Beginners Guide to systemd
System startup and server processes are managed by the systemd System and Service Manager. This program provides a method for activating system resources, server daemons, and other processes, both at boot time and on a running system. Daemons are processes that wait or run in the background performing various tasks. To listen for connections, a daemon uses a socket. Sockets may be created by daemons or may be separated from the daemon and be created by another process, such as systemd, which then passes the socket to the daemon when a connection is established by a client.
A service often refers to one or more daemons, but starting or stopping a service may instead make a one-time change to the state of the system (for example, to configure network interfaces), which does not involve leaving a daemon process running afterward.
A bit of history
For many years, process ID 1 of Linux and UNIX systems has been the init process. This process was responsible for activating other services on the system. Frequently used daemons were started on systems at boot time with System V and Linux Standard Base (LSB) init scripts. Less frequently used daemons were started on demand by another service, such as inetd or xinetd. These systems have several limitations, which are addressed with systemd.
In CentOS/RHEL 7, process ID 1 is systemd, the new init system. A few of the new features provided by systemd include:
- Parallelization capabilities, which increase the boot speed of a system
- On-demand starting of daemons without requiring a separate service
- Automatic service dependency management prevents long timeouts, such as not starting a network service when the network is not available
- A method of tracking related processes together using Linux control groups
systemctl and systemd units
The systemctl command is used to manage different types of systemd objects, called units. A list of available unit types can be displayed with systemctl -t help
Some common unit types are listed as follows:
- Service units have a .service extension and represent system services. This type of unit is used to start frequently accessed daemons, such as a web server.
- Socket units have a .socket extension and represent interprocess communication (IPC) sockets. Control of the socket will be passed to a daemon or newly started service when a client connection is made. Socket units are used to delay the start of a service at boot time and to start less frequently used services on demand. These are similar in principle to services which use the xinetd superserver to start on demand
- Path units have a .path extension and are used to delay the activation of a service until a specific file system change occurs. This is commonly used for services which use spool directories, such as a printing system.
Service states
The status of a service can be viewed with systemctl status name.type. If the unit type is not provided, systemctl will show the status of a service unit, if one exists.
# systemctl status sshd.service
sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: active (running) since Thu 2014-02-27 11:51:39 EST; 7h ago
Main PID: 1073 (sshd)
CGroup: /system.slice/sshd.service
└─1073 /usr/sbin/sshd -D
Feb 27 11:51:39 server0.example.com systemd[1]: Started OpenSSH server daemon.
Feb 27 11:51:39 server0.example.com sshd[1073]: Could not load host key: /et...y
Feb 27 11:51:39 server0.example.com sshd[1073]: Server listening on 0.0.0.0 ....
Feb 27 11:51:39 server0.example.com sshd[1073]: Server listening on :: port 22.
Feb 27 11:53:21 server0.example.com sshd[1270]: error: Could not load host k...y
Feb 27 11:53:22 server0.example.com sshd[1270]: Accepted password for root f...2
Hint: Some lines were ellipsized, use -l to show in full
Several keywords indicating the state of the service can be found in the status output:
| Keyword | Description |
|---|---|
| loaded | Unit configuration file has been processed |
| active (running) | Running with one or more continuing processes. |
| active (exited) | Successfully completed a one-time configuration. |
| active (waiting) | Running but waiting for an event. |
| inactive | Not running. |
| enabled | Will be started at boot time. |
| disabled | Will not be started at boot time. |
| static | Cannot be enabled, but may be started by an enabled unit automatically. |
Listing Unit Files systemctl
1. Query the state of all units to verify a system startup
# systemctl
2. Query the state of only the service units.
# systemctl --type=service
3. Investigate any units which are in a failed or maintenance state. Optionally, add the -l option to show the full output.
# systemctl status rngd.service -l
4. The status argument may also be used to determine if a particular unit is active and show if the unit is enabled to start at boot time. Alternate commands can also easily show the active and enabled states:
# systemctl is-active sshd
# systemctl is-enabled sshd
5. List the active state of all loaded units. Optionally, limit the type of unit. The –all option will add inactive units
# systemctl list-units --type=service
# systemctl list-units --type=service --all
6. View the enabled and disabled settings for all units. Optionally, limit the type of unit.
# systemctl list-unit-files --type=service
7. View only failed services
# systemctl --failed --type=service
Starting & Stopping System Daemons on a Running System
Starting, stopping, restarting, reloading, and verifying status are common actions performed when administering services.
1. View the status of the sshd service.
# systemctl status sshd.service
sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: active (running) since Thu 2014-02-27 11:51:39 EST; 7h ago
Main PID: 1073 (sshd)
CGroup: /system.slice/sshd.service
└─1073 /usr/sbin/sshd -D
2. Verify that the process is running.
# ps -up 1073
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1073 0.1 0.0 82992 3612 ? Ss 15:15 0:00 /usr/sbin/sshd -D
3. Stop the service and verify the status.
# systemctl stop sshd.service
# systemctl status sshd.service
sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: inactive (dead) since Thu 2014-02-27 18:51:39 EST; 2s ago
Main PID: 1073 (code=exited, status=0/SUCCESS)
4. Start the service and view the status. The process ID has changed
# systemctl start sshd.service
# systemctl status sshd.service
sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: active (running) since Thu 2014-02-27 18:52:39 EST; 2s ago
Main PID: 1253 (sshd)
CGroup: /system.slice/sshd.service
└─1253 /usr/sbin/sshd -D
5. Stop, then start, the service in a single command:
# systemctl restart sshd.service
# systemctl status sshd.service
sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: active (running) since Thu 2014-02-27 18:54:39 EST; 2s ago
Main PID: 1268 (sshd)
CGroup: /system.slice/sshd.service
└─1268 /usr/sbin/sshd -D
6. Issue instructions for a service to read and reload its configuration file without a complete stop and start. The process ID will not change
# systemctl reload sshd.service
# systemctl status sshd.service
sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; ed)
Active: active (running) since Thu 2014-02-27 18:55:09 EST; 32s ago
Main PID: 1268 (sshd)
CGroup: /system.slice/sshd.service
└─1268 /usr/sbin/sshd -D
Unit dependencies
Services may be started as dependencies of other services. If a socket unit is enabled and the service unit with the same name is not, the service will automatically be started when a request is made on the network socket. Services may also be triggered by path units when a file system condition is met.
The systemctl list-dependencies UNITcommand can be used to display a tree of other units which must be started in conjunction with a specific unit. The –reverse option to this command will show what units need to have the specified unit started in order to run.
Masking services
A system may have conflicting services installed for a certain function, such as firewalls (iptables and firewalld). To prevent an administrator from accidentally starting a service, a service may be masked. Masking creates a link in the configuration directories so that if the service is started, nothing will happen.
# systemctl mask network ln -s '/dev/null' '/etc/systemd/system/network.service'
# systemctl unmask network
rm '/etc/systemd/system/network.service'
Enabling system daemons to start or stop at boot
Services are started at boot time when links are created in the appropriate systemd configuration directories. These links are created and removed with systemctl commands.
1. View the status of a service.
# systemctl status sshd.service
2. Disable the service and verify the status. Note that disabling a service does not stop the service
# systemctl disable sshd.service
# systemctl status sshd.service
3. Enable the service and verify the status.
# systemctl enable sshd.service
# systemctl is-enabled sshd.service
Summary of systemctl commands
Services can be started and stopped on a running system and enabled or disabled for automatic start at boot time.
| Command | Task |
|---|---|
| systemctl status UNIT | View detailed information about a unit state |
| systemctl stop UNIT | Stop a service on a running system. |
| systemctl start UNIT | Start a service on a running system. |
| systemctl restart UNIT | Restart a service on a running system |
| systemctl reload UNIT | Reload configuration file of a running service |
| systemctl mask UNIT | Completely disable a service from being started, both manually and at boot. |
| systemctl unmask UNIT | Make a masked service available. |
| systemctl enable UNIT | Configure a service to start at boot time. |
| systemctl disable UNIT | Disable a service from starting at boot time. |
| systemctl list-dependencies UNIT | List units which are required and wanted by the specified unit. |