Hey there :)
in this piece, we're going to look at systemd and systemctl. And what's that you ask ? Well it's the system commands we use to manage services on a system that uses systemd. In the old days, we would use /etc/init.d/service, today it's in systemctl, so knowing how to use it, is a good thing. But, if you're scared of the command line, this article might not be for you :)
But why should you even care about the command line and using it to control services, and debug services state ? Because it's the fastest way if you have to make changes, so I highly recommend you at least read through this piece, and get the most basic commands under your belt.
So, let's start with listing the version
# systemctl --version
systemd 215
+PAM +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ -SECCOMP -APPARMOR
So, now we know it's version 215. Let's find out where the system binaries are located.
# whereis systemd
systemd: /usr/lib/systemd /etc/systemd /usr/share/systemd /usr/share/man/man1/systemd.1.gz
# whereis systemctl
systemctl: /usr/bin/systemctl /usr/share/man/man1/systemctl.1.gz
Let's see if systemd is actually running (let's hope so)
root@xeon:/home/nx# ps -eaf | grep systemd
root 514 1 0 17:43 ? 00:00:00 /lib/systemd/systemd-journald
root 530 1 0 17:43 ? 00:00:01 /lib/systemd/systemd-udevd
message+ 1235 1 0 17:43 ? 00:00:01 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
root 1243 1 0 17:43 ? 00:00:00 /lib/systemd/systemd-logind
nx 1564 1 0 17:44 ? 00:00:00 /lib/systemd/systemd --user
nx 1586 1564 0 17:44 ? 00:00:00 /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
root 8235 8224 0 18:47 pts/0 00:00:00 grep systemd
Let's see if we can analyze the boot process, and time taken by each process at boot.
root@xeon:/home/nx# systemd-analyze
Startup finished in 43.437s (firmware) + 7.619s (loader) + 17.320s (kernel) + 54.904s (userspace) = 2min 3.282s
graphical.target reached after 54.871s in userspace
Let's study the critical chain
root@xeon:/home/nx# systemd-analyze critical-chain
The time when unit became active or started is printed after the "@" character.
The time the unit took to start is printed after the "+" character.
graphical.target @54.871s
└─multi-user.target @54.871s
└─smbd.service @52.152s +2.718s
└─winbind.service @49.372s +2.762s
└─nmbd.service @35.820s +13.513s
└─network-online.target @35.797s
└─NetworkManager-wait-online.service @32.163s +3.632s
└─NetworkManager.service @26.449s +5.680s
└─dbus.service @26.447s
└─basic.target @26.359s
└─sockets.target @26.359s
└─docker.socket @26.358s +1ms
└─sysinit.target @26.160s
└─systemd-update-utmp.service @26.042s +117ms
└─systemd-tmpfiles-setup.service @25.095s +870ms
└─systemd-journal-flush.service @4.247s +20.811s
└─systemd-journald.service @3.932s +289ms
└─systemd-journald.socket @3.647s
└─system.slice @2.684s
└─-.slice @2.684s
List all available units
root@xeon:/home/nx# systemctl list-unit-files
UNIT FILE STATE VENDOR PRESET
proc-sys-fs-binfmt_misc.automount static -
-.mount generated -
boot-efi.mount generated -
boot.mount generated -
dev-hugepages.mount static -
dev-mqueue.mount static -
media-cdrom0.mount generated -
proc-fs-nfsd.mount static -
proc-sys-fs-binfmt_misc.mount disabled disabled
run-rpc_pipefs.mount static -
sys-fs-fuse-connections.mount static -
sys-kernel-config.mount static -
sys-kernel-debug.mount static -
sys-kernel-tracing.mount static -
var-lib-machines.mount static -
systemd-ask-password-console.path static - Let's stop for a moment. Notice it says state and vendor preset. Vendor preset is what is says, it's the vendor set state, and the other is it's current state. That can be enabled, disabled and static, and masked.
Enabled and disabled are what you should be concerned about. That tells you if they are enabled at boot or not, depending on what you want. Later we'll look into how to change them, and start and stop services. For now, we're just looking at the system, to learn more about it.
So, let's list running units
root@xeon:/home/nx# systemctl list-units
UNIT >
proc-sys-fs-binfmt_misc.automount >
sys-devices-pci0000:00-0000:00:02.0-0000:05:00.1-sound-card1-controlC1.device >
sys-devices-pci0000:00-0000:00:11.0-0000:02:00.0-host2-port\x2d2:0-end_device\x2d2:0-target2:0:0-2:0:0:0-block-sda-sda1>
sys-devices-pci0000:00-0000:00:11.0-0000:02:00.0-host2-port\x2d2:0-end_device\x2d2:0-target2:0:0-2:0:0:0-block-sda.devi>
sys-devices-pci0000:00-0000:00:16.3-tty-ttyS0.device >
sys-devices-pci0000:00-0000:00:19.0-net-eth0.device >Note this is not all running units, there's a lot more on a standard system :)
Let's list failed units
root@xeon:/home/nx# systemctl --failed
UNIT LOAD ACTIVE SUB DESCRIPTION
0 loaded units listed.
root@xeon:/home/nx#
Check if a service is enabled
root@xeon:/home/nx# systemctl is-enabled NetworkManager
enabled
Let's check status, since we know it's enabled, but is it running right now ?
root@xeon:/home/nx# systemctl status NetworkManager
● NetworkManager.service - Network Manager
Loaded: loaded (/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2021-02-19 17:43:45 CET; 1h 22min ago
Docs: man:NetworkManager(8)
Main PID: 1236 (NetworkManager)
Tasks: 3 (limit: 23839)
Memory: 12.6M
CPU: 228ms
CGroup: /system.slice/NetworkManager.service
└─1236 /usr/sbin/NetworkManager --no-daemon
feb 19 17:43:48 xeon NetworkManager[1236]: <info> [1613753028.3220] ifupdown: guessed connection type (eth0) = 802-3-eth>
feb 19 17:43:48 xeon NetworkManager[1236]: <warn> [1613753028.3636] keyfile: load: "/etc/NetworkManager/system-connectio>
feb 19 17:43:48 xeon NetworkManager[1236]: <info> [1613753028.4162] device (lo): carrier: link connected
Let's list all the services
root@xeon:/home/nx# systemctl list-unit-files
UNIT FILE STATE VENDOR PRESET
proc-sys-fs-binfmt_misc.automount static -
-.mount generated -
boot-efi.mount generated -
boot.mount generated -
dev-hugepages.mount static -
dev-mqueue.mount static -
media-cdrom0.mount generated -
proc-fs-nfsd.mount static -
proc-sys-fs-binfmt_misc.mount disabled disabled
run-rpc_pipefs.mount static -
sys-fs-fuse-connections.mount static -
sys-kernel-config.mount static -
sys-kernel-debug.mount static - So, how do we start, restart, stop and reload services ?
# systemctl start httpd.service
# systemctl restart httpd.service
# systemctl stop httpd.service
# systemctl reload httpd.service
# systemctl status httpd.service
httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
Active: active (running) since Tue 2015-04-28 17:21:30 IST; 6s ago
Process: 2876 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
Main PID: 2881 (httpd)
Status: "Processing requests..."
CGroup: /system.slice/httpd.service
├─2881 /usr/sbin/httpd -DFOREGROUND
├─2884 /usr/sbin/httpd -DFOREGROUND
├─2885 /usr/sbin/httpd -DFOREGROUND
├─2886 /usr/sbin/httpd -DFOREGROUND
├─2887 /usr/sbin/httpd -DFOREGROUND
└─2888 /usr/sbin/httpd -DFOREGROUNDSo, what about enable and disable, and what is the difference ? Start, stop, restart, reload are only affecting the service "right now", it doesn't affect boot state of the service. For that we use enable and disable. If enabled they start at boot, if disabled, they don't run at boot.
#is apache active ?
systemctl is-active httpd.service
# enable apache at boot
systemctl enable httpd.service
#disable at boot
systemctl disable httpd.serviceSo, there's one more we need to know, mask and unmask. If a service is masked it can't start, if it's unmasked it can start.
root 10249 0.0 0.0 6272 656 pts/0 S+ 19:14 0:00 grep apache
root@xeon:/home/nx# systemctl mask apache2
Created symlink /etc/systemd/system/apache2.service → /dev/null.
root@xeon:/home/nx# systemctl start apache2
Failed to start apache2.service: Unit apache2.service is masked.
root@xeon:/home/nx# systemctl unmask apache2
Removed /etc/systemd/system/apache2.service.
root@xeon:/home/nx# systemctl start apache2
root@xeon:/home/nx# ps aux | grep apache
root 10359 0.2 0.1 195920 20788 ? Ss 19:15 0:00 /usr/sbin/apache2 -k start
www-data 10360 0.0 0.0 196376 10484 ? S 19:15 0:00 /usr/sbin/apache2 -k start
www-data 10361 0.0 0.0 196376 10484 ? S 19:15 0:00 /usr/sbin/apache2 -k start
www-data 10362 0.0 0.0 196376 10484 ? S 19:15 0:00 /usr/sbin/apache2 -k start
www-data 10363 0.0 0.0 196376 10484 ? S 19:15 0:00 /usr/sbin/apache2 -k start
www-data 10364 0.0 0.0 196376 10484 ? S 19:15 0:00 /usr/sbin/apache2 -k start
root 10385 0.0 0.0 6272 712 pts/0 S+ 19:15 0:00 grep apache
root@xeon:/home/nx# systemctl stop apache2
root@xeon:/home/nx#
Another command for systemctl is kill. That forces a service / process to stop everything at once, by simply killing the process. Think of it like a sledgehammer when it comes to processes :)
root@xeon:/home/nx# systemctl start apache2
root@xeon:/home/nx# systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; disabled; vendor preset: disabled)
Active: active (running) since Fri 2021-02-19 19:18:24 CET; 11s ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 10612 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 10616 (apache2)
Tasks: 6 (limit: 23839)
root@xeon:/home/nx# systemctl kill apache2
root@xeon:/home/nx# systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Docs: https://httpd.apache.org/docs/2.4/
So, now we have taken a look at systemctl and services, let's play with mount points for a bit, using systemctl.
List all mount points
# systemctl list-unit-files --type=mount
UNIT FILE STATE
dev-hugepages.mount static
dev-mqueue.mount static
proc-sys-fs-binfmt_misc.mount static
sys-fs-fuse-connections.mount static
sys-kernel-config.mount static
sys-kernel-debug.mount static
tmp.mount disabledSo how to mount, unmount, remount and reload ?. Like this
# systemctl start tmp.mount
# systemctl stop tmp.mount
# systemctl restart tmp.mount
# systemctl reload tmp.mount
# systemctl status tmp.mount
tmp.mount - Temporary Directory
Loaded: loaded (/usr/lib/systemd/system/tmp.mount; disabled)
Active: active (mounted) since Tue 2015-04-28 17:46:06 IST; 2min 48s ago
Where: /tmp
What: tmpfs
Docs: man:hier(7)
http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
Process: 3908 ExecMount=/bin/mount tmpfs /tmp -t tmpfs -o mode=1777,strictatime (code=exited, status=0/SUCCESS)
Apr 28 17:46:06 tecmint systemd[1]: Mounting Temporary Directory...
Apr 28 17:46:06 tecmint systemd[1]: tmp.mount: Directory /tmp to mount over is not empty, mounting anyway.How to activate, enable or disable a mount point at boot time
# Check if active, enable and disable mount point at boot
systemctl is-active tmp.mount
systemctl enable tmp.mount
systemctl disable tmp.mount
# mask and unmask mount point
systemctl mask tmp.mount
ln -s '/dev/null' '/etc/systemd/system/tmp.mount'
systemctl unmask tmp.mount
rm '/etc/systemd/system/tmp.mount'
Check the details of a service
root@xeon:/home/nx# systemctl show apache2
Type=forking
Restart=on-abort
NotifyAccess=none
RestartUSec=100ms
TimeoutStartUSec=1min 30s
TimeoutStopUSec=1min 30s
TimeoutAbortUSec=1min 30s
TimeoutStartFailureMode=terminate
TimeoutStopFailureMode=terminate
RuntimeMaxUSec=infinity
WatchdogUSec=infinity
WatchdogTimestampMonotonic=0
RootDirectoryStartOnly=no
RemainAfterExit=no
GuessMainPID=yes
MainPID=0
ControlPID=0
FileDescriptorStoreMax=0
NFileDescriptorStore=0
StatusErrno=0
Result=success
ReloadResult=success
Analyze the chain for a service
systemd-analyze critical-chain apache2.service
The time when unit became active or started is printed after the "@" character.
The time the unit took to start is printed after the "+" character.
└─network.target @32.130s
└─NetworkManager.service @26.449s +5.680s
└─dbus.service @26.447s
└─basic.target @26.359s
└─sockets.target @26.359s
└─docker.socket @26.358s +1ms
└─sysinit.target @26.160s
└─systemd-update-utmp.service @26.042s +117ms
└─systemd-tmpfiles-setup.service @25.095s +870ms
└─systemd-journal-flush.service @4.247s +20.811s
└─systemd-journald.service @3.932s +289ms
└─systemd-journald.socket @3.647s
└─system.slice @2.684s
└─-.slice @2.684s
List dependencies for a service
root@xeon:/home/nx# systemctl list-dependencies apache2.service
apache2.service
● ├─-.mount
● ├─system.slice
● └─sysinit.target
● ├─dev-hugepages.mount
● ├─dev-mqueue.mount
● ├─haveged.service
● ├─keyboard-setup.service
● ├─kmod-static-nodes.service
● ├─kmod-static-nodes.service
apache2.service
● ├─-.mount
● ├─system.slice
● └─sysinit.target
● ├─dev-hugepages.mount
● ├─dev-mqueue.mount
● ├─haveged.service
● ├─keyboard-setup.service
● ├─kmod-static-nodes.service
● ├─lvm2-lvmpolld.socket
● ├─plymouth-read-write.service
● ├─plymouth-start.service
So, the last thing we'll look at is system runlevels
# Boot into rescue mode
systemctl rescue
Broadcast message from root@tecmint on pts/0 (Wed 2015-04-29 11:31:18 IST):
The system is going down to rescue mode NOW!
# Boot into emergency mode
systemctl emergency
# list current runlevel in use
systemctl get-default
#Start runlevel 5 / graphical mode
systemctl isolate runlevel5.target
OR
systemctl isolate graphical.target
# Start runlevel 3 (multiuser commandline mode
systemctl isolate runlevel3.target
OR
systemctl isolate multiuser.target
# Reboot, halt, suspend, hibernate
systemctl reboot
systemctl halt
systemctl suspend
systemctl hibernate
systemctl hybrid-sleep
If you don't know what runlevels are, they are
Runlevel 0 : Shut down and Power off the system.
Runlevel 1 : Rescue?Maintainance Mode.
Runlevel 3 : multiuser, no-graphic system.
Runlevel 4 : multiuser, no-graphic system.
Runlevel 5 : multiuser, graphical system.
Runlevel 6 : Shutdown and Reboot the machine.
So, now we came to the end of a short and fast introduction to systemd, and common commands. Go play and see what they do, and read the docs :)