Difference between revisions of "Systemd"
(→Migration from SysVinit/initscripts: marked section for deletion. refer to Talk:Systemd#systemd_no_longer_supports_initscripts)
|Line 112:||Line 112:|
=== Power management ===
=== Power management ===
[[polkit]] is necessary for power management. If you are in a local ''systemd-logind'' user session and no other session is active, the following commands will work without root privileges. If not (for example, because another user is logged into a tty), ''systemd'' will automatically ask you for the root password.
[[polkit]] is necessary for power management . If you are in a local ''systemd-logind'' user session and no other session is active, the following commands will work without root privileges. If not (for example, because another user is logged into a tty), ''systemd'' will automatically ask you for the root password.
Shut down and reboot the system:
Shut down and reboot the system:
Revision as of 16:38, 7 December 2013
From the project web page:
- systemd is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, supports snapshotting and restoring of the system state, maintains mount and automount points and implements an elaborate transactional dependency-based service control logic.
- 1 Basic systemctl usage
- 2 Native configuration
- 3 Writing custom .service files
- 4 Targets
- 5 Temporary files
- 6 Timers
- 7 Journal
- 8 Migration from SysVinit/initscripts
- 9 Troubleshooting
- 10 See also
Basic systemctl usage
The main command used to introspect and control systemd is systemctl. Some of its uses are examining the system state and managing the system and services. See
man 1 systemctl for more details.
-H user@hostswitch to control a systemd instance on a remote machine. This will use SSH to connect to the remote systemd instance.
Analyzing the system state
List running units:
$ systemctl list-units
List failed units:
$ systemctl --failed
The available unit files can be seen in
/etc/systemd/system/ (the latter takes precedence). You can see a list of the installed unit files with:
$ systemctl list-unit-files
Units can be, for example, services (.service), mount points (.mount), devices (.device) or sockets (.socket).
When using systemctl, you generally have to specify the complete name of the unit file, including its suffix, for example sshd.socket. There are however a few short forms when specifying the unit in the following systemctl commands:
- If you do not specify the suffix, systemctl will assume .service. For example,
- Mount points will automatically be translated into the appropriate .mount unit. For example, specifying
/homeis equivalent to
- Similar to mount points, devices are automatically translated into the appropriate .device unit, therefore specifying
/dev/sda2is equivalent to
man systemd.unit for details.
Activate a unit immediately:
# systemctl start unit
Deactivate a unit immediately:
# systemctl stop unit
Restart a unit:
# systemctl restart unit
Ask a unit to reload its configuration:
# systemctl reload unit
Show the status of a unit, including whether it is running or not:
$ systemctl status unit
Check whether a unit is already enabled or not:
$ systemctl is-enabled unit
Enable a unit to be started on bootup:
# systemctl enable unit
[Install]section are usually called automatically by other services. If you need to install them manually, use the following command, replacing foo with the name of the service.
# ln -s /usr/lib/systemd/system/foo.service /etc/systemd/system/graphical.target.wants/
Disable a unit to not start during bootup:
# systemctl disable unit
Show the manual page associated with a unit (this has to be supported by the unit file):
$ systemctl help unit
Reload systemd, scanning for new or changed units:
# systemctl daemon-reload
polkit is necessary for power management as an unprivileged user. If you are in a local systemd-logind user session and no other session is active, the following commands will work without root privileges. If not (for example, because another user is logged into a tty), systemd will automatically ask you for the root password.
Shut down and reboot the system:
$ systemctl reboot
Shut down and power-off the system:
$ systemctl poweroff
Suspend the system:
$ systemctl suspend
Put the system into hibernation:
$ systemctl hibernate
Put the system into hybrid-sleep state (or suspend-to-both):
$ systemctl hybrid-sleep
The virtual console (keyboard mapping, console font and console map) is configured in
/etc/vconsole.conf or by using the localectl tool.
The default setup will automatically fsck and mount filesystems before starting services that need them to be mounted. For example, systemd automatically makes sure that remote filesystem mounts like NFS or Samba are only started after the network has been set up. Therefore, local and remote filesystem mounts specified in
/etc/fstab should work out of the box.
man 5 systemd.mount for details.
If you have a large
/home partition, it might be better to allow services that do not depend on
/home to start while
/home is checked by fsck. This can be achieved by adding the following options to the
/etc/fstab entry of your
This will fsck and mount
/home when it is first accessed, and the kernel will buffer all file access to
/home until it is ready.
autofs, which is ignored by mlocate by default. The speedup of automounting
/homemay not be more than a second or two, depending on your system, so this trick may not be worth it.
The same applies to remote filesystem mounts. If you want them to be mounted only upon access, you will need to use the
noauto,x-systemd.automount parameters. In addition, you can use the
x-systemd.device-timeout=# option to specify a timeout in case the network resource is not available.
If you have encrypted filesystems with keyfiles, you can also add the
noauto parameter to the corresponding entries in
/etc/crypttab. systemd will then not open the encrypted device on boot, but instead wait until it is actually accessed and then automatically open it with the specified keyfile before mounting it. This might save a few seconds on boot if you are using an encrypted RAID device for example, because systemd does not have to wait for the device to become available. For example:
data /dev/md0 /root/key noauto
Writing custom .service files
The syntax of systemd's unit files is inspired by XDG Desktop Entry Specification .desktop files, which are in turn inspired by Microsoft Windows .ini files.
See systemd/Services for more examples.
With systemd, dependencies can be resolved by designing the unit files correctly. The most typical case is that the unit A requires the unit B to be running before A is started. In that case add
After=B to the
[Unit] section of A. If the dependency is optional, add
After=B instead. Note that
Requires= do not imply
After=, meaning that if
After= is not specified, the two units will be started in parallel.
Dependencies are typically placed on services and not on targets. For example, network.target is pulled in by whatever service configures your network interfaces, therefore ordering your custom unit after it is sufficient since network.target is started anyway.
There are several different start-up types to consider when writing a custom service file. This is set with the
Type= parameter in the
[Service] section. See
man systemd.service for a more detailed explanation.
Type=simple(default): systemd considers the service to be started up immediately. The process must not fork. Do not use this type if other services need to be ordered on this service, unless it is socket activated.
Type=forking: systemd considers the service started up once the process forks and the parent has exited. For classic daemons use this type unless you know that it is not necessary. You should specify
PIDFile=as well so systemd can keep track of the main process.
Type=oneshot: this is useful for scripts that do a single job and then exit. You may want to set
RemainAfterExit=yesas well so that systemd still considers the service as active after the process has exited.
Type=notify: identical to
Type=simple, but with the stipulation that the daemon will send a signal to systemd when it is ready. The reference implementation for this notification is provided by libsystemd-daemon.so.
Type=dbus: the service is considered ready when the specified
BusNameappears on DBus's system bus.
Editing provided unit files
To edit a unit file provided by a package, you can create a directory called
/etc/systemd/system/unit.d/ for example
/etc/systemd/system/httpd.service.d/ and place *.conf files in there to override or add new options. systemd will parse these *.conf files and apply them on top of the original unit. For example, if you simply want to add an additional dependency to a unit, you may create the following file:
[Unit] Requires=new dependency After=new dependency
As another example, in order to replace the
ExecStart directive for a unit that is not of type
oneshot, create the following file:
[Service] ExecStart= ExecStart=new command
One more example to automatically restart a service:
[Service] Restart=always RestartSec=30
Then run the following for your changes to take effect:
# systemctl daemon-reload # systemctl restart unit
Alternatively you can copy the old unit file from
/etc/systemd/system/ and make your changes there. A unit file in
/etc/systemd/system/ always overrides the same unit in
/usr/lib/systemd/system/. Note that when the original unit in
/usr/lib/ is changed due to a package upgrade, these changes will not automatically apply to your custom unit file in
/etc/. Additionally you will have to manually reenable the unit with
systemctl reenable unit. It is therefore recommended to use the *.conf method described before instead.
As the provided unit files will be updated from time to time, use systemd-delta for system maintenance.
Syntax highlighting for units within Vim
systemd uses targets which serve a similar purpose as runlevels but act a little different. Each target is named instead of numbered and is intended to serve a specific purpose with the possibility of having multiple ones active at the same time. Some targets are implemented by inheriting all of the services of another target and adding additional services to it. There are systemd targets that mimic the common SystemVinit runlevels so you can still switch targets using the familiar
telinit RUNLEVEL command.
Get current targets
The following should be used under systemd instead of running
$ systemctl list-units --type=target
Create custom target
The runlevels that are assigned a specific purpose on vanilla Fedora installs; 0, 1, 3, 5, and 6; have a 1:1 mapping with a specific systemd target. Unfortunately, there is no good way to do the same for the user-defined runlevels like 2 and 4. If you make use of those it is suggested that you make a new named systemd target as
/etc/systemd/system/your target that takes one of the existing runlevels as a base (you can look at
/usr/lib/systemd/system/graphical.target as an example), make a directory
/etc/systemd/system/your target.wants, and then symlink the additional services from
/usr/lib/systemd/system/ that you wish to enable.
|SysV Runlevel||systemd Target||Notes|
|0||runlevel0.target, poweroff.target||Halt the system.|
|1, s, single||runlevel1.target, rescue.target||Single user mode.|
|2, 4||runlevel2.target, runlevel4.target, multi-user.target||User-defined/Site-specific runlevels. By default, identical to 3.|
|3||runlevel3.target, multi-user.target||Multi-user, non-graphical. Users can usually login via multiple consoles or via the network.|
|5||runlevel5.target, graphical.target||Multi-user, graphical. Usually has all the services of runlevel 3 plus a graphical login.|
Change current target
In systemd targets are exposed via target units. You can change them like this:
# systemctl isolate graphical.target
This will only change the current target, and has no effect on the next boot. This is equivalent to commands such as
telinit 3 or
telinit 5 in Sysvinit.
Change default target to boot into
The standard target is default.target, which is aliased by default to graphical.target (which roughly corresponds to the old runlevel 5). To change the default target at boot-time, append one of the following kernel parameters to your bootloader:
systemd.unit=multi-user.target(which roughly corresponds to the old runlevel 3),
systemd.unit=rescue.target(which roughly corresponds to the old runlevel 1).
Alternatively, you may leave the bootloader alone and change default.target. This can be done using systemctl:
# systemctl enable multi-user.target
The effect of this command is output by systemctl; a symlink to the new default target is made at
/etc/systemd/system/default.target. This works if, and only if:
is in the target's configuration file. Currently, multi-user.target and graphical.target both have it.
"systemd-tmpfiles creates, deletes and cleans up volatile and temporary files and directories." It reads configuration files in
/usr/lib/tmpfiles.d/ to discover which actions to perform. Configuration files in the former directory take precedence over those in the latter directory.
Configuration files are usually provided together with service files, and they are named in the style of
/usr/lib/tmpfiles.d/program.conf. For example, the Samba daemon expects the directory
/run/samba to exist and to have the correct permissions. Therefore, the package ships with this configuration:
D /run/samba 0755 root root
Configuration files may also be used to write values into certain files on boot. For example, if you used
/etc/rc.local to disable wakeup from USB devices with
echo USBE > /proc/acpi/wakeup, you may use the following tmpfile instead:
w /proc/acpi/wakeup - - - - USBE
tmpfiles.d(5) man pages for details.
/syssince the systemd-tmpfiles-setup service may run before the appropriate device modules is loaded. In this case you could check whether the module has a parameter for the option you want to set with
modinfo moduleand set this option with a config file in /etc/modprobe.d. Otherwise you will have to write a udev rule to set the appropriate attribute as soon as the device appears.
Systemd can replace cron functionality to a great extent. For further information, please refer to systemd/cron functionality.
systemd has its own logging system called the journal; therefore, running a syslog daemon is no longer required. To read the log, use:
As in Arch Linux the directory
/var/log/journal/ is part of the systemd package, the journal (when
Storage= is set to
/etc/systemd/journald.conf) will write to
/var/log/journal/. If you or some program delete that directory, systemd will not recreate it automatically; however, it will be recreated during the next update of the systemd package. Until then, logs will be written to
/run/systemd/journal, and logs will be lost on reboot.
/var/log/journal/resides in a btrfs filesystem you should consider disabling Copy-on-Write for the directory:
# chattr +C /var/log/journal
journalctl allows you to filter the output by specific fields. Be aware that if there are many messages to display or filtering of large time span has to be done, the output of this command can be delayed for quite some time.
Show all messages from this boot:
# journalctl -b
However, often one is interested in messages not from the current, but from the previous boot (e.g. if an unrecoverable system crash happened). This is possible through optional offset parameter of the
journalctl -b -0 shows messages from the current boot,
journalctl -b -1 from the previous boot,
journalctl -b -2 from the second previous and so on. See
man 1 journalctl for full description, the semantics is much more powerful.
Follow new messages:
# journalctl -f
Show all messages by a specific executable:
# journalctl /usr/lib/systemd/systemd
Show all messages by a specific process:
# journalctl _PID=1
Show all messages by a specific unit:
# journalctl -u netcfg
Show kernel ring buffer:
# journalctl _TRANSPORT=kernel
man 1 journalctl,
man 7 systemd.journal-fields, or Lennert's blog post for details.
Journal size limit
If the journal is persistent (non-volatile), its size limit is set to a default value of 10% of the size of the respective file system. For example, with
/var/log/journal located on a 50 GiB root partition this would lead to 5 GiB of journal data. The maximum size of the persistent journal can be controlled by
/etc/systemd/journald.conf, so to limit it for example to 50 MiB uncomment and edit the corresponding line to:
man journald.conf for more info.
Journald in conjunction with syslog
Compatibility with classic syslog implementations is provided via a socket
/run/systemd/journal/syslog, to which all messages are forwarded. To make the syslog daemon work with the journal, it has to bind to this socket instead of
/dev/log (official announcement). The package in the repositories automatically provides the necessary configuration.
# systemctl enable syslog-ng
A good journalctl tutorial is here.
Forward journald to /dev/tty12
/etc/systemd/journald.conf enable the following:
ForwardToConsole=yes TTYPath=/dev/tty12 MaxLevelConsole=info
Restart journald with
sudo systemctl restart systemd-journald.
Migration from SysVinit/initscripts
- 2012-10-13. This section is aimed at Arch Linux installations that still rely on sysvinit and initscripts. and are both installed by default on installation media newer than
- If you are running Arch Linux inside a VPS, please see Virtual Private Server#Moving your VPS from initscripts to systemd.
Considerations before switching
- Do some reading about systemd.
- Note the fact that systemd has a journal system that replaces syslog, although the two can co-exist. See #Journal.
- While systemd can replace some of the functionality of cron, acpid, or xinetd, there is no need to switch away from using the traditional daemons unless you want to.
- Interactive initscripts are not working with systemd. In particular, netcfg-menu cannot be used at system start-up (FS#31377).
- Install from the official repositories.
- Append the following to your kernel parameters:
- Once completed you may enable any desired services via the use of
systemctl enable service_name(this roughly equates to what you included in the
DAEMONSarray. New names can be found in Daemons List).
- Reboot your system and verify that systemd is currently active by issuing the following command:
cat /proc/1/comm. This should return the string
- Make sure your hostname is set correctly under systemd:
hostnamectl set-hostname myhostnameor
- Proceed to remove initscripts and sysvinit from your system and install .
- Optionally, remove the
init=/usr/lib/systemd/systemdparameter. It is no longer needed because provides a symlink to systemd's init where sysvinit used to be.
- If you have
quietin your kernel parameters, you might want to remove it for your first couple of systemd boots, to assist with identifying any issues during boot.
- It is not necessary to add your user to groups (
power, etc.) for most use cases with systemd. The groups can even cause some functionality to break. For example, the
audiogroup will break fast user switching and allows applications to block software mixing. Every PAM login provides a logind session, which for a local session will give you permissions via POSIX ACLs on audio/video devices, and allow certain operations like mounting removable storage via udisks.
- See the Network Configuration article for how to set up networking targets.
Investigating systemd errors
As an example, we will investigate an error with
1. Lets find the systemd services which fail to start:
$ systemctl --state=failed
systemd-modules-load.service loaded failed failed Load Kernel Modules
2. Ok, we found a problem with
systemd-modules-load service. We want to know more:
$ systemctl status systemd-modules-load
systemd-modules-load.service - Load Kernel Modules Loaded: loaded (/usr/lib/systemd/system/systemd-modules-load.service; static) Active: failed (Result: exit-code) since So 2013-08-25 11:48:13 CEST; 32s ago Docs: man:systemd-modules-load.service(8). man:modules-load.d(5) Process: 15630 ExecStart=/usr/lib/systemd/systemd-modules-load (code=exited, status=1/FAILURE)
3. Now we have the process id (PID) to investigate this error in depth. Enter the following command with the current
Process ID (here: 15630):
$ journalctl -b _PID=15630
-- Logs begin at Sa 2013-05-25 10:31:12 CEST, end at So 2013-08-25 11:51:17 CEST. -- Aug 25 11:48:13 mypc systemd-modules-load: Failed to find module 'blacklist usblp' Aug 25 11:48:13 mypc systemd-modules-load: Failed to find module 'install usblp /bin/false'
4. We see that some of the kernel module configs have wrong settings. Therefore we have a look at these settings in
$ ls -Al /etc/modules-load.d/
... -rw-r--r-- 1 root root 79 1. Dez 2012 blacklist.conf -rw-r--r-- 1 root root 1 2. Mär 14:30 encrypt.conf -rw-r--r-- 1 root root 3 5. Dez 2012 printing.conf -rw-r--r-- 1 root root 6 14. Jul 11:01 realtek.conf -rw-r--r-- 1 root root 65 2. Jun 23:01 virtualbox.conf ...
Failed to find module 'blacklist usblp' error message might be related to a wrong setting inside of
blacklist.conf. Lets deactivate it with inserting a trailing # before each option we found via step 3:
# blacklist usblp # install usblp /bin/false
6. Now, try to start
$ systemctl start systemd-modules-load.service
If it was successful, this shouldn't prompt anything. If you see any error, go back to step 3. and use the new PID for solving the errors left.
If everything is ok, you can verify that the service was started successfully with:
$ systemctl status systemd-modules-load
systemd-modules-load.service - Load Kernel Modules Loaded: loaded (/usr/lib/systemd/system/systemd-modules-load.service; static) Active: active (exited) since So 2013-08-25 12:22:31 CEST; 34s ago Docs: man:systemd-modules-load.service(8) man:modules-load.d(5) Process: 19005 ExecStart=/usr/lib/systemd/systemd-modules-load (code=exited, status=0/SUCCESS) Aug 25 12:22:31 mypc systemd: Started Load Kernel Modules.
Often you can solve these kind of problems like shown above. For further investigation look at Diagnosing boot problems.
Diagnosing boot problems
Boot with these parameters on the kernel command line:
systemd.log_level=debug systemd.log_target=kmsg log_buf_len=1M
Shutdown/reboot takes terribly long
If the shutdown process takes a very long time (or seems to freeze) most likely a service not exiting is to blame. systemd waits some time for each service to exit before trying to kill it. To find out if you are affected, see this article.
Short lived processes do not seem to log any output
journalctl -u foounit does not show any output for a short lived service, look at the PID instead. For example, if
systemd-modules-load.service fails, and
systemctl status systemd-modules-load shows that it ran as PID 123, then you might be able to see output in the journal for that PID, i.e.
journalctl -b _PID=123. Metadata fields for the journal such as _SYSTEMD_UNIT and _COMM are collected asynchronously and rely on the
/proc directory for the process existing. Fixing this requires fixing the kernel to provide this data via a socket connection, similar to SCM_CREDENTIALS.
Disabling application crash dumps journaling
Run the following in order to overwrite the settings from
# ln -s /dev/null /etc/sysctl.d/50-coredump.conf # sysctl kernel.core_pattern=core
This will disable logging of coredumps to the journal.
Note that the default RLIMIT_CORE of 0 means that no core files are written, either. If you want them, you also need to "unlimit" the core file size in the shell:
$ ulimit -c unlimited
- Official web site
- Wikipedia article
- Manual pages
- systemd optimizations
- Tips and tricks
- systemd for Administrators (PDF)
- About systemd on Fedora Project
- How to debug systemd problems
- Two part introductory article in The H Open magazine.
- Lennart's blog story
- Status update
- Status update2
- Status update3
- Most recent summary
- Fedora's SysVinit to systemd cheatsheet
- Configuring systemd to allow normal users to shutdown