systemd stuffs

[In draft stage]

This blog is a notes on systemd which I have noted down while reading a online documnet https://n0where.net/understanding-systemd/ and through man pages.Will keep updating it.

Features:
socket-based activation
bus-based activation
path-based activation
device-based activation
implicit dependency mapping
instances and templates
easy security hardening
drop-ins and snippets – Override the Vanila units.

service file location:

/lib/systemd/system/ – The systemd unit files are stored.

/etc/systemd/system/ – overrides above services if the same service name.

/run/systemd/system/ – runtime units.

Unit file types:

.service – for daemons and applications.

.socket – for socket activation.

.device

.mount

.automount

.swap

.target – system states.

.path – path based activation ‘inotify’.

.timer – manage jobs with time. cron type.

.snapshot – system current state snapshot.

.slice – Resource isolation with cgroups for users.

.scope

[Unit] Section:

Description=:

Documentation=:

Requires=: This directive lists any units upon which this unit essentially depends. If the current unit is activated, the units listed here must successfully activate as well, else this unit will fail. These units are started in parallel with the current unit by default.

Wants=: This directive is similar to Requires=, but less strict. Systemd will attempt to start any units listed here when this unit is activated. If these units are not found or fail to start, the current unit will continue to function.

BindsTo=: This directive is similar to Requires=, but also causes the current unit to stop when the associated unit terminates.

Before=: The units listed in this directive will not be started until the current unit is marked as started if they are activated at the same time.

After=: The units listed in this directive will be started before starting the current unit. This does not imply a dependency relationship and one must be established through the above directives if this is required.

Conflicts=: This can be used to list units that cannot be run at the same time as the current unit.

Condition=:

Assert=:

[Install] Section:

Only units that can be enabled will have this section.

WantedBy=:

RequiredBya=:

Alias=:

Also=:

DefaultInstance=:

[Service] Section:

The [Service] section is used to provide configuration that is only applicable for services.

Type: directive:

simple: exestart is the main process.

forking: exestart is the parent process which might exit by launching child process.

oneshot: wait till comeples this process, its very short term ;).

dbus: wait untill the bus name is created.

notify: notifies systemd after started successfully.

idle: This indicates that the service will not be run until all jobs are dispatched.

Additional Directives in Service:

RemainAfterExit=:

PIDFile=:

BusName=:

NotifyAccess=:

Directives for Managing services:

ExecStart=: full path to the binary which needs to be executed.

ExecStartPre=: path to the app, to run before the main process.

ExecStartPost=: path to the app, to run after the main process created.

ExecReload=: path to the app, to reload the service.

ExecStop=: path to the app, to stop the process.

ExecStopPost=: execute after stop.

RestartSec=: time to wait before restarting the process.

Restart=: restart the process on event.

TimeoutSec=: time of waiting to declare the process is failed to start/stop.

[Socket] Section:

ListenStream=: stream socket address.

ListenDatagram=: datagram socket address.

ListenSequentialPacket=: sequential, reliable communication with max length datagrams that preserves message boundaries

ListenFIFO:

Additional Directives:

Accept=: to control creating instances for each connections.

SocketUser=: root user if  left unset.

SocketGroup=: group owner of the socket,  root if unset.

SocketMode=: permissions

[Mount] Section:

What=: Takes an absolute path of a device node

Where=: The absolute path of the mount point where the resource should be mounted.

Type=: Filesystem type.

Options=: Any mount options that need to be applied. This is a comma-separated list.

SloppyOptions=:

DirectoryMode=:

TimeoutSec=: Configures the amount of time the system will wait until the mount operation is marked as failed.

[Automount] Section:

Where=:

DirectoryMode=:

[Swap] Section:

What=: Absolute path to the location of swap space.

Priority=:

Options=: options sets in /etc/fstab

TimeoutSec=:

[Path] Section:

PathExists=:

PathExistsGlob=:

PathChanged=:

PathModified=:

DirectoryNotEmpty=:

Unit=:

MakeDirectory=:

DirectoryMode=:

[Timer] Section:

onActiveSec=:

OnBootSec=:

OnStartupSec=:

OnUnitActiveSec=:

OnUnitInactiveSec=:

OnCalendar=:

AccuracySec=:

Unit=: This directive is used to specify the unit that should be activated when the timer elapses. If unset, systemd will look for a .service unit with a name that matches this unit.

Persistent=:

[Slice] Section:

Template units:

Template Specifiers:

%n: Full resulting unit name.

%N:

%p: Unit name prefix.

%P:

%i: This references the instance name, which is the identifier following the @ in the instance unit.

%I:

%f:

%c: Control group of the unit.

%u: Name of the user configured to run the unit.

%U: Name of the user, but as UID – numeric.

%H: Hostname of the running system.

%%: To insert the literal percentage.

Systemd commands:

* systemctl start <servicename>

* systemctl stop <servicename>

* systemctl restart <servicename>

* systemctl reload <servicename>

* systemctl enable <servicename>

* systemctl disable <servicename>

* systemctl list-units

* systemctl list-units –all

* systemctl list-unit-files

* journalctl

* journalctl -b #Current boot log.

* journalctl -k #Kernel messages.

* systemctl status <servicename>

* journalctl -u <servicename>

* systemctl cat <servicename>

* systemctl list-unit-files –type=target

* systemctl get-default

* systemctl set-default multi-user.target

* systemctl list-dependencies multi-user.target

* systemctl isolate multi-user.target

* systemctl show sshd.service -p Conflicts

Stopping or Rebooting the Server:

* systemctl poweroff #poweroff the Server

* systemctl reboot #reboot the system.

* systemctl rescue #boot to rescue mode.

Starting and Stopping Services:

* systemctl start application.service

* systemctl start applications

* systemctl stop application.service

Restarting and Reloading:

* systemctl restart application.service

* systemctl reload application.service

* systemctl reload-or-restart application.service

Enabling and Disabling services:

* systemctl enable application.service

* systemctl disable application.service

Checking the Status of services:

* systemctl status application.service

* systemctl is-active application.service

* systemctl is-enabled application.service

* systemctl is-failed application.service

* systemctl list-units –all –state=inactive

Masking and Unmasking units:

* systemctl mask application.service

* systemctl unmask application.service

Logs:

* journalctl –list-boots

* journalctl –since yesterday

* journalctl _PID=<PID_NUMBER>

* man systemd.journal-fields

* journalctl -F _PID

* journalctl /usr/bin/bash

[Priority]

* journalctl -p err -b

0: emerg
1: alert
2: crit
3: err
4: warning
5: notice
6: info
7: debug

* journalclt –no-pager #output to stdout

* journalctl -b -u shhd -o json

* journalctl -n #display last 10 lines.

* journalctl -n 20 #display last 20 lines.

* journalctl -f #following logs.

* journalctl –disk-usage

* journalctl –vacuum-size=1G

* journalctl –vacuum-time=1years

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s