[In draft stage]
This blog is a notes on systemd which I have noted down while reading a online documnet https://n0where.net/understanding-systemd/ and through man pages.Will keep updating it.
implicit dependency mapping
instances and templates
easy security hardening
drop-ins and snippets – Override the Vanila units.
service file location:
/lib/systemd/system/ – The systemd unit files are stored.
/etc/systemd/system/ – overrides above services if the same service name.
/run/systemd/system/ – runtime units.
Unit file types:
.service – for daemons and applications.
.socket – for socket activation.
.target – system states.
.path – path based activation ‘inotify’.
.timer – manage jobs with time. cron type.
.snapshot – system current state snapshot.
.slice – Resource isolation with cgroups for users.
Requires=: This directive lists any units upon which this unit essentially depends. If the current unit is activated, the units listed here must successfully activate as well, else this unit will fail. These units are started in parallel with the current unit by default.
Wants=: This directive is similar to Requires=, but less strict. Systemd will attempt to start any units listed here when this unit is activated. If these units are not found or fail to start, the current unit will continue to function.
BindsTo=: This directive is similar to Requires=, but also causes the current unit to stop when the associated unit terminates.
Before=: The units listed in this directive will not be started until the current unit is marked as started if they are activated at the same time.
After=: The units listed in this directive will be started before starting the current unit. This does not imply a dependency relationship and one must be established through the above directives if this is required.
Conflicts=: This can be used to list units that cannot be run at the same time as the current unit.
Only units that can be enabled will have this section.
The [Service] section is used to provide configuration that is only applicable for services.
simple: exestart is the main process.
forking: exestart is the parent process which might exit by launching child process.
oneshot: wait till comeples this process, its very short term ;).
dbus: wait untill the bus name is created.
notify: notifies systemd after started successfully.
idle: This indicates that the service will not be run until all jobs are dispatched.
Additional Directives in Service:
Directives for Managing services:
ExecStart=: full path to the binary which needs to be executed.
ExecStartPre=: path to the app, to run before the main process.
ExecStartPost=: path to the app, to run after the main process created.
ExecReload=: path to the app, to reload the service.
ExecStop=: path to the app, to stop the process.
ExecStopPost=: execute after stop.
RestartSec=: time to wait before restarting the process.
Restart=: restart the process on event.
TimeoutSec=: time of waiting to declare the process is failed to start/stop.
ListenStream=: stream socket address.
ListenDatagram=: datagram socket address.
ListenSequentialPacket=: sequential, reliable communication with max length datagrams that preserves message boundaries
Accept=: to control creating instances for each connections.
SocketUser=: root user if left unset.
SocketGroup=: group owner of the socket, root if unset.
What=: Takes an absolute path of a device node
Where=: The absolute path of the mount point where the resource should be mounted.
Type=: Filesystem type.
Options=: Any mount options that need to be applied. This is a comma-separated list.
TimeoutSec=: Configures the amount of time the system will wait until the mount operation is marked as failed.
What=: Absolute path to the location of swap space.
Options=: options sets in /etc/fstab
Unit=: This directive is used to specify the unit that should be activated when the timer elapses. If unset, systemd will look for a .service unit with a name that matches this unit.
%n: Full resulting unit name.
%p: Unit name prefix.
%i: This references the instance name, which is the identifier following the @ in the instance unit.
%c: Control group of the unit.
%u: Name of the user configured to run the unit.
%U: Name of the user, but as UID – numeric.
%H: Hostname of the running system.
%%: To insert the literal percentage.
* systemctl start <servicename>
* systemctl stop <servicename>
* systemctl restart <servicename>
* systemctl reload <servicename>
* systemctl enable <servicename>
* systemctl disable <servicename>
* systemctl list-units
* systemctl list-units –all
* systemctl list-unit-files
* journalctl -b #Current boot log.
* journalctl -k #Kernel messages.
* systemctl status <servicename>
* journalctl -u <servicename>
* systemctl cat <servicename>
* systemctl list-unit-files –type=target
* systemctl get-default
* systemctl set-default multi-user.target
* systemctl list-dependencies multi-user.target
* systemctl isolate multi-user.target
* systemctl show sshd.service -p Conflicts
Stopping or Rebooting the Server:
* systemctl poweroff #poweroff the Server
* systemctl reboot #reboot the system.
* systemctl rescue #boot to rescue mode.
Starting and Stopping Services:
* systemctl start application.service
* systemctl start applications
* systemctl stop application.service
Restarting and Reloading:
* systemctl restart application.service
* systemctl reload application.service
* systemctl reload-or-restart application.service
Enabling and Disabling services:
* systemctl enable application.service
* systemctl disable application.service
Checking the Status of services:
* systemctl status application.service
* systemctl is-active application.service
* systemctl is-enabled application.service
* systemctl is-failed application.service
* systemctl list-units –all –state=inactive
Masking and Unmasking units:
* systemctl mask application.service
* systemctl unmask application.service
* journalctl –list-boots
* journalctl –since yesterday
* journalctl _PID=<PID_NUMBER>
* man systemd.journal-fields
* journalctl -F _PID
* journalctl /usr/bin/bash
* journalctl -p err -b
* journalclt –no-pager #output to stdout
* journalctl -b -u shhd -o json
* journalctl -n #display last 10 lines.
* journalctl -n 20 #display last 20 lines.
* journalctl -f #following logs.
* journalctl –disk-usage
* journalctl –vacuum-size=1G
* journalctl –vacuum-time=1years