/man1/systemd.1.gz $ whereis systemctl systemctl: /bin/systemctl /usr/share/man/man1/systemctl.1.gz
Is systemd running?
ps -eaf | grep [s]ystemd
Analyze
Analyze systemd boot process
# systemd-analyze
Analyze time taken by each process at boot
# systemd-analyze blame
Analyze critical chain at boot
# systemd-analyze critical-chain
Important: Systemctl accepts services (.service), mount point (.mount), sockets (.socket) and devices (.device) as units
List units
systemctl list-unit-files #List all the available units systemctl list-units #List all running units systemctl --failed #List all failed units systemctl is-enabled crond.service #Check if a Unit (cron.service) is enabled systemctl status firewalld.service #Check whether a Unit or Service is running
List units that have drop-in overrides
$ systemd-delta [EXTENDED] /lib/systemd/system/rc-local.service → /lib/systemd/system/rc-local.service.d/debian.conf [EXTENDED] /lib/systemd/system/user@.service → /lib/systemd/system/user@.service.d/timeout.conf 2 overridden configuration files found
Control and Manage Services Using Systemctl
List all services (including enabled and disabled)
systemctl list-unit-files --type=service
How do I start, restart, stop, reload and check the status of a service (httpd.service) in Linux
systemctl start httpd.service systemctl restart httpd.service systemctl stop httpd.service systemctl reload httpd.service systemctl status httpd.service
Note: When we use commands like start, restart, stop and reload with systemctl, we will not get any output on the terminal, only status command will print the output
How to active a service and enable or disable a service at boot time (auto start service at system boot)
systemctl is-active httpd.service systemctl enable httpd.service systemctl disable httpd.service
How to mask (making it impossible to start) or unmask a service (httpd.service)
systemctl mask httpd.service systemctl unmask httpd.service
How to a Kill a service using systemctl command
systemctl kill httpd systemctl status httpd
Mount Points using systemctl
#List all system mount points systemctl list-unit-files --type=mount systemctl start tmp.mount #mount systemctl stop tmp.mount #unmount systemctl restart tmp.mount #re-mount? systemctl reload tmp.mount #re-mount? systemctl status tmp.mount #status #active, enable or disable a mount point at boot time (auto mount at system boot) systemctl is-active tmp.mount systemctl enable tmp.mount systemctl disable tmp.mount #How to mask (making it impossible to start) or unmask a mount points in Linux systemctl mask tmp.mount systemctl unmask tmp.mount
Control and Manage Sockets using systemctl
#List all available system sockets systemctl list-unit-files --type=socket #start, restart, stop, reload and check the status of a socket systemctl start cups.socket systemctl restart cups.socket systemctl stop cups.socket systemctl reload cups.socket systemctl status cups.socket #active a socket and enable or disable at boot time (auto start socket at system boot) systemctl is-active cups.socket systemctl enable cups.socket systemctl disable cups.socket #How to mask (making it impossible to start) or unmask a socket (cups.socket) systemctl mask cups.socket systemctl unmask cups.socket
systemctl show -p CPUShares httpd.service CPUShares=1024 #<- it's default value systemctl set-property httpd.service CPUShares=1000 #set a CPUShare
When you set CPUShare for a service, a directory with the name of service is created (httpd.service.d) which contains a file 90-CPUShares.conf which contains the CPUShare Limit information.
Check all the configuration details of a service
systemctl show httpd
Analyze critical chain for a services
systemd-analyze critical-chain NetworkManager.service The time after the unit is active or started is printed after the "@" character. The time the unit takes to start is printed after the "+" character. NetworkManager.service +215ms └─dbus.service @4.264s └─basic.target @4.246s └─sockets.target @4.246s └─snapd.socket @4.243s +2ms └─sysinit.target @4.242s └─apparmor.service @1.437s +2.079s └─local-fs.target @1.432s └─run-user-1001-gvfs.mount @29.537s └─run-user-1001.mount @21.950s └─swap.target @1.356s └─dev-mapper-ubuntu\x2d\x2dvg\x2dswap_1.swap @1.345s +10ms └─dev-mapper-ubuntu\x2d\x2dvg\x2dswap_1.device @1.344s
Get a list of dependencies for a service
systemctl list-dependencies NetworkManager.service ● ├─dbus.socket ● ├─system.slice ● ├─network.target ● └─sysinit.target ● ├─apparmor.service ● ├─blk-availability.service ● ├─dev-hugepages.mount ● ├─dev-mqueue.mount ● ├─keyboard-setup.service ● ├─kmod-static-nodes.service ● ├─lvm2-lvmetad.socket ● ├─lvm2-lvmpolld.socket ...
List control groups -cgls
hierarchically
$ systemd-cgls Control group /: -.slice ├─user.slice │ ├─user-1001.slice │ │ ├─session-2.scope │ │ │ ├─ 1882 gdm-session-worker [pam/gdm-password] │ │ │ ├─ 2451 /usr/bin/gnome-keyring-daemon --daemonize --login │ │ │ ├─ 2455 /usr/lib/gdm3/gdm-x-session --run-script env GNOME_SHELL_SESSION_MODE=ubuntu gnome-session --session=ubuntu │ │ │ ├─ 2457 /usr/lib/xorg/Xorg vt2 -displayfd 3 -auth /run/user/1001/gdm/Xauthority -background none -noreset -keeptty -verbose 3 │ │ │ ├─ 2513 /usr/lib/gnome-session/gnome-session-binary --session=ubuntu │ │ │ ├─ 2592 /usr/bin/ssh-agent /usr/bin/im-launch env GNOME_SHELL_SESSION_MODE=ubuntu gnome-session --session=ubuntu │ │ │ ├─ 2618 /usr/bin/gnome-shell │ │ │ ├─ 2640 /usr/bin/pulseaudio --start --log-target=syslog ...
List control group -cgtop
- CPU, memory, Input and Output sorted by
systemd-cgtop Control Group Tasks %CPU Memory Input/s Output/s / 1204 98.4 10.4G - - /system.slice 118 - - - - /system…anager.service 3 - - - - /system…anager.service 4 - - - - /system…daemon.service 3 - - - -
Start rescue mode
$ systemctl rescue Broadcast message from root@tecmint on pts/0 (Wed 2019-07-26 11:31:18 BST): The system is going down to rescue mode NOW!
Enter into emergency mode
$ systemctl emergency Welcome to emergency mode! After logging in, type "journalctl -xb" to view system logs, "systemctl reboot" to reboot, "systemctl default" to try again to boot into default mode <source lang=bash>
List current run levels in use
$ systemctl get-default graphical.target #Runlevel 0 : Shut down and Power off the system. #Runlevel 1 : Rescue?Maintainance Mode. #Runlevel 3 : multiuser, no-graphic system. #Runlevel 4 : multiuser, no-graphic system. #Runlevel 5 : multiuser, graphical system. #Runlevel 6 : Shutdown and Reboot the machine.
How to start Runlevel 5 aka graphical mode
$ systemctl isolate runlevel5.target #/or $ systemctl isolate graphical.target
Set default Runlevel
# systemctl set-default runlevel3.target #multiuser # systemctl set-default runlevel5.target #graphical
Reboot, suspend, sleep
systemctl reboot | halt | suspend | hibernate | hybrid-sleep systemctl poweroff
Special services
systemd-networkd
It's a system service used to manage networks. It detects & configure network devices as they appear, creates virtual-network-devices.
- creates network devices based on configuration in
systemd.netdev
files based on contents of[Match]
section - flushes anyexisting network addresses & routes when bringing up device
Configuration files:
- system network directory
/usr/lib/systemd/network/
- volatile runtime network directory
/run/systemd/network/
- local administration network directory
/etc/systemd/network/
# Restart networking systemctl restart systemd-networkd
Create networkd
static network
Create a networkd drop-in unit under /etc/systemd/network
. Files created manually on a filesystem require service restart.
Static IP | Enable DHCP for matching if's |
---|---|
vi /etc/systemd/network/10-static.network [Match] Name=eth2 [Network] DNS=8.8.4.4 Address=192.168.1.10/24 Gateway=192.168.1.1 Address=192.168.1.11/24 Gateway=192.168.1.1 Address=192.168.1.12/24 Gateway=192.168.1.1 |
vi /etc/systemd/network/20-dhcp.network [Match] #any interfaces not matching previous [Match] and not beginning with eth* won't be configured Name=eth* [Network] [DHCP=yes] |
Debugging
mkdir -p /etc/systemd/system/systemd-networkd.service.d vi /etc/systemd/system/systemd-networkd.service.d/10-debug.conf #create a config drop-in [Service] Environment=SYSTEMD_LOG_LEVEL=debug #Reload then restart systemctl daemon-reload systemctl restart systemd-networkd.service journalctl -u -b systemd-networkd -f #-f follow core@core-01 ~ $ journalctl -u systemd-networkd -f -- Logs begin at Sat 2019-07-27 13:20:18 UTC. -- Jul 27 14:41:19 core-01 systemd-networkd[1239]: NDISC: No RA received before link confirmation timeout Jul 27 14:41:19 core-01 systemd-networkd[1239]: NDISC: Invoking callback for 'timeout' event. Jul 27 14:41:19 core-01 systemd-networkd[1239]: eth1: Configured Jul 27 14:41:19 core-01 systemd-networkd[1239]: Sent message type=signal sender=n/a destination=n/a path=/org/freedesktop/network1/link/_33 interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=20 reply_cookie=0 signature=sa{sv}as error-name=n/a error-message=n/a Jul 27 14:41:19 core-01 systemd-networkd[1239]: NDISC: No RA received before link confirmation timeout Jul 27 14:41:19 core-01 systemd-networkd[1239]: NDISC: Invoking callback for 'timeout' event. Jul 27 14:41:19 core-01 systemd-networkd[1239]: eth0: Configured Jul 27 14:41:19 core-01 systemd-networkd[1239]: Sent message type=signal sender=n/a destination=n/a path=/org/freedesktop/network1/link/_32 interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=21 reply_cookie=0 signature=sa{sv}as error-name=n/a error-message=n/a Jul 27 14:41:20 core-01 systemd-networkd[1239]: NDISC: Sent Router Solicitation, next solicitation in 17s