Difference between revisions of "Systemd"

From ArchWiki
Jump to navigation Jump to search
m (→‎FAQ: fix --noclear option name)
(fixed section fragments (interactive))
Tag: wiki-scripts
 
Line 1: Line 1:
 
{{Lowercase title}}
 
{{Lowercase title}}
[[Category:Daemons and system services]]
+
[[Category:Daemons]]
[[Category:Boot process]]
+
[[Category:Init]]
 +
[[ar:Systemd]]
 +
[[de:Systemd]]
 +
[[el:Systemd]]
 +
[[es:Systemd]]
 +
[[fa:Systemd]]
 
[[fr:Systemd]]
 
[[fr:Systemd]]
{{i18n|Systemd}}
+
[[it:Systemd]]
 +
[[ja:Systemd]]
 +
[[pt:Systemd]]
 +
[[ru:Systemd]]
 +
[[zh-hans:Systemd]]
 +
[[zh-hant:Systemd]]
 +
{{Related articles start}}
 +
{{Related|systemd/User}}
 +
{{Related|systemd/Timers}}
 +
{{Related|systemd/Journal}}
 +
{{Related|systemd FAQ}}
 +
{{Related|init}}
 +
{{Related|Daemons}}
 +
{{Related|udev}}
 +
{{Related|Improving performance/Boot process}}
 +
{{Related|Allow users to shutdown}}
 +
{{Related articles end}}
  
{{Article summary start}}
+
From the [https://freedesktop.org/wiki/Software/systemd/ project web page]:
{{Article summary text|'''systemd''' is a system and service manager for Linux, compatible with SysV and LSB init scripts. systemd provides aggressive parallelization capabilities, uses socket and [[D-Bus]] activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux [[cgroups]], supports snapshotting and restoring of the system state, maintains mount and automount points and implements an elaborate transactional dependency-based service control logic. It can work as a drop-in replacement for sysvinit.}}
 
  
{{Article summary heading|Related}}
+
:''systemd'' is a suite of basic building blocks for a Linux system. It provides a system and service manager that runs as PID 1 and starts the rest of the system. systemd provides aggressive parallelization capabilities, uses socket and [[D-Bus]] activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux [[control groups]], maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. ''systemd'' supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts include a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users and running containers and virtual machines, system accounts, runtime directories and settings, and daemons to manage simple network configuration, network time synchronization, log forwarding, and name resolution.
{{Article summary wiki|Systemd/Services}}
 
{{Article summary end}}
 
  
See [http://0pointer.de/blog/projects/systemd.html Lennart's blog story] for a longer introduction, the two [http://0pointer.de/blog/projects/systemd-update.html status] [http://0pointer.de/blog/projects/systemd-update-2.html updates] since then, and the [http://0pointer.de/blog/projects/why.html most recent summary]. Also see the [http://en.wikipedia.org/wiki/Systemd Wikipedia article] and the [http://freedesktop.org/wiki/Software/systemd project web page].
+
{{Note|1=For a detailed explanation of why Arch moved to ''systemd'', see [https://bbs.archlinux.org/viewtopic.php?pid=1149530#p1149530 this forum post].}}
  
== Installation ==
+
== Basic systemctl usage  ==
To try out systemd on Arch you need to:
 
  
* install {{Pkg|systemd}} (and its dependencies) from [core]
+
The main command used to introspect and control ''systemd'' is ''systemctl''. Some of its uses are examining the system state and managing the system and services. See {{man|1|systemctl}} for more details.
* add {{Ic|1=init=/bin/systemd}} to your kernel cmdline in your bootloader
 
  
systemd can be installed side-by-side with the regular Arch Linux initscripts, and they can be toggled by adding/removing the {{Ic|1=init=/bin/systemd}} kernel parameter. If you want a pure systemd setup you can remove {{Pkg|initscripts}} and install {{Pkg|systemd-sysvcompat}} which provides symlinks for {{ic|init}}, {{ic|reboot}} etc. You will then not have to specify the {{ic|1=init=}} parameter on your kernel cmdline.
+
{{Tip|
 +
* You can use all of the following ''systemctl'' commands with the {{ic|-H ''user''@''host''}} switch to control a ''systemd'' instance on a remote machine. This will use [[SSH]] to connect to the remote ''systemd'' instance.
 +
* [[Plasma]] users can install {{AUR|systemd-kcm}} as a graphical frontend for ''systemctl''. After installing the module will be added under ''System administration''.
 +
}}
 +
 
 +
=== Analyzing the system state ===
 +
 
 +
Show '''system status''' using:
 +
 
 +
$ systemctl status
 +
 
 +
'''List running''' units:
 +
 
 +
$ systemctl
 +
 
 +
or:
 +
 
 +
$ systemctl list-units
 +
 
 +
'''List failed''' units:
  
To take advantage of the systemd way of starting services, you might also want to install the {{Pkg|systemd-arch-units}} package.
+
$ systemctl --failed
  
{{Warning|udev and many other pieces of software expect {{ic|/usr}} to be mounted and available at bootup. If your {{Ic|/usr}} is on a separate partition, you will need to make accommodations to mount it from the initramfs and unmount it from a pivoted root on shutdown. See [[Mkinitcpio#/usr_as_a_separate_partition|the mkinitcpio wiki page]] and [http://www.freedesktop.org/wiki/Software/systemd/separate-usr-is-broken freedesktop.org#separate-usr-is-broken]}}
+
The available unit files can be seen in {{ic|/usr/lib/systemd/system/}} and {{ic|/etc/systemd/system/}} (the latter takes precedence). '''List installed''' unit files with:
  
== Native systemd configuration files ==
+
$ systemctl list-unit-files
=== Add a hostname ===
 
{{hc|/etc/hostname|myhostname}}
 
  
=== Console and keymap settings ===
+
Show the [[cgroups|cgroup slice]], memory and parent for a PID:
The {{ic|/etc/vconsole.conf}} file configures the virtual console, i.e. keyboard mapping and console font.
 
{{hc|/etc/vconsole.conf|<nowiki>
 
KEYMAP=us
 
FONT=lat9w-16
 
FONT_MAP=8859-1_to_uni</nowiki>}}
 
  
=== Locale settings ===
+
$ systemctl status ''pid''
Read {{ic|man locale.conf}} for more options
 
{{hc|/etc/locale.conf|<nowiki>
 
LANG=en_US.UTF-8
 
LC_COLLATE=C</nowiki>}}
 
  
=== Set timezone ===
+
=== Using units ===
{{hc|/etc/timezone|Europe/Minsk}}
 
{{Note|This file does not obviate the need for /etc/localtime.}}
 
  
=== Configure kernel modules to load during boot ===
+
Units can be, for example, services (''.service''), mount points (''.mount''), devices (''.device'') or sockets (''.socket'').
systemd uses {{ic|/etc/modules-load.d/}} to configure kernel modules to load during boot in a static list. Each configuration file is named in the style of {{ic|/etc/modules-load.d/<program>.conf}}. The configuration files should simply contain a list of kernel module names to load, separated by newlines. Empty lines and lines whose first non-whitespace character is {{ic|#}} or {{ic|;}} are ignored. Example:
 
{{hc|/etc/modules-load.d/virtio-net.conf|<nowiki>
 
# Load virtio-net.ko at boot
 
virtio-net</nowiki>}}
 
See also [[Modprobe#Options]]
 
  
=== Configure kernel modules blacklist ===
+
When using ''systemctl'', you generally have to specify the complete name of the unit file, including its suffix, for example {{ic|sshd.socket}}. There are however a few short forms when specifying the unit in the following ''systemctl'' commands:
Module blacklisting works the same way as with {{Pkg|initscripts}} since it is actually handled by {{Pkg|kmod}}, see [[Kernel_modules#Blacklisting|Module Blacklisting]] for details.
 
  
=== Describe temporary files ===
+
* If you do not specify the suffix, systemctl will assume ''.service''. For example, {{ic|netctl}} and {{ic|netctl.service}} are equivalent.
Systemd-tmpfiles uses the configuration files in {{ic|/etc/tmpfiles.d/}} to describe the creation, cleaning and removal of volatile and temporary files and directories which usually reside in directories such as {{ic|/run}} or {{ic|/tmp}}. Each configuration file is named in the style of {{ic|/etc/tmpfiles.d/<program>.conf}}. This will also override any files in {{ic|/usr/lib/tmpfiles.d/}} with the same name.
+
* Mount points will automatically be translated into the appropriate ''.mount'' unit. For example, specifying {{ic|/home}} is equivalent to {{ic|home.mount}}.
 +
* Similar to mount points, devices are automatically translated into the appropriate ''.device'' unit, therefore specifying {{ic|/dev/sda2}} is equivalent to {{ic|dev-sda2.device}}.
  
tmpfiles are usually provided together with service files to create directories which are expected to exist by certain daemons. For example the [[Samba]] daemon expects the directory {{ic|/var/run/samba}} to exist and to have the correct permissions. The corresponding tmpfile looks like this:
+
See {{man|5|systemd.unit}} for details.
{{hc|/usr/lib/tmpfiles.d/samba.conf|
+
 
D /var/run/samba 0755 root root
+
{{Note|Some unit names contain an {{ic|@}} sign (e.g. {{ic|name@''string''.service}}): this means that they are [http://0pointer.de/blog/projects/instances.html instances] of a ''template'' unit, whose actual file name does not contain the {{ic|''string''}} part (e.g. {{ic|name@.service}}). {{ic|''string''}} is called the ''instance identifier'', and is similar to an argument that is passed to the template unit when called with the ''systemctl'' command: in the unit file it will substitute the {{ic|%i}} specifier.
 +
 
 +
To be more accurate, ''before'' trying to instantiate the {{ic|name@.suffix}} template unit, ''systemd'' will actually look for a unit with the exact {{ic|name@string.suffix}} file name, although by convention such a "clash" happens rarely, i.e. most unit files containing an {{ic|@}} sign are meant to be templates. Also, if a template unit is called without an instance identifier, it will just fail, since the {{ic|%i}} specifier cannot be substituted.}}
 +
 
 +
{{Tip|
 +
* Most of the following commands also work if multiple units are specified, see {{man|1|systemctl}} for more information.
 +
* The {{ic|--now}} switch can be used in conjunction with {{ic|enable}}, {{ic|disable}}, and {{ic|mask}} to respectively start, stop, or mask the unit ''immediately'' rather than after rebooting.
 +
* A package may offer units for different purposes. If you just installed a package, {{ic|pacman -Qql ''package'' <nowiki>|</nowiki> grep -Fe .service -e .socket}} can be used to check and find them.
 
}}
 
}}
  
However, tmpfiles may also be used to write values into certain files on boot. For example, if you use {{ic|/etc/rc.local}} to disable wakeup from USB devices with {{ic|echo USBE > /proc/acpi/wakeup}}, you may use the following tmpfile instead:
+
'''Start''' a unit immediately:
{{hc|/etc/tmpfiles.d/disable-usb-wake.conf|
+
 
w /proc/acpi/wakeup - - - - USBE
+
# systemctl start ''unit''
}}
+
 
The tmpfiles method is recommended in this case since systemd doesn't actually support {{ic|/etc/rc.local}}.
+
'''Stop''' a unit immediately:
 +
 
 +
# systemctl stop ''unit''
 +
 
 +
'''Restart''' a unit:
 +
 
 +
# systemctl restart ''unit''
 +
 
 +
Ask a unit to '''reload''' its configuration:
 +
 
 +
# systemctl reload ''unit''
 +
 
 +
Show the '''status''' of a unit, including whether it is running or not:
 +
 
 +
$ systemctl status ''unit''
 +
 
 +
'''Check''' whether a unit is already enabled or not:
 +
 
 +
$ systemctl is-enabled ''unit''
 +
 
 +
'''Enable''' a unit to be started on '''bootup''':
 +
 
 +
# systemctl enable ''unit''
 +
 
 +
'''Enable''' a unit to be started on '''bootup''' and '''Start''' immediately:
 +
 
 +
# systemctl enable --now ''unit''
 +
 
 +
'''Disable''' a unit to not start during bootup:
 +
 
 +
# systemctl disable ''unit''
 +
 
 +
'''Mask''' a unit to make it impossible to start it (both manually and as a dependency, which makes masking dangerous):
 +
 
 +
# systemctl mask ''unit''
 +
 
 +
'''Unmask''' a unit:
 +
 
 +
# systemctl unmask ''unit''
 +
 
 +
Show the '''manual page''' associated with a unit (this has to be supported by the unit file):
 +
 
 +
$ systemctl help ''unit''
 +
 
 +
'''Reload ''systemd'' ''' manager configuration, scanning for '''new or changed units''':
 +
 
 +
{{Note|This does not ask the changed units to reload their own configurations. See {{ic|reload}} example above.}}
 +
 
 +
# systemctl daemon-reload
 +
 
 +
=== Power management ===
 +
 
 +
[[polkit]] is necessary for power management as an unprivileged user. If you are in a local ''systemd-logind'' user session and no other session is active, the following commands will work without root privileges. If not (for example, because another user is logged into a tty), ''systemd'' will automatically ask you for the root password.
 +
 
 +
Shut down and reboot the system:
 +
 
 +
$ systemctl reboot
  
See {{ic|man tmpfiles.d}} for details.
+
Shut down and power-off the system:
  
=== Systemd Journal ===
+
$ systemctl poweroff
Since version 38 systemd has an own logging system, the journal.
 
  
By default, running a syslog daemon is no longer required. To read the log, use:
+
Suspend the system:
{{bc|# journalctl}}
 
The journal writes to {{ic|/run/systemd/journal}}, meaning logs will poof on reboot. For non-volatile logs, create {{ic|/var/log/journal/}}:
 
{{bc|# mkdir /var/log/journal/}}
 
  
====Journald in conjunction with a classic syslog daemon====
+
$ systemctl suspend
Compatibility with classic syslog implementations is provided via a
 
socket {{ic|/run/systemd/journal/syslog}}, to which all messages are forwarded.
 
To make the syslog daemon work with the journal, it has to bind to this socket instead of {{ic|/dev/log}} ([http://lwn.net/Articles/474968/ official announcement]). For syslog-ng change {{ic|/etc/syslog-ng/syslog-ng.conf}} source section to:
 
{{bc|<nowiki>
 
source src {
 
    unix-dgram("/run/systemd/journal/syslog");
 
    internal();
 
    file("/proc/kmsg");
 
};</nowiki>}}
 
  
and enable (or reenable) syslog-ng:
+
Put the system into hibernation:
{{bc|# systemctl enable syslog-ng.service}}
 
  
By default, journald is configured to read from {{ic|/proc/kmsg}}, but this will collide with a syslog implementation doing the same ([http://lists.freedesktop.org/archives/systemd-devel/2012-January/004310.html systemd-devel post]). Disable reading {{ic|/proc/kmsg}} by {{ic|systemd-journald}} in {{ic|/etc/systemd/journald.conf}}:
+
  $ systemctl hibernate
  ImportKernel=no
 
  
=== Network ===
+
Put the system into hybrid-sleep state (or suspend-to-both):
==== Dynamic (DHCP) ====
 
If you simply want to use DHCP for your ethernet connection, you can use {{ic|dhcpcd@.service}} from the {{Pkg|systemd-arch-units}} package.
 
To enable DHCP for {{ic|eth0}}, simply use:
 
# systemctl start dhcpcd@eth0.service
 
  
You can enable the service to automatically start at boot with:
+
  $ systemctl hybrid-sleep
  # systemctl enable dhcpcd@.service
 
Note that this will enable the service for {{ic|eth0}} by default. If you want to use another interface, you have to create the symlink manually, e.g.:
 
# ln -s '/usr/lib/systemd/system/dhcpcd@.service' '/etc/systemd/system/multi-user.target.wants/dhcpcd@eth1.service'
 
  
==== Other configurations ====
+
== Writing unit files ==
For static, wireless or advanced network configuration like bridging you can use [[netcfg]] or [[NetworkManager]] which both provide systemd service files.
 
  
If you need a static ethernet configuration, but don't want to use [[netcfg]], there is a custom service file available on the [[Systemd/Services#Network|Systemd/Services page]].
+
The syntax of ''systemd'''s [https://www.freedesktop.org/software/systemd/man/systemd.unit.html unit files] is inspired by XDG Desktop Entry Specification ''.desktop'' files, which are in turn inspired by Microsoft Windows ''.ini'' files. Unit files are loaded from multiple locations (to see the full list, run {{ic|1=systemctl show --property=UnitPath}}), but the main ones are (listed from lowest to highest precedence):
  
=== Remote filesystem mounts ===
+
* {{ic|/usr/lib/systemd/system/}}: units provided by installed packages
If you have NFS mounts listed in {{ic|/etc/fstab}} then systemd will attempt to mount them but will typically do so too early (before networking has been configured). To get the timing correct we need to tell systemd explicitly that the mount depends on networking and {{ic|rpc.statd}}. To do this, create the following file:
+
* {{ic|/etc/systemd/system/}}: units installed by the system administrator
{{hc|/etc/systemd/system/<mount-unit-name>.mount|<nowiki>
 
[Unit]
 
Description=<mountpoint>
 
Wants=rpc-statd.service
 
After=network.target rpc-statd.service
 
 
[Mount]
 
What=<server>:<share>
 
Where=<mountpoint>
 
Type=nfs
 
</nowiki>}}
 
  
In the above:
+
{{Note|
*{{ic|mount-unit-name}} is the full path to the mountpoint in an escaped format. For example, a mount unit for {{ic|/usr/local}} must be named {{ic|usr-local.mount}}.
+
* The load paths are completely different when running ''systemd'' in [[systemd/User#How it works|user mode]].
*{{ic|mountpoint}} is the local mountpoint
+
* systemd unit names may only contain ASCII alphanumeric characters, underscores and periods. All other characters must be replaced by C-style "\x2d" escapes, or employ their predefined semantics ('@', '-'). See {{man|5|systemd.unit}} and {{man|1|systemd-escape}} for more information.
*{{ic|server:share}} specifies the remote filesystem in the same manner as for {{ic|/etc/fstab}}
+
}}
  
See {{ic|systemd.unit(5)}} and {{ic|systemd.mount(5)}} for further details.
+
Look at the units installed by your packages for examples, as well as the [https://www.freedesktop.org/software/systemd/man/systemd.service.html#Examples annotated example section] of {{man|5|systemd.service}}.
  
A similar approach will probably be required for other remote filesystem types such as nfs4 and cifs.
+
{{Tip|Comments prepended with {{ic|#}} may be used in unit-files as well, but only in new lines. Do not use end-line comments after ''systemd'' parameters or the unit will fail to activate.}}
  
Alternatively, you can mark these entries in {{ic|/etc/fstab}} with the {{ic|1=x-systemd.automount}} and {{ic|1=x-systemd.device-timeout=#}} options (see {{ic|systemd.mount(5)}}). Make sure that if you also include {{ic|defaults}} as a mount option, that you override the implicit {{ic|auto}} with {{ic|noauto}}. This will cause the device to be mounted on first access, similar to [[Autofs]].
+
=== Handling dependencies ===
  
== Using systemd ==
+
With ''systemd'', dependencies can be resolved by designing the unit files correctly. The most typical case is that the unit ''A'' requires the unit ''B'' to be running before ''A'' is started. In that case add {{ic|1=Requires=''B''}} and {{ic|1=After=''B''}} to the {{ic|[Unit]}} section of ''A''. If the dependency is optional, add {{ic|1=Wants=''B''}} and {{ic|1=After=''B''}} instead. Note that {{ic|1=Wants=}} and {{ic|1=Requires=}} do not imply {{ic|1=After=}}, meaning that if {{ic|1=After=}} is not specified, the two units will be started in parallel.
  
*{{ic|systemctl}}: used to introspect and control the state of the systemd system and service manager
+
Dependencies are typically placed on services and not on [[#Targets]]. For example, {{ic|network.target}} is pulled in by whatever service configures your network interfaces, therefore ordering your custom unit after it is sufficient since {{ic|network.target}} is started anyway.
*{{ic|systemd-cgls}}: recursively shows the contents of the selected Linux control group hierarchy in a tree
 
*{{ic|systemadm}}: a graphical frontend for the systemd system and service manager that allows introspection and control of systemd (avaiable via the {{AUR|systemd-ui-git}} package from the [[AUR]]).
 
  
View the man pages for more details.
+
=== Service types ===
  
Listing running services:
+
There are several different start-up types to consider when writing a custom service file. This is set with the {{ic|1=Type=}} parameter in the {{ic|[Service]}} section:
  
{{bc|$ systemctl}}
+
* {{ic|1=Type=simple}} (default): ''systemd'' considers the service to be started up immediately. The process must not fork. Do not use this type if other services need to be ordered on this service, unless it is socket activated.
 +
* {{ic|1=Type=forking}}: ''systemd'' considers the service started up once the process forks and the parent has exited. For classic daemons use this type unless you know that it is not necessary. You should specify {{ic|1=PIDFile=}} as well so ''systemd'' can keep track of the main process.
 +
* {{ic|1=Type=oneshot}}: this is useful for scripts that do a single job and then exit. You may want to set {{ic|1=RemainAfterExit=yes}} as well so that ''systemd'' still considers the service as active after the process has exited.
 +
* {{ic|1=Type=notify}}: identical to {{ic|1=Type=simple}}, but with the stipulation that the daemon will send a signal to ''systemd'' when it is ready. The reference implementation for this notification is provided by ''libsystemd-daemon.so''.
 +
* {{ic|1=Type=dbus}}: the service is considered ready when the specified {{ic|BusName}} appears on DBus's system bus.
 +
* {{ic|1=Type=idle}}: ''systemd'' will delay execution of the service binary until all jobs are dispatched. Other than that behavior is very similar to {{ic|1=Type=simple}}.
  
or:
+
See the [https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type= systemd.service(5)] man page for a more detailed explanation of the {{ic|Type}} values.
  
{{bc|$ systemctl list-units}}
+
=== Editing provided units ===
  
The available services or units can be seen in {{ic|/usr/lib/systemd/system/}} and {{ic|/etc/systemd/system/}} (the latter takes precedence).
+
{{Style|Should be renamed to more descriptive ''Modifying provided units''.|talk=Talk:Edit#Deprecation}}
  
Activate a service immediately:
+
To avoid conflicts with pacman, unit files provided by packages should not be directly edited. There are two safe ways to modify a unit without touching the original file: create a new unit file which [[#Replacement unit files|overrides the original unit]] or create [[#Drop-in files|drop-in snippets]] which are applied on top of the original unit. For both methods, you must reload the unit afterwards to apply your changes. This can be done either by editing the unit with {{ic|systemctl edit}} (which reloads the unit automatically) or by reloading all units with:
  
{{bc|# systemctl start <service>}}
+
# systemctl daemon-reload
  
Deactivate a service immediately:
+
{{Tip|
 +
* You can use ''systemd-delta'' to see which unit files have been overridden or extended and what exactly has been changed.
 +
* Use {{ic|systemctl cat ''unit''}} to view the content of a unit file and all associated drop-in snippets.
 +
}}
  
{{bc|# systemctl stop <service>}}
+
==== Replacement unit files ====
  
Restart a service:
+
To replace the unit file {{ic|/usr/lib/systemd/system/''unit''}}, create the file {{ic|/etc/systemd/system/''unit''}} and ''reenable'' the unit to update the symlinks:
  
{{bc|# systemctl restart <service>}}
+
# systemctl reenable ''unit''
  
Reload the configuration of a service:
+
Alternatively, run:
  
{{bc|# systemctl reload <service>}}
+
# systemctl edit --full ''unit''
  
Show the status of a service, including whether it is running or not:
+
This opens {{ic|/etc/systemd/system/''unit''}} in your editor (copying the installed version if it does not exist yet) and automatically reloads it when you finish editing.
  
{{bc|# systemctl status <service>}}
+
{{Note|The replacement units will keep on being used even if Pacman updates the original units in the future. This method makes system maintenance more difficult and therefore the next approach is preferred.}}
  
Check whether a service is already enabled or not:
+
==== Drop-in files ====
  
{{bc|# systemctl is-enabled <service>}}
+
To create drop-in files for the unit file {{ic|/usr/lib/systemd/system/''unit''}}, create the directory {{ic|/etc/systemd/system/''unit''.d/}} and place ''.conf'' files there to override or add new options. ''systemd'' will parse and apply these files on top of the original unit.
  
Enable a service to be started on bootup:
+
The easiest way to do this is to run:
  
{{bc|# systemctl enable <service>}}
+
# systemctl edit ''unit''
  
Disable a service to not start during bootup:
+
This opens the file {{ic|/etc/systemd/system/''unit''.d/override.conf}} in your text editor (creating it if necessary) and automatically reloads the unit when you are done editing.
  
{{bc|# systemctl disable <service>}}
+
{{Note|Not all keys can be overridden with drop-in files. For example, for changing {{ic|1=Conflicts=}} a replacement file [https://lists.freedesktop.org/archives/systemd-devel/2017-June/038976.html is necessary].}}
  
Refer to {{Ic|man systemctl}} for more details.
+
==== Revert to vendor version ====
  
Notice that you need to use the full name of a service file. E.g., in order to restart the avahi daemon, issue:
+
To revert any changes to a unit made using {{ic|systemctl edit}} do:
  
{{bc|# systemctl restart avahi-daemon.service}}
+
# systemctl revert ''unit''
  
List failed services:
+
==== Examples ====
  
{{bc|# systemctl --failed}}
+
For example, if you simply want to add an additional dependency to a unit, you may create the following file:
  
Shut down and reboot the system:
+
{{hc|/etc/systemd/system/''unit''.d/customdependency.conf|2=
 +
[Unit]
 +
Requires=''new dependency''
 +
After=''new dependency''
 +
}}
  
{{bc|# systemctl reboot}}
+
As another example, in order to replace the {{ic|ExecStart}} directive for a unit that is not of type {{ic|oneshot}}, create the following file:
  
Shut down and power-off the system:
+
{{hc|/etc/systemd/system/''unit''.d/customexec.conf|2=
 +
[Service]
 +
ExecStart=
 +
ExecStart=''new command''
 +
}}
  
{{bc|# systemctl poweroff}}
+
Note how {{ic|ExecStart}} must be cleared before being re-assigned [https://bugzilla.redhat.com/show_bug.cgi?id=756787#c9]. The same holds for every item that can be specified multiple times, e.g. {{ic|OnCalendar}} for timers.
  
Shut down and halt the system:
+
One more example to automatically restart a service:
  
{{bc|# systemctl halt}}
+
{{hc|/etc/systemd/system/''unit''.d/restart.conf|2=
 +
[Service]
 +
Restart=always
 +
RestartSec=30
 +
}}
  
Suspend the system:
+
== Targets ==
  
{{bc|# systemctl suspend}}
+
{{Style|Unclear description, copy-pasted content (explicitly mentions "Fedora").|section=Make section "Targets" more clearly}}
  
Hibernate the system:
+
''systemd'' uses ''targets'' to group units together via dependencies and as standardized synchronization points. They serve a similar purpose as [[wikipedia:Runlevel|runlevels]] but act a little different. Each ''target'' is named instead of numbered and is intended to serve a specific purpose with the possibility of having multiple ones active at the same time. Some ''target''s are implemented by inheriting all of the services of another ''target'' and adding additional services to it. There are ''systemd'' ''target''s that mimic the common SystemVinit runlevels so you can still switch ''target''s using the familiar {{ic|telinit RUNLEVEL}} command.
  
{{bc|# systemctl hibernate}}
+
=== Get current targets ===
  
== Runlevels/targets ==
+
The following should be used under ''systemd'' instead of running {{ic|runlevel}}:
Runlevels is a legacy concept in systemd. Systemd uses ''targets'' which serve a similar purpose as runlevels but act a little different. Each ''target'' is named instead of numbered and is intended to serve a specific purpose with the possibility of having multiple ones active at the same time. Some ''targets'' are implemented by inheriting all of the services of another ''target'' and adding additional services to it. There are systemd ''target''s that mimic the common SystemVinit runlevels so you can still switch ''target''s using the familiar {{ic|telinit RUNLEVEL}} command.
 
  
=== Get current runlevel/targets ===
+
$ systemctl list-units --type=target
The following should be used under systemd instead of {{ic|runlevel}}:
 
{{bc|1=# systemctl list-units --type=target}}
 
  
 
=== Create custom target ===
 
=== Create custom target ===
The runlevels that are assigned a specific purpose on vanilla Fedora installs; 0, 1, 3, 5, and 6; have a 1:1 mapping with a specific systemd ''target''. Unfortunately, there is no good way to do the same for the user-defined runlevels like 2 and 4.  If you make use of those it is suggested that you make a new named systemd ''target'' as {{ic|/etc/systemd/system/<your target>}} that takes one of the existing runlevels as a base (you can look at {{ic|/usr/lib/systemd/system/graphical.target}} as an example), make a directory {{ic|/etc/systemd/system/<your target>.wants}}, and then symlink the additional services from {{ic|/usr/lib/systemd/system/}} that you wish to enable.
 
  
=== Targets table ===
+
The runlevels that held a defined meaning under sysvinit (i.e., 0, 1, 3, 5, and 6); have a 1:1 mapping with a specific ''systemd'' ''target''. Unfortunately, there is no good way to do the same for the user-defined runlevels like 2 and 4. If you make use of those it is suggested that you make a new named ''systemd'' ''target'' as {{ic|/etc/systemd/system/''your target''}} that takes one of the existing runlevels as a base (you can look at {{ic|/usr/lib/systemd/system/graphical.target}} as an example), make a directory {{ic|/etc/systemd/system/''your target''.wants}}, and then symlink the additional services from {{ic|/usr/lib/systemd/system/}} that you wish to enable.
{| border="1"
+
 
!SysV Runlevel!!Systemd Target!!Notes
+
=== Mapping between SysV runlevels and systemd targets ===
 +
 
 +
{| class="wikitable"
 +
! SysV Runlevel !! systemd Target !! Notes
 
|-
 
|-
 
| 0 || runlevel0.target, poweroff.target || Halt the system.
 
| 0 || runlevel0.target, poweroff.target || Halt the system.
Line 239: Line 302:
 
| 2, 4 || runlevel2.target, runlevel4.target, multi-user.target || User-defined/Site-specific runlevels. By default, identical to 3.
 
| 2, 4 || runlevel2.target, runlevel4.target, multi-user.target || User-defined/Site-specific runlevels. By default, identical to 3.
 
|-
 
|-
| 3 || runlevel3.target, multi-user.target || Multi-user, non-graphical. Users can usually login via multiple consoles or via the network.
+
| 3 || runlevel3.target, multi-user.target || Multi-user, non-graphical. Users can usually login via multiple consoles or via the network.
 
|-
 
|-
| 5 || runlevel5.target, graphical.target || Multi-user, graphical. Usually has all the services of runlevel 3 plus a graphical login.
+
| 5 || runlevel5.target, graphical.target || Multi-user, graphical. Usually has all the services of runlevel 3 plus a graphical login.
 
|-
 
|-
 
| 6 || runlevel6.target, reboot.target || Reboot
 
| 6 || runlevel6.target, reboot.target || Reboot
Line 249: Line 312:
 
|}
 
|}
  
=== Change current runlevels ===
+
=== Change current target ===
In systemd runlevels are exposed via "target units". You can change them like this:
 
{{bc|# systemctl isolate graphical.target}}
 
This will only change the current runlevel, and has no effect on the next boot.
 
  
=== Change default runlevel/target to boot into ===
+
In ''systemd'' targets are exposed via ''target units''. You can change them like this:
The standard target is {{ic|default.target}}, which is aliased by default to {{ic|graphical.target}} (which roughly corresponds to the old runlevel 5). To change the default target at boot-time, append one of the following kernel parameters to your bootloader:
 
* {{ic|1=systemd.unit=multi-user.target}} (which roughly corresponds to the old runlevel 3),
 
* {{ic|1=systemd.unit=rescue.target}} (which roughly corresponds to the old runlevel 1).
 
  
Alternatively, you may leave the bootloader alone and change {{ic|default.target}}. This can be done using {{ic|systemctl}}:
+
# systemctl isolate graphical.target
{{bc|# systemctl enable multi-user.target}}
 
  
The effect of this command is outputted by {{ic|systemctl}}; a symlink to the new default target is made at {{ic|/etc/systemd/system/default.target}}. This works if, and only if:
+
This will only change the current target, and has no effect on the next boot. This is equivalent to commands such as {{ic|telinit 3}} or {{ic|telinit 5}} in Sysvinit.
[Install]
 
Alias=default.target
 
is in the target's configuration file. Currently, {{ic|multi-user.target}} and {{ic|graphical.target}} both have it.
 
  
== Running DEs under systemd ==
+
=== Change default target to boot into ===
  
=== Using display manager ===
+
The standard target is {{ic|default.target}}, which is a symlink to {{ic|graphical.target}}. This roughly corresponds to the old runlevel 5.
To enable graphical login, run your preferred [[Display Manager]] daemon (e.g. [[KDM]]). At the moment, service files exist for [[GDM]], [[KDM]], [[SLiM]], [[XDM]] and [[LXDM]].
 
  
{{bc|# systemctl enable kdm.service}}
+
To verify the current target with ''systemctl'':
  
This should work out of the box. If not, you might have a {{ic|default.target}} set manually or from a older install:
+
$ systemctl get-default
  
{{hc|# ls -l /etc/systemd/system/default.target|/etc/systemd/system/default.target -> /usr/lib/systemd/system/graphical.target}}
+
To change the default target to boot into, change the {{ic|default.target}} symlink. With ''systemctl'':
  
Simply delete the symlink and systemd will use its stock {{ic|default.target}} (i.e. {{ic|graphical.target}}).
+
{{hc|1=# systemctl set-default multi-user.target|2=
 +
Removed /etc/systemd/system/default.target.
 +
Created symlink /etc/systemd/system/default.target -> /usr/lib/systemd/system/multi-user.target.}}
  
{{bc|# rm /etc/systemd/system/default.target}}
+
Alternatively, append one of the following [[kernel parameters]] to your bootloader:
  
If {{ic|/etc/locale.conf}} is used for setting the locale, add an entry to {{ic|/etc/environment}}:
+
* {{ic|1=systemd.unit=multi-user.target}} (which roughly corresponds to the old runlevel 3),
{{hc|/etc/environment|<nowiki>
+
* {{ic|1=systemd.unit=rescue.target}} (which roughly corresponds to the old runlevel 1).
LANG=en_US.utf8</nowiki>}}
 
  
=== Using service file ===
+
=== Default target order ===
{{Note|Using this method there will be no PAM session created for your user. Therefore ConsoleKit (which gives you access to shutdown/reboot, audio devices etc.) will not work properly. For the recommended way, see: [[Automatic_login_to_virtual_console#With_systemd]].}}
 
If you are only looking for a simple way to start X directly without a display manager, you can create a service file similar to this:
 
  
{{hc|/etc/systemd/system/graphical.target.wants/xinit.service|<nowiki>
+
Systemd chooses the {{ic|default.target}} according to the following order:
[Unit]
 
Description=Direct login to X
 
Requires=dev-tty7.device
 
After=dev-tty7.device systemd-user-sessions.service
 
  
[Service]
+
# Kernel parameter shown above
ExecStart=/bin/su <username> -l -c "/bin/bash --login -c xinit"
+
# Symlink of {{ic|/etc/systemd/system/default.target}}
 +
# Symlink of {{ic|/usr/lib/systemd/system/default.target}}
  
[Install]
+
== Temporary files ==
WantedBy=graphical.target
 
</nowiki>}}
 
  
== Arch integration ==
+
"''systemd-tmpfiles'' creates, deletes and cleans up volatile and temporary files and directories." It reads configuration files in {{ic|/etc/tmpfiles.d/}} and {{ic|/usr/lib/tmpfiles.d/}} to discover which actions to perform. Configuration files in the former directory take precedence over those in the latter directory.
  
Integration with Arch's classic configuration is accomplished via the {{Pkg|initscripts-systemd}} package. This is an optional package containing unit files and scripts needed to emulate Arch's initscripts, which can be used to ease the transition from sysVinit to systemd.
+
Configuration files are usually provided together with service files, and they are named in the style of {{ic|/usr/lib/tmpfiles.d/''program''.conf}}. For example, the [[Samba]] daemon expects the directory {{ic|/run/samba}} to exist and to have the correct permissions. Therefore, the {{Pkg|samba}} package ships with this configuration:
  
{{ic|/etc/inittab}} is not used at all.
+
{{hc|/usr/lib/tmpfiles.d/samba.conf|
 +
D /run/samba 0755 root root
 +
}}
  
{{ic|/etc/rc.local}} and {{ic|/etc/rc.local.shutdown}} can be run at startup and shutdown by enabling {{ic|rc-local.service}} and {{ic|rc-local-shutdown.service}}.
+
Configuration files may also be used to write values into certain files on boot. For example, if you used {{ic|/etc/rc.local}} to disable wakeup from USB devices with {{ic|echo USBE > /proc/acpi/wakeup}}, you may use the following tmpfile instead:
  
{{warning|Usage of this package is not recommended. In particular, {{ic|arch-load-modules.service}} and {{ic|arch-daemons.target}} are unsupported as a long-term solution and will be removed in the future. When ever possible, use native systemd configuration files instead.}}
+
{{hc|/etc/tmpfiles.d/disable-usb-wake.conf|
 +
#    Path                  Mode UID  GID  Age Argument
 +
w    /proc/acpi/wakeup    -    -    -   -   USBE
 +
}}
  
Most people will not need all (if any) of these units, and they can be easily disabled with:
+
See the {{man|8|systemd-tmpfiles}} and {{man|5|tmpfiles.d}} man pages for details.
{{bc|# systemctl disable <unitfile>}}
 
  
The plan is to remove most of the functionality from this package as soon as it is handled elsewhere (mostly in udev/systemd/kernel).
+
{{Note|This method may not work to set options in {{ic|/sys}} since the ''systemd-tmpfiles-setup'' service may run before the appropriate device modules is loaded. In this case you could check whether the module has a parameter for the option you want to set with {{ic|modinfo ''module''}} and set this option with a [[Kernel modules#Setting module options|config file in /etc/modprobe.d]]. Otherwise you will have to write a [[Udev#About_udev_rules|udev rule]] to set the appropriate attribute as soon as the device appears.}}
  
=== rc.conf ===
+
== Timers ==
Some variables in {{ic|/etc/rc.conf}} are respected by this glue work. For a pure systemd setup it is recommended to use the [[Systemd#Native_systemd_configuration_files|native systemd configuration files]] which will take precedence over {{ic|/etc/rc.conf}}.
 
  
Supported variables:
+
A timer is a unit configuration file whose name ends with ''.timer'' and encodes information about a timer controlled and supervised by ''systemd'', for timer-based activation. See [[systemd/Timers]].
* LOCALE
 
* KEYMAP
 
* CONSOLEFONT
 
* CONSOLEMAP
 
* HOSTNAME
 
* MODULES
 
* DAEMONS: Ordering and blacklisting is respected, if a native systemd service file by the same name as a daemon exists, it will take precedence, this logic can be disabled by {{ic|systemctl disable arch-daemons.target}}
 
  
Not supported variables and systemd configuration:
+
{{Note|Timers can replace [[cron]] functionality to a great extent. See [[systemd/Timers#As a cron replacement]].}}
* TIMEZONE: Please symlink {{Ic|/etc/localtime}} to your zoneinfo file manually.
 
* HARDWARECLOCK: Use {{ic|# hwclock --systohc --utc}} to set your hardware clock to utc, localtime is not supported, see [[Systemd#Q: Why does systemd not support the RTC being in localtime?|FAQ]].
 
* USELVM: use {{ic|lvm.service}} provided by {{Pkg|systemd-arch-units}} instead.
 
* USECOLOR
 
  
The following is a brief description of the functionality of each of them. Alternative solutions are provided as a migration plan away from the functionality provided by this package.
+
== Mounting ==
  
==== rc-local.service / rc-local-shutdown.service ====
+
''systemd'' is in charge of mounting the partitions and filesystems specified in {{ic|/etc/fstab}}. The {{man|8|systemd-fstab-generator}} translates all the entries in {{ic|/etc/fstab}} into systemd units, this is performed at boot time and whenever the configuration of the system manager is reloaded.
Runs {{ic|/etc/rc.local}} (resp., {{ic|/etc/rc.local.shutdown}}) on boot (resp., shutdown).
 
  
==== arch-daemons.target ====
+
''systemd'' extends the usual [[fstab]] capabilities and offers additional mount options. These affect the dependencies of the mount unit, they can for example ensure that a mount is performed only once the network is up or only once another partition is mounted. The full list of specific ''systemd'' mount options, typically prefixed with {{ic|x-systemd.}}, is detailed in {{man|5|systemd.mount|FSTAB}}.
Parses the {{ic|DAEMONS}} array in {{ic|/etc/rc.conf}} and starts the services. If a native systemd unit exists (by the same name) for a given daemon, this is used; otherwise, the script in {{ic|/etc/rc.d/}} is used to control the unit.
 
  
Alternative: use native unit files from the {{Pkg|systemd-arch-units}} package.
+
An example of these mount options in the context of ''automounting'', which means mounting only when the resource is required rather than automatically at boot time, is provided in [[fstab#Automount with systemd]].
  
==== arch-modules-load.service ====
+
=== GPT partition automounting ===
Creates a list of modules to be loaded based on {{ic|/etc/rc.conf}} (see {{ic|/etc/modules-load.d/rc.conf}}).
 
  
Alternative: create a {{ic|*.conf}} for your modules in [[Systemd#Configure_kernel_modules_to_load_during_boot|/etc/modules-load.d/]].
+
On a [[GPT]] partitioned disk {{man|8|systemd-gpt-auto-generator}} will mount partitions following the [https://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec/ Discoverable Partitions Specification], thus they can be omitted from {{ic|fstab}}.
  
== Helping out ==
+
The automounting for a partition can be disabled by changing the partition's [[Wikipedia:GUID Partition Table#Partition type GUIDs|type GUID]] or setting the partition attribute bit 63 "do not automount", see [[gdisk#Prevent GPT partition automounting]].
Currently, systemd is mostly at feature parity with Arch's initscripts. However, a lot more testing is needed. If you would like to help out, you can create service files and submit them upstream, or if this fails, directly to the [https://bugs.archlinux.org/ Arch Linux Bugtracker].
 
  
== FAQ ==
+
== systemd-sysvcompat ==
For an up-to-date list of known issues, look at the upstream [http://cgit.freedesktop.org/systemd/systemd/tree/TODO TODO].
 
  
{{FAQ
+
{{pkg|systemd-sysvcompat}} (required by {{Pkg|base}}) primary role is to provide the traditional linux [[init]] binary. For systemd controlled systems, {{ic|init}} is just a symbolic link to its {{ic|systemd}} executable.
|question=Why are my console fonts ugly?
 
|answer=If no font is set in {{ic|/etc/vconsole.conf}} (or alternatively {{ic|/etc/rc.conf}}), then a standard font will be used. The standard font is chosen due to it supporting a wide range of character sets. Set your preferred font to fix the issue.}}
 
  
{{FAQ
+
In addition, it also provides 6 convenience short cuts that [[SysVinit]] users might be used to. The convenience short cuts are {{man|8|halt}}, {{man|8|poweroff}}, {{man|8|reboot}}, {{man|8|runlevel}}, {{man|8|shutdown}}, and {{man|8|telinit}}. Each one of those 6 commands is a symbolic link to {{ic|systemctl}}, and governed by systemd behavior. Therefore, the discussion at [[#Power management]] applies to {{ic|halt}}, {{ic|poweroff}}, {{ic|reboot}} and {{ic|shutdown}}. The discussion at [[#Mapping between SysV runlevels and systemd targets]] applies to {{ic|runlevel}} and {{ic|telinit}}.
|question=Why do I get log messages on my console?
 
|answer=You must set the kernel loglevel yourself. Historically, {{ic|/etc/rc.sysinit}} did this for us and set dmesg loglevel to {{ic|3}}, which was a reasonably quiet loglevel. Either add {{ic|1=loglevel=3}} or {{ic|quiet}} to your kernel cmdline.}}
 
  
{{FAQ
+
Systemd based systems can give up those System V compatibility methods by using the {{ic|1= init=}} [[Kernel parameters#Parameter list|boot parameter]] (see, for example, [https://bbs.archlinux.org/viewtopic.php?id=233387 <nowiki>[solved]</nowiki> /bin/init is in systemd-sysvcompat ?]) and systemd native {{ic|systemctl}} command arguments.
|question=Why does systemd not support the RTC being in localtime?
 
|answer=In principle, there is nothing stopping you from adding some unit files that will allow the RTC to be in localtime, but there are a few reasons why we have not (and probably will not) implement it by default:
 
  
* The reason for allowing the RTC to be in localtime was to allow dualboot with Windows ([http://blogs.msdn.com/b/oldnewthing/archive/2004/09/02/224672.aspx who uses localtime]). However, for some time now, Windows has been able to deal with the RTC being in UTC by setting the following registry key
+
== Tips and tricks ==
:{{bc|HKLM\SYSTEM\CurrentControlSet\Control\TimeZoneInformation\RealTimeIsUniversal}}
 
:This needs to be a DWORD key with a value of 1.
 
:{{Warning|On recent systems (Windows 7, Vista SP2) this setting prevents Windows from being able to update the system clock at all, [http://social.msdn.microsoft.com/forums/en-US/tabletandtouch/thread/0b872d8a-69e9-40a6-a71f-45de90c6e243/ and earlier versions do not work correctly when resuming from suspend or hibernate]. In addition, recent systems [http://support.microsoft.com/kb/2687252 may become unresponsive during Daylight Saving Time (DST) changeover if RealTimeIsUniversal is set].}}
 
  
* Dealing with daylight saving time is messy. If the DST changes when your computer is off, your clock will be wrong on next boot ([http://www.cl.cam.ac.uk/~mgk25/mswish/ut-rtc.html there is a lot more to it]).
+
=== Running services after the network is up ===
* Recent kernels set the system time from the RTC directly on boot without using {{ic|hwclock}}, the kernel will always assume that the RTC is in UTC. This means that if the RTC is in localtime, then the system time will first be set up wrongly and then corrected shortly afterwards on every boot. This is possibly the reason for certain weird bugs (time going backwards is rarely a good thing).}}
 
  
{{FAQ
+
To delay a service after the network is up, include the following dependencies in the ''.service'' file:
|question=How do I make a custom unit file?
 
|answer=The unit files in {{ic|/etc/systemd/system/}} take precedence over the ones in {{ic|/usr/lib/systemd/system/}}. To make your own version of a unit (which will not be destroyed by an upgrade), copy the old unit file from {{ic|/usr/lib/}} to {{ic|/etc/}} and make your changes there. Alternatively you can use {{ic|.include}} to parse an existing service file and then add new options. For example, if you simply want to add an additional dependency to a service file, you may use:
 
{{hc|/etc/systemd/system/<service-name>.service|
 
<nowiki>
 
.include /usr/lib/systemd/system/<service-name>.service
 
  
 +
{{hc|/etc/systemd/system/''foo''.service|2=
 
[Unit]
 
[Unit]
Requires=<new dependency>
+
...
After=<new dependency>
+
'''Wants=network-online.target'''
</nowiki>}}
+
'''After=network-online.target'''
 +
...
 
}}
 
}}
{{FAQ
 
|question=How do I change the number of gettys running by default?
 
|answer=To add another getty:
 
  
Simply place another symlink for instantiating another getty in the {{ic|/etc/systemd/system/getty.target.wants/}} directory:
+
The network wait service of the particular application that manages the network, must also be enabled so that {{ic|network-online.target}} properly reflects the network status.
 +
 
 +
* If using [[NetworkManager]], {{ic|NetworkManager-wait-online.service}} is enabled together with {{ic|NetworkManager.service}}. Check if this is the case with {{ic|systemctl is-enabled NetworkManager-wait-online.service}}. If it is not enabled, then [[enable|reenable]] {{ic|NetworkManager.service}}.
 +
* In the case of [[netctl]], [[enable]] the {{ic|netctl-wait-online.service}}.
 +
* If using [[systemd-networkd]], {{ic|systemd-networkd-wait-online.service}} is enabled together with {{ic|systemd-networkd.service}}. Check if this is the case with {{ic|systemctl is-enabled systemd-networkd-wait-online.service}}.
 +
 
 +
For more detailed explanations see [https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/ Running services after the network is up] in the systemd wiki.
 +
 
 +
=== Enable installed units by default ===
 +
 
 +
{{Expansion|How does it work with instantiated units?}}
 +
 
 +
Arch Linux ships with {{ic|/usr/lib/systemd/system-preset/99-default.preset}} containing {{ic|disable *}}. This causes ''systemctl preset'' to disable all units by default, such that when a new package is installed, the user must manually enable the unit.
 +
 
 +
If this behavior is not desired, simply create a symlink from {{ic|/etc/systemd/system-preset/99-default.preset}} to {{ic|/dev/null}} in order to override the configuration file. This will cause ''systemctl preset'' to enable all units that get installed—regardless of unit type—unless specified in another file in one ''systemctl preset'''s configuration directories. User units are not affected. See {{man|5|systemd.preset}} for more information.
  
{{bc|<nowiki># ln -sf /usr/lib/systemd/system/getty@.service /etc/systemd/system/getty.target.wants/getty@tty9.service
+
{{Note|Enabling all units by default may cause problems with packages that contain two or more mutually exclusive units. ''systemctl preset'' is designed to be used by distributions and spins or system administrators. In the case where two conflicting units would be enabled, you should explicitly specify which one is to be disabled in a preset configuration file as specified in the manpage for {{ic|systemd.preset}}.}}
# systemctl daemon-reload
 
# systemctl start getty@tty9.service</nowiki>}}
 
  
To remove a getty:
+
=== Sandboxing application environments ===
  
Simply remove the getty symlinks you want to get rid of in the {{ic|/etc/systemd/system/getty.target.wants/}} directory:
+
A unit file can be created as a sandbox to isolate applications and their processes within a hardened virtual environment. systemd leverages [[wikipedia:Linux_namespaces|namespaces]], white-/blacklisting of [[Capabilities]], and [[control groups]] to container processes through an extensive [https://www.freedesktop.org/software/systemd/man/systemd.exec.html execution environment configuration].
  
{{bc|<nowiki># rm /etc/systemd/system/getty.target.wants/getty@tty5.service /etc/systemd/system/getty.target.wants/getty@tty6.service
+
The enhancement of an existing systemd unit file with application sandboxing typically requires trial-and-error tests accompanied by the generous use of {{Pkg|strace}}, [[wikipedia:Standard_streams#Standard_error_.28stderr.29|stderr]] and [https://www.freedesktop.org/software/systemd/man/journalctl.html journalctl] error logging and output facilities. You may want to first search upstream documentation for already done tests to base trials on.
# systemctl daemon-reload
 
# systemctl stop getty@tty5.service getty@tty6.service</nowiki>}}
 
  
systemd does not use the {{ic|/etc/inittab}} file.
+
Some examples on how sandboxing with systemd can be deployed:
  
{{Note|As of systemd 30, only 1 getty will be launched by default. If you switch to another tty, a getty will be launched there (socket-activation style). You can still force additional agetty processes to start using the above methods.}}}}
+
* {{Ic|CapabilityBoundingSet}} defines a whitelisted set of allowed capabilities, but may also be used to blacklist a specific capability for a unit.
 +
** The {{Ic|CAP_SYS_ADM}} capability, for example, which should be one of the [https://lwn.net/Articles/486306/ goals of a secure sandbox]: {{ic|1=CapabilityBoundingSet=~ CAP_SYS_ADM}}
  
{{FAQ
+
== Troubleshooting ==
|question=How do I get more verbose output during boot?
 
|answer=If you see no output at all in console after the initram message, this means you have the {{ic|quiet}} parameter in your kernel line. It's best to remove it, at least the first time you boot with systemd, to see if everythin is ok. Then, You will see a list [ OK ] in green or [ FAILED ] in red.
 
  
Any messages are logged to the system log and if you want to find out about the status of your system run {{ic|$ systemctl}} or look at the boot/system log with {{ic|journarlctl}}.
+
=== Investigating systemd errors ===
 +
 
 +
As an example, we will investigate an error with {{ic|systemd-modules-load}} service:
 +
 
 +
'''1.''' Lets find the ''systemd'' services which fail to start at boot time:
 +
 
 +
{{hc|1=$ systemctl --state=failed|2=
 +
systemd-modules-load.service  loaded '''failed failed'''  Load Kernel Modules
 
}}
 
}}
  
{{FAQ
+
Another way is to live log ''systemd'' messages:
|question=How to avoid the console to be cleared after boot ?
+
 
|answer=Create a custom getty@tty1.service file
+
$ journalctl -fp err
 +
 
 +
'''2.''' Ok, we found a problem with {{ic|systemd-modules-load}} service. We want to know more:
  
Copy /usr/lib/systemd/system/getty@.service to /etc/systemd/system/getty.target.wants/getty@tty1.service, and then edit the file:
+
{{hc|$ systemctl status systemd-modules-load|2=
* add --noclear to the ExecStart line after agetty
+
systemd-modules-load.service - Load Kernel Modules
* switch TTYVTDeallocate to no
+
  Loaded: loaded (/usr/lib/systemd/system/systemd-modules-load.service; static)
 +
  Active: '''failed''' (Result: exit-code) since So 2013-08-25 11:48:13 CEST; 32s ago
 +
    Docs: man:systemd-modules-load.service(8).
 +
          man:modules-load.d(5)
 +
  Process: '''15630''' ExecStart=/usr/lib/systemd/systemd-modules-load ('''code=exited, status=1/FAILURE''')
 
}}
 
}}
  
{{FAQ
+
If the {{ic|Process ID}} is not listed, just restart the failed service with {{ic|systemctl restart systemd-modules-load}}
|question=What kernel options do I need to enable in my kernel in case I do not use the official Arch kernel?
 
|answer=Kernels prior to 2.6.39 are unsupported.
 
  
This is a partial list of required/recommended options, there might be more:
+
'''3.''' Now we have the process id (PID) to investigate this error in depth. Enter the following command with the current {{ic|Process ID}} (here: 15630):
  
{{bc|<nowiki>
+
{{hc|1=$ journalctl _PID=15630|2=
CONFIG_AUDIT=y (recommended)
+
-- Logs begin at Sa 2013-05-25 10:31:12 CEST, end at So 2013-08-25 11:51:17 CEST. --
CONFIG_AUDIT_LOGINUID_IMMUTABLE=y (not required, may break sysvinit compat)
+
Aug 25 11:48:13 mypc systemd-modules-load[15630]: '''Failed to find module 'blacklist usblp''''
CONFIG_CGROUPS=y
+
Aug 25 11:48:13 mypc systemd-modules-load[15630]: '''Failed to find module 'install usblp /bin/false''''
CONFIG_IPV6=[y|m] (highly recommended)
+
}}
CONFIG_UEVENT_HELPER_PATH="" (if you don't use an initramfs)
 
CONFIG_DEVTMPFS=y
 
CONFIG_DEVTMPFS_MOUNT=y (recommended, if you don't use an initramfs)
 
CONFIG_RTC_DRV_CMOS=y (highly recommended)
 
CONFIG_FANOTIFY=y (required for readahead)
 
CONFIG_AUTOFS4_FS=[y|m]
 
CONFIG_TMPFS_POSIX_ACL=y (recommended, if you want to use pam_systemd.so)
 
</nowiki>}}}}
 
  
{{FAQ
+
'''4.''' We see that some of the kernel module configs have wrong settings. Therefore we have a look at these settings in {{ic|/etc/modules-load.d/}}:
|question=What other units does a unit depend on?
+
{{hc|$ ls -Al /etc/modules-load.d/|
|answer=For example, if you want to figure out which services a target like {{ic|multi-user.target}} pulls in, use something like this:  
+
...
{{hc|$ systemctl show -p "Wants" multi-user.target|2=Wants=rc-local.service avahi-daemon.service rpcbind.service NetworkManager.service acpid.service dbus.service atd.service crond.service auditd.service ntpd.service udisks.service bluetooth.service cups.service wpa_supplicant.service getty.target modem-manager.service portreserve.service abrtd.service yum-updatesd.service upowerd.service test-first.service pcscd.service rsyslog.service haldaemon.service remote-fs.target plymouth-quit.service systemd-update-utmp-runlevel.service sendmail.service lvm2-monitor.service cpuspeed.service udev-post.service mdmonitor.service iscsid.service livesys.service livesys-late.service irqbalance.service iscsi.service netfs.service}}
+
-rw-r--r--  1 root root    79  1. Dez 2012  blacklist.conf
 +
-rw-r--r--  1 root root    1  2. Mär 14:30 encrypt.conf
 +
-rw-r--r--   1 root root    3  5. Dez 2012  printing.conf
 +
-rw-r--r--   1 root root    6 14. Jul 11:01 realtek.conf
 +
-rw-r--r--   1 root root    65  2. Jun 23:01 virtualbox.conf
 +
...
 +
}}
  
Instead of {{ic|Wants}} you might also try {{ic|WantedBy}}, {{ic|Requires}}, {{ic|RequiredBy}}, {{ic|Conflicts}}, {{ic|ConflictedBy}}, {{ic|Before}}, {{ic|After}} for the respective types of dependencies and their inverse.}}
+
'''5.''' The {{ic|Failed to find module 'blacklist usblp'}} error message might be related to a wrong setting inside of {{ic|blacklist.conf}}. Lets deactivate it with inserting a trailing '''#''' before each option we found via step 3:
  
== Optimization ==
+
{{hc|/etc/modules-load.d/blacklist.conf|
=== systemd-analyze ===
+
'''#''' blacklist usblp
Systemd provides a tool called {{ic|systemd-analyze}} that allows you to analyze your boot process so you can see which unit files are causing your boot process to slow down. You can then optimize your system accordingly. You have to install {{Pkg|dbus-python}} to use it.
+
'''#''' install usblp /bin/false
 +
}}
  
To see how much time was spent in kernel-/userspace on boot, simply use:
+
'''6.''' Now, try to start {{ic|systemd-modules-load}}:
systemd-analyze
 
{{Tip|If you add the {{ic|timestamp}} hook to your {{ic|HOOKS}} array in {{ic|/etc/mkinitcpio.conf}} and rebuild your initramfs, {{ic|systemd-analyze}} will also be able to show you how much time was spent in the intramfs.}}
 
  
To list the started unit files, sorted by the time each of them took to start up:
+
# systemctl start systemd-modules-load
systemd-analyze blame
 
  
You can also create a SVG file which describes your boot process grapically, similiar to [[Bootchart]]:
+
If it was successful, this should not prompt anything. If you see any error, go back to step 3 and use the new PID for solving the errors left.
systemd-analyze plot > plot.svg
 
  
====Enabling bootchart in conjunction with systemd====
+
If everything is ok, you can verify that the service was started successfully with:
You can use a version of bootchart to visualize the boot sequence.
 
Since you are not able to put a second init into the kernel cmdline you won't be able to use any of the standard bootchart setups. However the {{AUR|bootchart2}} package from [[AUR]] comes with an undocumented systemd service. After you've installed bootchart2 do:
 
{{bc|# systemctl enable bootchart.service}}
 
Read the [https://github.com/mmeeks/bootchart bootchart documentation] for further details on using this version of bootchart.
 
  
=== Replacing acpid with systemd ===
+
{{hc|$ systemctl status systemd-modules-load|2=
Systemd can handle some power-related ACPI events. This is configured via the following options in {{ic|/etc/systemd/logind.conf}}:
+
systemd-modules-load.service - Load Kernel Modules
* {{ic|HandlePowerKey}} : Power off the system when the power button is pressed
+
  Loaded: '''loaded''' (/usr/lib/systemd/system/systemd-modules-load.service; static)
* {{ic|HandleSleepKey}} : Suspend the system when the sleep key is pressed
+
  Active: '''active (exited)''' since So 2013-08-25 12:22:31 CEST; 34s ago
* {{ic|HandleLidSwitch}} : Suspend the system when the laptop lid is closed
+
    Docs: man:systemd-modules-load.service(8)
Depending on the value of these options, these events may for example only be triggered when no user is logged in ({{ic|no-session}}) or when only a single user session is active ({{ic|any-session}}). See {{ic|man logind.conf}} for details.
+
          man:modules-load.d(5)
 +
Process: 19005 ExecStart=/usr/lib/systemd/systemd-modules-load (code=exited, status=0/SUCCESS)
 +
Aug 25 12:22:31 mypc systemd[1]: '''Started Load Kernel Modules'''.
 +
}}
  
These options should not be used on desktop environments like [[Gnome]] and [[XFCE]] since these handle ACPI events by themselves. However, on systems which run no graphical setup or only a simple window manager like [[i3]] or [[awesome]], this may replace the [[acpid]] daemon which is usually used to react to these ACPI events.
+
=== Diagnosing boot problems ===
  
=== Shell Shortcuts ===
+
''systemd'' has several options for diagnosing problems with the boot process. See [[boot debugging]] for more general instructions and options to capture boot messages before ''systemd'' takes over the [[boot process]]. Also see the [https://freedesktop.org/wiki/Software/systemd/Debugging/ systemd debugging documentation].
Systemd daemon management requires a bit more text entry to accomplish tasks such as start, stopped, enabling, checking status, etc. The following functions can be added one's {{ic|~/.bashrc}} to help streamline interactions with systemd and to improve the overall experience.
 
  
<pre>if ! systemd-notify --booted; then  # not using systemd
+
=== Diagnosing a service ===
  start() {
 
    sudo rc.d start $1
 
  }
 
  
  restart() {
+
If some ''systemd'' service misbehaves or you want to get more information about what is happening, set the {{ic|SYSTEMD_LOG_LEVEL}} [[environment variable]] to {{ic|debug}}. For example, to run the ''systemd-networkd'' daemon in debug mode:
    sudo rc.d restart $1
 
  }
 
  
  stop() {
+
Add a [[#Drop-in files|drop-in file]] for the service adding the two lines:
    sudo rc.d stop $1
 
  }
 
else
 
  start() {
 
    sudo systemctl start $1.service
 
  }
 
  
  restart() {
+
[Service]
    sudo systemctl restart $1.service
+
Environment=SYSTEMD_LOG_LEVEL=debug
  }
 
  
  stop() {
+
Or equivalently, set the environment variable manually:
    sudo systemctl stop $1.service
 
  }
 
  
  enable() {
+
# SYSTEMD_LOG_LEVEL=debug /lib/systemd/systemd-networkd
    sudo systemctl enable $1.service
 
  }
 
  
  status() {
+
then [[restart]] ''systemd-networkd'' and watch the journal for the service with the {{ic|-f}}/{{ic|--follow}} option.
    sudo systemctl status $1.service
 
  }
 
  
  disable() {
+
=== Shutdown/reboot takes terribly long ===
    sudo systemctl disable $1.service
 
  }
 
fi
 
</pre>
 
  
=== Less output ===
+
If the shutdown process takes a very long time (or seems to freeze) most likely a service not exiting is to blame. ''systemd'' waits some time for each service to exit before trying to kill it. To find out if you are affected, see [https://freedesktop.org/wiki/Software/systemd/Debugging/#shutdowncompleteseventually this article].
Change {{ic|verbose}} to {{ic|quiet}} on the kernel line in GRUB. For some systems, particularly those with an SSD, the slow performance of the TTY is actually a bottleneck, and so less output means faster booting.
 
  
=== Early start ===
+
=== Short lived processes do not seem to log any output ===
One central feature of systemd is dbus and socket activation, this causes services to be started when they are first accessed, and is generally a good thing. However, if you know that a service (like console-kit) will always be started during boot, then the overall boot time might be reduced by starting it as early as possible. This can be achieved (if the service file is set up for it, which in most cases it is) by issuing:
 
  
{{bc|# systemctl enable console-kit-daemon.service}}
+
If {{ic|journalctl -u foounit}} does not show any output for a short lived service, look at the PID instead. For example, if {{ic|systemd-modules-load.service}} fails, and {{ic|systemctl status systemd-modules-load}} shows that it ran as PID 123, then you might be able to see output in the journal for that PID, i.e. {{ic|journalctl -b _PID&#61;123}}. Metadata fields for the journal such as {{ic|_SYSTEMD_UNIT}} and {{ic|_COMM}} are collected asynchronously and rely on the {{ic|/proc}} directory for the process existing. Fixing this requires fixing the kernel to provide this data via a socket connection, similar to {{ic|SCM_CREDENTIALS}}. In short, it is a [https://github.com/systemd/systemd/issues/2913 bug]. Keep in mind that immediately failed services might not print anything to the journal as per design of systemd.
  
This will cause systemd to start console-kit as soon as possible, without causing races with the socket or dbus activation.
+
=== Boot time increasing over time ===
  
=== Automount ===
+
After using {{ic|systemd-analyze}} a number of users have noticed that their boot time has increased significantly in comparison with what it used to be. After using {{ic|systemd-analyze blame}} [[NetworkManager]] is being reported as taking an unusually large amount of time to start.  
The default setup will fsck and mount all filesystems before starting most daemons and services. If you have a large {{ic|/home}} partition, it might be better to allow services that do not depend on {{ic|/home}} to start while {{ic|/home}} is being fsck'ed. This can be achieved by adding the following options to the fstab entry of your {{ic|/home}} partition:
 
  
noauto,x-systemd.automount
+
The problem for some users has been due to {{ic|/var/log/journal}} becoming too large. This may have other impacts on performance, such as for {{ic|systemctl status}} or {{ic|journalctl}}. As such the solution is to remove every file within the folder (ideally making a backup of it somewhere, at least temporarily) and then setting a journal file size limit as described in [[Systemd/Journal#Journal size limit]].
  
This will fsck and mount {{ic|/home}} when it is first accessed, and the kernel will buffer all file access to {{ic|/home}} until it is ready.
+
=== systemd-tmpfiles-setup.service fails to start at boot ===
  
If you have encrypted filesystems with keyfiles, you can also add the {{ic|noauto}} parameter to the corresponding entries in {{ic|/etc/crypttab}}. systemd will then not open the encrypted device on boot, but instead wait until it is actually accessed and then automatically open it with the specified keyfile before mounting it. This might save a few seconds on boot if you are using an encrypted RAID device for example, because systemd doesn't have to wait for the device to become available. For example:
+
Starting with systemd 219, {{ic|/usr/lib/tmpfiles.d/systemd.conf}} specifies ACL attributes for directories under {{ic|/var/log/journal}} and, therefore, requires ACL support to be enabled for the filesystem the journal resides on.
{{hc|/etc/crypttab|data /dev/md0 /root/key noauto}}
 
  
=== Readahead ===
+
See [[Access Control Lists#Enable ACL]] for instructions on how to enable ACL on the filesystem that houses {{ic|/var/log/journal}}.
systemd comes with its own readahead implementation, this should in principle improve boot time. However, depending on your kernel version and the type of your hard drive, your mileage may vary (i.e. it might be slower). To enable, do:
 
  
{{bc|<nowiki># systemctl enable systemd-readahead-collect.service
+
=== systemd version printed on boot is not the same as installed package version ===
# systemctl enable systemd-readahead-replay.service</nowiki>}}
 
  
Remember that in order for the readahead to work its magic, you should reboot a couple of times.
+
You need to [[Mkinitcpio#Image_creation_and_activation|regenerate your initramfs]] and the versions should match.  
  
=== User sessions ===
+
{{Tip|1=A pacman hook can be used to automatically regenerate the initramfs every time {{pkg|systemd}} is upgraded. See [https://bbs.archlinux.org/viewtopic.php?id=215411 this forum thread] and [[Pacman#Hooks]].}}
systemd can divide user sessions into cgroups. Add {{ic|session optional pam_systemd.so}} to your relevant {{ic|/etc/pam.d/}} files (e.g., {{ic|login}} for tty logins, {{ic|sshd}} for remote access, {{ic|kde}} for password kdm logins, {{ic|kde-np}} for automatic kdm logins).
 
  
Before:
+
=== Disable emergency mode on remote machine ===
{{hc|$ systemd-cgls systemd:/system/getty@.service|
 
systemd:/system/getty@.service:
 
├ tty5
 
│ └ 904 /sbin/agetty tty5 38400
 
├ tty2
 
│ ├ 13312 /bin/login --
 
│ └ 15765 -zsh
 
[…]}}
 
After:
 
{{hc|$ systemd-cgls systemd:/user/example/|
 
systemd:/user/example/:
 
├ 4
 
│ ├  902 /bin/login --
 
│ └ 16016 -zsh
 
[…]}}
 
  
Further, you can replace [[ConsoleKit]]'s functionality with systemd.  Be sure to do the above, then build polkit from [[ABS]] with systemd enabled, and stuffs like USB automounting will work without consolekit. Compiling dbus from Git is also needed for the DBus at_console policy checks, otherwise you'll have to create /var/run/console/$USER (and delete) manually.
+
You may want to disable emergency mode on a remote machine, for example, a virtual machine hosted at Azure or Google Cloud. It is because if emergency mode is triggered, the machine will be blocked from connecting to network.
  
== Troubleshooting ==
+
# systemctl mask emergency.service
=== Shutdown/Reboot takes terribly long ===
+
# systemctl mask emergency.target
If the shutdown process takes a very long time (or seems to freeze) most likely a service not exiting is to blame. systemd waits some time for each service to exit before trying to kill it.
 
To find out if you are affected see [http://fedoraproject.org/wiki/How_to_debug_Systemd_problems#Diagnosing_shutdown_problems this article] in the fedora wiki.
 
==== SLiM and xfce-session ====
 
One setup that can produce a shutdown freeze is Xfce in conjunction with SLiM: Shutting down/rebooting using xfce-session will cause slim.service to hang for half a minute until systemd kills it the hard way.
 
One workaround is to create a modified slim.service:
 
{{hc|/etc/systemd/system/slim.service|<nowiki>
 
[Unit]
 
Description=SLiM Simple Login Manager
 
After=systemd-user-sessions.service
 
  
[Service]
+
== See also ==
Type=forking
 
PIDFile=/var/lock/slim.lock
 
ExecStart=/usr/bin/slim -d
 
ExecStop=/bin/kill -9 $MAINPID
 
ExecStopPost=/bin/rm /var/lock/slim.lock
 
  
[Install]
+
* [[Wikipedia:systemd]]
WantedBy=graphical.target</nowiki>}}
+
* [https://www.freedesktop.org/wiki/Software/systemd systemd Official web site]
This causes SLiM to be terminated using SIGKILL. Since the lock file is also removed this does not cause a problem.
+
** [https://www.freedesktop.org/wiki/Software/systemd/Optimizations systemd optimizations]
== See also==
+
** [https://www.freedesktop.org/wiki/Software/systemd/FrequentlyAskedQuestions systemd FAQ]
*[http://www.freedesktop.org/wiki/Software/systemd Official Web Site]
+
** [https://www.freedesktop.org/wiki/Software/systemd/TipsAndTricks systemd Tips and tricks]
*[http://0pointer.de/public/systemd-man/ Manual Pages]
+
* [https://www.freedesktop.org/software/systemd/man/ Manual pages]
*[http://freedesktop.org/wiki/Software/systemd/Optimizations systemd Optimizations]
+
* Other distributions
*[http://www.freedesktop.org/wiki/Software/systemd/FrequentlyAskedQuestions FAQ]
+
** [[Gentoo:Systemd]]
*[http://www.freedesktop.org/wiki/Software/systemd/TipsAndTricks Tips And Tricks]
+
** [[Fedora:Systemd]]
*[http://0pointer.de/public/systemd-ebook-psankar.pdf systemd for Administrators (PDF)]
+
** [[Fedora:How to debug Systemd problems]]
*[http://bbs.archlinux.org/viewtopic.php?pid=792280 Discussion on the bbs.archlinux.org]
+
** [[Fedora:SysVinit to Systemd Cheatsheet]]
*[http://en.gentoo-wiki.com/wiki/Systemd About systemd in Gentoo Wiki]
+
** [[Debian:systemd]]
*[http://fedoraproject.org/wiki/Systemd About systemd on Fedora Project]
+
* [http://0pointer.de/blog/projects/systemd.html Lennart's blog story], [http://0pointer.de/blog/projects/systemd-update.html update 1], [http://0pointer.de/blog/projects/systemd-update-2.html update 2], [http://0pointer.de/blog/projects/systemd-update-3.html update 3], [http://0pointer.de/blog/projects/why.html summary]
*[http://fedoraproject.org/wiki/How_to_debug_Systemd_problems How to debug Systemd problems]
+
* [http://0pointer.de/public/systemd-ebook-psankar.pdf systemd for Administrators (PDF)]
*[https://docs.google.com/document/pub?id=1IC9yOXj7j6cdLLxWEBAGRL6wl97tFxgjLUEHIX3MSTs Background information about systemd journal]
+
* [https://www.digitalocean.com/community/tutorials/how-to-use-systemctl-to-manage-systemd-services-and-units How To Use Systemctl to Manage Systemd Services and Units ]
*[http://www.h-online.com/open/features/Booting-up-Tools-and-tips-for-systemd-1570630.html Booting up: Tools and tips for systemd, a Linux init tool. In The H]
+
* [https://dvdhrm.wordpress.com/2013/08/24/session-management-on-linux/ Session management with systemd-logind]
 +
* [[Emacs#Syntax highlighting for systemd Files|Emacs Syntax highlighting for Systemd files]]
 +
* [http://www.h-online.com/open/features/Control-Centre-The-systemd-Linux-init-system-1565543.html Two] [http://www.h-online.com/open/features/Booting-up-Tools-and-tips-for-systemd-1570630.html part] introductory article in ''The H Open'' magazine.

Latest revision as of 09:58, 11 January 2020

From the project web page:

systemd is a suite of basic building blocks for a Linux system. It provides a system and service manager that runs as PID 1 and starts the rest of the system. systemd provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts include a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users and running containers and virtual machines, system accounts, runtime directories and settings, and daemons to manage simple network configuration, network time synchronization, log forwarding, and name resolution.
Note: For a detailed explanation of why Arch moved to systemd, see this forum post.

Basic systemctl usage

The main command used to introspect and control systemd is systemctl. Some of its uses are examining the system state and managing the system and services. See systemctl(1) for more details.

Tip:
  • You can use all of the following systemctl commands with the -H user@host switch to control a systemd instance on a remote machine. This will use SSH to connect to the remote systemd instance.
  • Plasma users can install systemd-kcmAUR as a graphical frontend for systemctl. After installing the module will be added under System administration.

Analyzing the system state

Show system status using:

$ systemctl status

List running units:

$ systemctl

or:

$ systemctl list-units

List failed units:

$ systemctl --failed

The available unit files can be seen in /usr/lib/systemd/system/ and /etc/systemd/system/ (the latter takes precedence). List installed unit files with:

$ systemctl list-unit-files

Show the cgroup slice, memory and parent for a PID:

$ systemctl status pid

Using units

Units can be, for example, services (.service), mount points (.mount), devices (.device) or sockets (.socket).

When using systemctl, you generally have to specify the complete name of the unit file, including its suffix, for example sshd.socket. There are however a few short forms when specifying the unit in the following systemctl commands:

  • If you do not specify the suffix, systemctl will assume .service. For example, netctl and netctl.service are equivalent.
  • Mount points will automatically be translated into the appropriate .mount unit. For example, specifying /home is equivalent to home.mount.
  • Similar to mount points, devices are automatically translated into the appropriate .device unit, therefore specifying /dev/sda2 is equivalent to dev-sda2.device.

See systemd.unit(5) for details.

Note: Some unit names contain an @ sign (e.g. name@string.service): this means that they are instances of a template unit, whose actual file name does not contain the string part (e.g. name@.service). string is called the instance identifier, and is similar to an argument that is passed to the template unit when called with the systemctl command: in the unit file it will substitute the %i specifier. To be more accurate, before trying to instantiate the name@.suffix template unit, systemd will actually look for a unit with the exact name@string.suffix file name, although by convention such a "clash" happens rarely, i.e. most unit files containing an @ sign are meant to be templates. Also, if a template unit is called without an instance identifier, it will just fail, since the %i specifier cannot be substituted.
Tip:
  • Most of the following commands also work if multiple units are specified, see systemctl(1) for more information.
  • The --now switch can be used in conjunction with enable, disable, and mask to respectively start, stop, or mask the unit immediately rather than after rebooting.
  • A package may offer units for different purposes. If you just installed a package, pacman -Qql package | grep -Fe .service -e .socket can be used to check and find them.

Start a unit immediately:

# systemctl start unit

Stop a unit immediately:

# systemctl stop unit

Restart a unit:

# systemctl restart unit

Ask a unit to reload its configuration:

# systemctl reload unit

Show the status of a unit, including whether it is running or not:

$ systemctl status unit

Check whether a unit is already enabled or not:

$ systemctl is-enabled unit

Enable a unit to be started on bootup:

# systemctl enable unit

Enable a unit to be started on bootup and Start immediately:

# systemctl enable --now unit

Disable a unit to not start during bootup:

# systemctl disable unit

Mask a unit to make it impossible to start it (both manually and as a dependency, which makes masking dangerous):

# systemctl mask unit

Unmask a unit:

# systemctl unmask unit

Show the manual page associated with a unit (this has to be supported by the unit file):

$ systemctl help unit

Reload systemd manager configuration, scanning for new or changed units:

Note: This does not ask the changed units to reload their own configurations. See reload example above.
# systemctl daemon-reload

Power management

polkit is necessary for power management as an unprivileged user. If you are in a local systemd-logind user session and no other session is active, the following commands will work without root privileges. If not (for example, because another user is logged into a tty), systemd will automatically ask you for the root password.

Shut down and reboot the system:

$ systemctl reboot

Shut down and power-off the system:

$ systemctl poweroff

Suspend the system:

$ systemctl suspend

Put the system into hibernation:

$ systemctl hibernate

Put the system into hybrid-sleep state (or suspend-to-both):

$ systemctl hybrid-sleep

Writing unit files

The syntax of systemd's unit files is inspired by XDG Desktop Entry Specification .desktop files, which are in turn inspired by Microsoft Windows .ini files. Unit files are loaded from multiple locations (to see the full list, run systemctl show --property=UnitPath), but the main ones are (listed from lowest to highest precedence):

  • /usr/lib/systemd/system/: units provided by installed packages
  • /etc/systemd/system/: units installed by the system administrator
Note:
  • The load paths are completely different when running systemd in user mode.
  • systemd unit names may only contain ASCII alphanumeric characters, underscores and periods. All other characters must be replaced by C-style "\x2d" escapes, or employ their predefined semantics ('@', '-'). See systemd.unit(5) and systemd-escape(1) for more information.

Look at the units installed by your packages for examples, as well as the annotated example section of systemd.service(5).

Tip: Comments prepended with # may be used in unit-files as well, but only in new lines. Do not use end-line comments after systemd parameters or the unit will fail to activate.

Handling dependencies

With systemd, dependencies can be resolved by designing the unit files correctly. The most typical case is that the unit A requires the unit B to be running before A is started. In that case add Requires=B and After=B to the [Unit] section of A. If the dependency is optional, add Wants=B and After=B instead. Note that Wants= and Requires= do not imply After=, meaning that if After= is not specified, the two units will be started in parallel.

Dependencies are typically placed on services and not on #Targets. For example, network.target is pulled in by whatever service configures your network interfaces, therefore ordering your custom unit after it is sufficient since network.target is started anyway.

Service types

There are several different start-up types to consider when writing a custom service file. This is set with the Type= parameter in the [Service] section:

  • Type=simple (default): systemd considers the service to be started up immediately. The process must not fork. Do not use this type if other services need to be ordered on this service, unless it is socket activated.
  • Type=forking: systemd considers the service started up once the process forks and the parent has exited. For classic daemons use this type unless you know that it is not necessary. You should specify PIDFile= as well so systemd can keep track of the main process.
  • Type=oneshot: this is useful for scripts that do a single job and then exit. You may want to set RemainAfterExit=yes as well so that systemd still considers the service as active after the process has exited.
  • Type=notify: identical to Type=simple, but with the stipulation that the daemon will send a signal to systemd when it is ready. The reference implementation for this notification is provided by libsystemd-daemon.so.
  • Type=dbus: the service is considered ready when the specified BusName appears on DBus's system bus.
  • Type=idle: systemd will delay execution of the service binary until all jobs are dispatched. Other than that behavior is very similar to Type=simple.

See the systemd.service(5) man page for a more detailed explanation of the Type values.

Editing provided units

Tango-edit-clear.pngThis article or section needs language, wiki syntax or style improvements. See Help:Style for reference.Tango-edit-clear.png

Reason: Should be renamed to more descriptive Modifying provided units. (Discuss in Talk:Edit#Deprecation)

To avoid conflicts with pacman, unit files provided by packages should not be directly edited. There are two safe ways to modify a unit without touching the original file: create a new unit file which overrides the original unit or create drop-in snippets which are applied on top of the original unit. For both methods, you must reload the unit afterwards to apply your changes. This can be done either by editing the unit with systemctl edit (which reloads the unit automatically) or by reloading all units with:

# systemctl daemon-reload
Tip:
  • You can use systemd-delta to see which unit files have been overridden or extended and what exactly has been changed.
  • Use systemctl cat unit to view the content of a unit file and all associated drop-in snippets.

Replacement unit files

To replace the unit file /usr/lib/systemd/system/unit, create the file /etc/systemd/system/unit and reenable the unit to update the symlinks:

# systemctl reenable unit

Alternatively, run:

# systemctl edit --full unit

This opens /etc/systemd/system/unit in your editor (copying the installed version if it does not exist yet) and automatically reloads it when you finish editing.

Note: The replacement units will keep on being used even if Pacman updates the original units in the future. This method makes system maintenance more difficult and therefore the next approach is preferred.

Drop-in files

To create drop-in files for the unit file /usr/lib/systemd/system/unit, create the directory /etc/systemd/system/unit.d/ and place .conf files there to override or add new options. systemd will parse and apply these files on top of the original unit.

The easiest way to do this is to run:

# systemctl edit unit

This opens the file /etc/systemd/system/unit.d/override.conf in your text editor (creating it if necessary) and automatically reloads the unit when you are done editing.

Note: Not all keys can be overridden with drop-in files. For example, for changing Conflicts= a replacement file is necessary.

Revert to vendor version

To revert any changes to a unit made using systemctl edit do:

# systemctl revert unit

Examples

For example, if you simply want to add an additional dependency to a unit, you may create the following file:

/etc/systemd/system/unit.d/customdependency.conf
[Unit]
Requires=new dependency
After=new dependency

As another example, in order to replace the ExecStart directive for a unit that is not of type oneshot, create the following file:

/etc/systemd/system/unit.d/customexec.conf
[Service]
ExecStart=
ExecStart=new command

Note how ExecStart must be cleared before being re-assigned [1]. The same holds for every item that can be specified multiple times, e.g. OnCalendar for timers.

One more example to automatically restart a service:

/etc/systemd/system/unit.d/restart.conf
[Service]
Restart=always
RestartSec=30

Targets

Tango-edit-clear.pngThis article or section needs language, wiki syntax or style improvements. See Help:Style for reference.Tango-edit-clear.png

Reason: Unclear description, copy-pasted content (explicitly mentions "Fedora"). (Discuss in "Targets"_more_clearly Talk:Systemd#Make section "Targets" more clearly)

systemd uses targets to group units together via dependencies and as standardized synchronization points. They serve a similar purpose as runlevels but act a little different. Each target is named instead of numbered and is intended to serve a specific purpose with the possibility of having multiple ones active at the same time. Some targets are implemented by inheriting all of the services of another target and adding additional services to it. There are systemd targets that mimic the common SystemVinit runlevels so you can still switch targets using the familiar telinit RUNLEVEL command.

Get current targets

The following should be used under systemd instead of running runlevel:

$ systemctl list-units --type=target

Create custom target

The runlevels that held a defined meaning under sysvinit (i.e., 0, 1, 3, 5, and 6); have a 1:1 mapping with a specific systemd target. Unfortunately, there is no good way to do the same for the user-defined runlevels like 2 and 4. If you make use of those it is suggested that you make a new named systemd target as /etc/systemd/system/your target that takes one of the existing runlevels as a base (you can look at /usr/lib/systemd/system/graphical.target as an example), make a directory /etc/systemd/system/your target.wants, and then symlink the additional services from /usr/lib/systemd/system/ that you wish to enable.

Mapping between SysV runlevels and systemd targets

SysV Runlevel systemd Target Notes
0 runlevel0.target, poweroff.target Halt the system.
1, s, single runlevel1.target, rescue.target Single user mode.
2, 4 runlevel2.target, runlevel4.target, multi-user.target User-defined/Site-specific runlevels. By default, identical to 3.
3 runlevel3.target, multi-user.target Multi-user, non-graphical. Users can usually login via multiple consoles or via the network.
5 runlevel5.target, graphical.target Multi-user, graphical. Usually has all the services of runlevel 3 plus a graphical login.
6 runlevel6.target, reboot.target Reboot
emergency emergency.target Emergency shell

Change current target

In systemd targets are exposed via target units. You can change them like this:

# systemctl isolate graphical.target

This will only change the current target, and has no effect on the next boot. This is equivalent to commands such as telinit 3 or telinit 5 in Sysvinit.

Change default target to boot into

The standard target is default.target, which is a symlink to graphical.target. This roughly corresponds to the old runlevel 5.

To verify the current target with systemctl:

$ systemctl get-default

To change the default target to boot into, change the default.target symlink. With systemctl:

# systemctl set-default multi-user.target
Removed /etc/systemd/system/default.target.
Created symlink /etc/systemd/system/default.target -> /usr/lib/systemd/system/multi-user.target.

Alternatively, append one of the following kernel parameters to your bootloader:

  • systemd.unit=multi-user.target (which roughly corresponds to the old runlevel 3),
  • systemd.unit=rescue.target (which roughly corresponds to the old runlevel 1).

Default target order

Systemd chooses the default.target according to the following order:

  1. Kernel parameter shown above
  2. Symlink of /etc/systemd/system/default.target
  3. Symlink of /usr/lib/systemd/system/default.target

Temporary files

"systemd-tmpfiles creates, deletes and cleans up volatile and temporary files and directories." It reads configuration files in /etc/tmpfiles.d/ and /usr/lib/tmpfiles.d/ to discover which actions to perform. Configuration files in the former directory take precedence over those in the latter directory.

Configuration files are usually provided together with service files, and they are named in the style of /usr/lib/tmpfiles.d/program.conf. For example, the Samba daemon expects the directory /run/samba to exist and to have the correct permissions. Therefore, the samba package ships with this configuration:

/usr/lib/tmpfiles.d/samba.conf
D /run/samba 0755 root root

Configuration files may also be used to write values into certain files on boot. For example, if you used /etc/rc.local to disable wakeup from USB devices with echo USBE > /proc/acpi/wakeup, you may use the following tmpfile instead:

/etc/tmpfiles.d/disable-usb-wake.conf
#    Path                  Mode UID  GID  Age Argument
w    /proc/acpi/wakeup     -    -    -    -   USBE

See the systemd-tmpfiles(8) and tmpfiles.d(5) man pages for details.

Note: This method may not work to set options in /sys since the systemd-tmpfiles-setup service may run before the appropriate device modules is loaded. In this case you could check whether the module has a parameter for the option you want to set with modinfo module and set this option with a config file in /etc/modprobe.d. Otherwise you will have to write a udev rule to set the appropriate attribute as soon as the device appears.

Timers

A timer is a unit configuration file whose name ends with .timer and encodes information about a timer controlled and supervised by systemd, for timer-based activation. See systemd/Timers.

Note: Timers can replace cron functionality to a great extent. See systemd/Timers#As a cron replacement.

Mounting

systemd is in charge of mounting the partitions and filesystems specified in /etc/fstab. The systemd-fstab-generator(8) translates all the entries in /etc/fstab into systemd units, this is performed at boot time and whenever the configuration of the system manager is reloaded.

systemd extends the usual fstab capabilities and offers additional mount options. These affect the dependencies of the mount unit, they can for example ensure that a mount is performed only once the network is up or only once another partition is mounted. The full list of specific systemd mount options, typically prefixed with x-systemd., is detailed in systemd.mount(5).

An example of these mount options in the context of automounting, which means mounting only when the resource is required rather than automatically at boot time, is provided in fstab#Automount with systemd.

GPT partition automounting

On a GPT partitioned disk systemd-gpt-auto-generator(8) will mount partitions following the Discoverable Partitions Specification, thus they can be omitted from fstab.

The automounting for a partition can be disabled by changing the partition's type GUID or setting the partition attribute bit 63 "do not automount", see gdisk#Prevent GPT partition automounting.

systemd-sysvcompat

systemd-sysvcompat (required by base) primary role is to provide the traditional linux init binary. For systemd controlled systems, init is just a symbolic link to its systemd executable.

In addition, it also provides 6 convenience short cuts that SysVinit users might be used to. The convenience short cuts are halt(8), poweroff(8), reboot(8), runlevel(8), shutdown(8), and telinit(8). Each one of those 6 commands is a symbolic link to systemctl, and governed by systemd behavior. Therefore, the discussion at #Power management applies to halt, poweroff, reboot and shutdown. The discussion at #Mapping between SysV runlevels and systemd targets applies to runlevel and telinit.

Systemd based systems can give up those System V compatibility methods by using the init= boot parameter (see, for example, [solved] /bin/init is in systemd-sysvcompat ?) and systemd native systemctl command arguments.

Tips and tricks

Running services after the network is up

To delay a service after the network is up, include the following dependencies in the .service file:

/etc/systemd/system/foo.service
[Unit]
...
Wants=network-online.target
After=network-online.target
...

The network wait service of the particular application that manages the network, must also be enabled so that network-online.target properly reflects the network status.

  • If using NetworkManager, NetworkManager-wait-online.service is enabled together with NetworkManager.service. Check if this is the case with systemctl is-enabled NetworkManager-wait-online.service. If it is not enabled, then reenable NetworkManager.service.
  • In the case of netctl, enable the netctl-wait-online.service.
  • If using systemd-networkd, systemd-networkd-wait-online.service is enabled together with systemd-networkd.service. Check if this is the case with systemctl is-enabled systemd-networkd-wait-online.service.

For more detailed explanations see Running services after the network is up in the systemd wiki.

Enable installed units by default

Tango-view-fullscreen.pngThis article or section needs expansion.Tango-view-fullscreen.png

Reason: How does it work with instantiated units? (Discuss in Talk:Systemd#)

Arch Linux ships with /usr/lib/systemd/system-preset/99-default.preset containing disable *. This causes systemctl preset to disable all units by default, such that when a new package is installed, the user must manually enable the unit.

If this behavior is not desired, simply create a symlink from /etc/systemd/system-preset/99-default.preset to /dev/null in order to override the configuration file. This will cause systemctl preset to enable all units that get installed—regardless of unit type—unless specified in another file in one systemctl preset's configuration directories. User units are not affected. See systemd.preset(5) for more information.

Note: Enabling all units by default may cause problems with packages that contain two or more mutually exclusive units. systemctl preset is designed to be used by distributions and spins or system administrators. In the case where two conflicting units would be enabled, you should explicitly specify which one is to be disabled in a preset configuration file as specified in the manpage for systemd.preset.

Sandboxing application environments

A unit file can be created as a sandbox to isolate applications and their processes within a hardened virtual environment. systemd leverages namespaces, white-/blacklisting of Capabilities, and control groups to container processes through an extensive execution environment configuration.

The enhancement of an existing systemd unit file with application sandboxing typically requires trial-and-error tests accompanied by the generous use of strace, stderr and journalctl error logging and output facilities. You may want to first search upstream documentation for already done tests to base trials on.

Some examples on how sandboxing with systemd can be deployed:

  • CapabilityBoundingSet defines a whitelisted set of allowed capabilities, but may also be used to blacklist a specific capability for a unit.
    • The CAP_SYS_ADM capability, for example, which should be one of the goals of a secure sandbox: CapabilityBoundingSet=~ CAP_SYS_ADM

Troubleshooting

Investigating systemd errors

As an example, we will investigate an error with systemd-modules-load service:

1. Lets find the systemd services which fail to start at boot time:

$ systemctl --state=failed
systemd-modules-load.service   loaded failed failed  Load Kernel Modules

Another way is to live log systemd messages:

$ journalctl -fp err

2. Ok, we found a problem with systemd-modules-load service. We want to know more:

$ systemctl status systemd-modules-load
systemd-modules-load.service - Load Kernel Modules
   Loaded: loaded (/usr/lib/systemd/system/systemd-modules-load.service; static)
   Active: failed (Result: exit-code) since So 2013-08-25 11:48:13 CEST; 32s ago
     Docs: man:systemd-modules-load.service(8).
           man:modules-load.d(5)
  Process: 15630 ExecStart=/usr/lib/systemd/systemd-modules-load (code=exited, status=1/FAILURE)

If the Process ID is not listed, just restart the failed service with systemctl restart systemd-modules-load

3. Now we have the process id (PID) to investigate this error in depth. Enter the following command with the current Process ID (here: 15630):

$ journalctl _PID=15630
-- Logs begin at Sa 2013-05-25 10:31:12 CEST, end at So 2013-08-25 11:51:17 CEST. --
Aug 25 11:48:13 mypc systemd-modules-load[15630]: Failed to find module 'blacklist usblp'
Aug 25 11:48:13 mypc systemd-modules-load[15630]: Failed to find module 'install usblp /bin/false'

4. We see that some of the kernel module configs have wrong settings. Therefore we have a look at these settings in /etc/modules-load.d/:

$ ls -Al /etc/modules-load.d/
...
-rw-r--r--   1 root root    79  1. Dez 2012  blacklist.conf
-rw-r--r--   1 root root     1  2. Mär 14:30 encrypt.conf
-rw-r--r--   1 root root     3  5. Dez 2012  printing.conf
-rw-r--r--   1 root root     6 14. Jul 11:01 realtek.conf
-rw-r--r--   1 root root    65  2. Jun 23:01 virtualbox.conf
...

5. The Failed to find module 'blacklist usblp' error message might be related to a wrong setting inside of blacklist.conf. Lets deactivate it with inserting a trailing # before each option we found via step 3:

/etc/modules-load.d/blacklist.conf
# blacklist usblp
# install usblp /bin/false

6. Now, try to start systemd-modules-load:

# systemctl start systemd-modules-load

If it was successful, this should not prompt anything. If you see any error, go back to step 3 and use the new PID for solving the errors left.

If everything is ok, you can verify that the service was started successfully with:

$ systemctl status systemd-modules-load
systemd-modules-load.service - Load Kernel Modules
   Loaded: loaded (/usr/lib/systemd/system/systemd-modules-load.service; static)
   Active: active (exited) since So 2013-08-25 12:22:31 CEST; 34s ago
     Docs: man:systemd-modules-load.service(8)
           man:modules-load.d(5)
 Process: 19005 ExecStart=/usr/lib/systemd/systemd-modules-load (code=exited, status=0/SUCCESS)
Aug 25 12:22:31 mypc systemd[1]: Started Load Kernel Modules.

Diagnosing boot problems

systemd has several options for diagnosing problems with the boot process. See boot debugging for more general instructions and options to capture boot messages before systemd takes over the boot process. Also see the systemd debugging documentation.

Diagnosing a service

If some systemd service misbehaves or you want to get more information about what is happening, set the SYSTEMD_LOG_LEVEL environment variable to debug. For example, to run the systemd-networkd daemon in debug mode:

Add a drop-in file for the service adding the two lines:

[Service]
Environment=SYSTEMD_LOG_LEVEL=debug

Or equivalently, set the environment variable manually:

# SYSTEMD_LOG_LEVEL=debug /lib/systemd/systemd-networkd

then restart systemd-networkd and watch the journal for the service with the -f/--follow option.

Shutdown/reboot takes terribly long

If the shutdown process takes a very long time (or seems to freeze) most likely a service not exiting is to blame. systemd waits some time for each service to exit before trying to kill it. To find out if you are affected, see this article.

Short lived processes do not seem to log any output

If journalctl -u foounit does not show any output for a short lived service, look at the PID instead. For example, if systemd-modules-load.service fails, and systemctl status systemd-modules-load shows that it ran as PID 123, then you might be able to see output in the journal for that PID, i.e. journalctl -b _PID=123. Metadata fields for the journal such as _SYSTEMD_UNIT and _COMM are collected asynchronously and rely on the /proc directory for the process existing. Fixing this requires fixing the kernel to provide this data via a socket connection, similar to SCM_CREDENTIALS. In short, it is a bug. Keep in mind that immediately failed services might not print anything to the journal as per design of systemd.

Boot time increasing over time

After using systemd-analyze a number of users have noticed that their boot time has increased significantly in comparison with what it used to be. After using systemd-analyze blame NetworkManager is being reported as taking an unusually large amount of time to start.

The problem for some users has been due to /var/log/journal becoming too large. This may have other impacts on performance, such as for systemctl status or journalctl. As such the solution is to remove every file within the folder (ideally making a backup of it somewhere, at least temporarily) and then setting a journal file size limit as described in Systemd/Journal#Journal size limit.

systemd-tmpfiles-setup.service fails to start at boot

Starting with systemd 219, /usr/lib/tmpfiles.d/systemd.conf specifies ACL attributes for directories under /var/log/journal and, therefore, requires ACL support to be enabled for the filesystem the journal resides on.

See Access Control Lists#Enable ACL for instructions on how to enable ACL on the filesystem that houses /var/log/journal.

systemd version printed on boot is not the same as installed package version

You need to regenerate your initramfs and the versions should match.

Tip: A pacman hook can be used to automatically regenerate the initramfs every time systemd is upgraded. See this forum thread and Pacman#Hooks.

Disable emergency mode on remote machine

You may want to disable emergency mode on a remote machine, for example, a virtual machine hosted at Azure or Google Cloud. It is because if emergency mode is triggered, the machine will be blocked from connecting to network.

# systemctl mask emergency.service
# systemctl mask emergency.target

See also