Managing Systemd units in Linux
Inception: Learn about systemd units and systemctl command usage in Linux system.
Systemd is a new kind of Linux init system, and service manager that provides features like on-demand starting of daemons, monitoring maintenance, snapshots supports, using Linux CGroup for process tracking, etc..
Its a replacement of SysVInit and upstart. It was created at Redhat by Lennart Poettering (Chief Architect).
It’s also very controversial..
Why systemd ?
Systemd has many great feature as following:
- Faster boot-up times, since daemons start in parallel.
- Easier for package developers, because its no longer necessary to figure out the order in which the daemons should start.
- No more numbered “S” and “K” links.
- Instead of controlling the daemons with complex init scripts, you now have simpler to read, simpler to configure for each daemon configuration.
- You can now configure your daemons to automatically restart upon a daemon crash.
- Daemon can start and stop dynamically as needed.
- It provides a better security.
- The
auditddaemon cannot be stopped or restarted by any user, including the root user. - So, if a hacker were to break into your system, he would not be able to cover his tracks by shutting down the auditing system, even if he were to gain root privileges.
- Every process now runs in its own cgroup by default. cgroup is simply like a jail for each process. It makes simple to control resources like CPU, memory, io, better process separation, etc.
- Simpler to control resource usage for each process.
- This also provides better process separation.
- The
- More consistent administration
- With SysVInit, every distro family had its own set of commands and management utilities.
- Debian family commands for enabling and disabling daemons were different from Redhat family commands and different from Slackware family commands.
- With systemd, daemon management commands are now consistent across all Linux distros that have adopted systemd. Some daemon names might differ, but the commands themselves are the same.
There are still several distro (mostly for desktop users) families that don’t use systemd like Slackware, Gentoo, Antix etc.
If you’re a server administrator, you might not have a choice, because all big players in the Enterprise Linux server market have switched to systemd, like Redhat, SUSE, and Ubuntu family destro.
The bottom line
- If you’re a desktop user, it really doesn’t matter which init system you use. If using systemd goes against your conscience, then use a non-systemd distro.
- If you want to become a server administrator, you’ll definitely want to learn systemd. You won’t be able to escape it in an Enterprise setting, and besides you just may learn to like it.
Overview of the Linux Boot Process and systemd
Let’s see the high-level overview of the Linux boot process.
Linux requires an init system during its booting process. After booting up, Linux kernel loads systemd and passes control over to systemd. Now the startup process begins, in which kernel initializes the first user-space process, the systemd init process with process ID 1, and then goes idle until called again.
Following are overview of Linux booting and startup process:
- Powers up the system.
- The BIOS does initial hardware initializations and handover control to the boot loader.
- The boot loader calls the kernal.
- The kernel loads an initial RAM disk that loads the system drives and then looks for the root file system.
- After kernel set up over, it starts the systemd initialization system.
- Now, systemd takes over the system and continues to mount the host file systems and starts services.
What are systemd units?
The systemd units are introduced by systemd, and it has several types, such as service unit, mount unit, socket unit, and slice unit.
Every unit is defined in their configuration files, which includes information about the unit, type of unit, and its behavior.
Most of the distributions store systemd unit files in following location:
- Default directory: The
/usr/lib/systemd/user/is the default location, where unit files are installed by packages. It suppose to not change the directory. - Runtime location: The
/run/systemd/system/directory is the runtime location for unit files. - High Precedence unit file location: The
/etc/systemd/system/directory stores unit files that extend a service and takes precedence over unit files located elsewhere in the system.
Further in this article, we will see how to run and manage services through systemd. Basically, start, stop, and restart the services that are running in the background in the system that is also called units.
Let’s take an example of the apache2 package to understand the start, stop, and restart the service in the background.
Follow the series of commands to understand the process:
Install apache2 service
The following are steps to install the apache2 server.
vagrant@debian10:~$ sudo apt install apache2
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
apache2-doc apache2-suexec-pristine | apache2-suexec-custom www-browser
The following NEW packages will be installed:
apache2
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 251 kB of archives.
After this operation, 613 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian buster/main amd64 apache2 amd64 2.4.38-3+deb10u3 [251 kB]
Fetched 251 kB in 0s (520 kB/s)
Selecting previously unselected package apache2.
(Reading database ... 63064 files and directories currently installed.)
Preparing to unpack .../apache2_2.4.38-3+deb10u3_amd64.deb ...
Unpacking apache2 (2.4.38-3+deb10u3) ...
Setting up apache2 (2.4.38-3+deb10u3) ...
Enabling module mpm_event.
Enabling module authz_core.
Enabling module authz_host.
Enabling module authn_core.
Enabling module auth_basic.
Enabling module access_compat.
Enabling module authn_file.
Enabling module authz_user.
Enabling module alias.
Enabling module dir.
Enabling module autoindex.
Enabling module env.
Enabling module mime.
Enabling module negotiation.
Enabling module setenvif.
Enabling module filter.
Enabling module deflate.
Enabling module status.
Enabling module reqtimeout.
Enabling conf charset.
Enabling conf localized-error-pages.
Enabling conf other-vhosts-access-log.
Enabling conf security.
Enabling conf serve-cgi-bin.
Enabling site 000-default.
Created symlink /etc/systemd/system/multi-user.target.wants/apache2.service → /lib/systemd/system/apache2.service.
Created symlink /etc/systemd/system/multi-user.target.wants/apache-htcacheclean.service → /lib/systemd/system/apache-htcacheclean.service.
Processing triggers for man-db (2.8.5-2) ...
Processing triggers for systemd (241-7~deb10u4) ...
vagrant@debian10:~$
Check status of apache2 service
The Apache2 service is running in backgroup. Lets use systemctl command provided by Systemd, we will be using this command to play with services.
We will use status flag of systemctl utility to check the status of apache2 service.
vagrant@debian10:~$ sudo systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2020-08-01 20:51:27 UTC; 2min 0s ago
Docs: https://httpd.apache.org/docs/2.4/
Main PID: 10479 (apache2)
Tasks: 55 (limit: 2359)
Memory: 9.0M
CGroup: /system.slice/apache2.service
├─10479 /usr/sbin/apache2 -k start
├─10481 /usr/sbin/apache2 -k start
└─10482 /usr/sbin/apache2 -k start
Aug 01 20:51:27 debian10.localdomain systemd[1]: Starting The Apache HTTP Server...
Aug 01 20:51:27 debian10.localdomain apachectl[10468]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using debian10.localdom
Aug 01 20:51:27 debian10.localdomain systemd[1]: Started The Apache HTTP Server.
- In above command output, we can see that service unit
/lib/systemd/system/apache2.service; enabled;is enabled. That means, when you will start this computer then apache2 service is going to start automatically. - The
vendor preset: enabledmeans, whenever you will install this package first time, this is going to enable the service automatically. - The
Active: active (running)means apache server is running successfully. - Last 3 lines are the logs of the service.
Disable auto start-up of apache2 service
You can use systemctl disable to disable auto-startup of apache2 service.
vagrant@debian10:~$ sudo systemctl enable apache2
Synchronizing state of apache2.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable apache2
Created symlink /etc/systemd/system/multi-user.target.wants/apache2.service → /lib/systemd/system/apache2.service.
vagrant@debian10:~$ sudo systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2020-08-01 20:51:27 UTC; 5min ago
Docs: https://httpd.apache.org/docs/2.4/
Main PID: 10479 (apache2)
Tasks: 55 (limit: 2359)
Memory: 9.0M
CGroup: /system.slice/apache2.service
├─10479 /usr/sbin/apache2 -k start
├─10481 /usr/sbin/apache2 -k start
└─10482 /usr/sbin/apache2 -k start
Aug 01 20:51:27 debian10.localdomain systemd[1]: Starting The Apache HTTP Server...
Aug 01 20:51:27 debian10.localdomain apachectl[10468]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using debian10.localdom
Aug 01 20:51:27 debian10.localdomain systemd[1]: Started The Apache HTTP Server.
Stop apache2 service
Use systemctl stop command to stop the apache2 service. You must use sudo to stop the service.
vagrant@debian10:~$ sudo systemctl stop apache2
vagrant@debian10:~$ sudo systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Sat 2020-08-01 20:57:19 UTC; 2s ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 10844 ExecStop=/usr/sbin/apachectl stop (code=exited, status=0/SUCCESS)
Main PID: 10479 (code=exited, status=0/SUCCESS)
Aug 01 20:51:27 debian10.localdomain systemd[1]: Starting The Apache HTTP Server...
Aug 01 20:51:27 debian10.localdomain apachectl[10468]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using debian10.localdom
Aug 01 20:51:27 debian10.localdomain systemd[1]: Started The Apache HTTP Server.
Aug 01 20:57:19 debian10.localdomain systemd[1]: Stopping The Apache HTTP Server...
Aug 01 20:57:19 debian10.localdomain apachectl[10844]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using debian10.localdom
Aug 01 20:57:19 debian10.localdomain systemd[1]: apache2.service: Succeeded.
Aug 01 20:57:19 debian10.localdomain systemd[1]: Stopped The Apache HTTP Server.
Restart apache2 service
Use systemctl restart command to stop the apache2 service. You must use sudo to restart the service.
vagrant@debian10:~$ sudo systemctl restart apache2
vagrant@debian10:~$ sudo systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2020-08-01 20:58:57 UTC; 2s ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 10856 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 10860 (apache2)
Tasks: 55 (limit: 2359)
Memory: 15.0M
CGroup: /system.slice/apache2.service
├─10860 /usr/sbin/apache2 -k start
├─10861 /usr/sbin/apache2 -k start
└─10862 /usr/sbin/apache2 -k start
Aug 01 20:58:56 debian10.localdomain systemd[1]: Starting The Apache HTTP Server...
Aug 01 20:58:57 debian10.localdomain apachectl[10856]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using debian10.localdom
Aug 01 20:58:57 debian10.localdomain systemd[1]: Started The Apache HTTP Server.
Start apache2 service
Use systemctl start command to stop the apache2 service. You must use sudo to start the service.
vagrant@debian10:~$ sudo systemctl start apache2
vagrant@debian10:~$ sudo systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2020-08-01 20:58:57 UTC; 42s ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 10856 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 10860 (apache2)
Tasks: 55 (limit: 2359)
Memory: 15.0M
CGroup: /system.slice/apache2.service
├─10860 /usr/sbin/apache2 -k start
├─10861 /usr/sbin/apache2 -k start
└─10862 /usr/sbin/apache2 -k start
Aug 01 20:58:56 debian10.localdomain systemd[1]: Starting The Apache HTTP Server...
Aug 01 20:58:57 debian10.localdomain apachectl[10856]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using debian10.localdom
Aug 01 20:58:57 debian10.localdomain systemd[1]: Started The Apache HTTP Server.
Conclusion: Now you have basic understanding of systemd and its units, you also leaned few common commands of systemctl by installing apache2 service.