# LinuxCBT 'systemd' Edition #

Features:
1. System && Service Manager - freedesktop.org/wiki/Software/systemd
a. System
a1. system initialization
a2. power state of machine: up, down, suspended, hybrid, etc.
b. Service Manager
b1. User-space management of daemons (services)
b2. Management of other system units: devices, daemons, sockets, d-bus, etc.
NOTE: 'systemd' is an all-encompassing system manager for Linux which stands in
stark contrast to typicaly, conventional Unix | Linux philosophy of simplicity o
f various services, executables, functions, etc.
2. 'systemd' is NOT for other *Nixes - exclusively a Linux management framework
a. Some portability is lost, however, many Linux-specific features are gained
3. New INIT system - Most major distros now use: 'systemd': i.e. Debian, RedHat
and SuSE, and eventually: Ubuntu
4. Provides comprehensive unit management: (services(daemons), devices, paths,
etc.)
a. Abstraction of ALL important objects on a Linux system: i.e. hard drive, se
rvice, mount points, etc.
5. Replaces 'upstart' (RedHat, etc.) && 'SysV INIT'
6. Provides faster boot times due to a variety of features:
a. Sockets are created by 'systemd' prior to daemon-invocation: similar to OSX
's 'launchd'
b. i.e. D-Bus requests are queued until the service is ready
7. Manages various facets via 'unit' files (units):
a. Unit files tend to end with a suffix that matches the paricular object type
: i.e. '.service'
b. '.service'(daemons), '.mount'(/etc/fstab), etc., '.path', '.device', '.sock
et', '.target'(run-level), '.snapshot', '.timer'(cron), etc.
8. NOTE: '.service' units replace SysV-style INIT scripts
9. SysV and LSB Init-scripts compatible
NOTE: Don't worry if your program does NOT have a '.service' 'systemd' object fi
le, it's SysV file will be read and processed
10. Service management via: 'systemctl': status | start | stop | restart | enabl
e | disable
11. LOG of start | stop of daemons - includes: PID and Timestamp - audit trail o
f service history
12. Runlevel control - 'targets' REPLACE Runlevels (0(poweroff|shutdown), 1(resc
ue|emergency), 2|3(multi-user), 5(graphical), 6(reboot)
13. State control: emergency, rescue, poweroff, restart, hibernation, suspension
14. 'systemd' units - encapsulation of services, sockets, system state snapshots
, targets, etc.
15. Device-based activation - i.e. hot-plugged device activates corresponding se
rvice(s)
16. Complete LOGs from startup -> shutdown: interim LOGs are buffered to 'kmsg'
LOG then flushed to: /dev/log
17. Parallelization of service invocation at startup significantly expedites sys
tem startup
NOTE: The system may come up much quicker, but services may take longer to be 'r
eady'
18. Management of 'Control Groups' (Kernel features: Hierarchy of labeled proces
ses): '/sys/fs/cgroups'
NOTE: This makes it possible to properly manage parent-child(ren) processes
19. Mount || Automount management

20. Service do NOT inherit environment: $PATH && HOME from current $USER - more
secure
21. Remote invocation/management of remote systems using 'systemctl' via: '-H HO
ST' - relies on passwordless-AUTH(SSH)
NOTE: This, again, is NOT possible with current: SysV environment
22. 'systemd' provides userspace MUCH quicker because of various tricks
23. On-demand (event-drivent) invocation of services: i.e. TTYs (agetty)
# Boot Process #
BIOS -> GRUB -> Kernel/INITRD -> 'init'(PID=1) -> User Space
BIOS -> GRUB -> Kernel/INITRD -> 'systemd'(PID=1) -> User Space (quicker)
Tasks:
1. Evaluate various startup with 'systemd' times, etc.
NOTE: 'tty1' is always spawned regardless of targets: 'multi-user' || 'graphical
'
NOTE: In contrast to typical 'sysvinit' startups, 'systemd' does NOT auto-spawn
ALL TTYs
NOTE: TTYs are spaned on-demand - event-driven(CTRL-ALT-F(NUM))
2. What about 'init'?
a. '/usr/sbin/init -> ../lib/systemd/systemd' - pointer to: 'systemd'
3. What about 'init' runlevels (0..6)
NOTE: Still there, and loosely equivalent to 'systemd' targets
a. 'init 6' - reboots -> 'systemctl reboot'
NOTE: You may still pass 'init' runlevel values on Kernel command line: i.e. '1'
4. Change Boot Targets using 'systemd' notation (targets)
a. 'systemd.unit=TARGET' - i.e. 'multi.user.target'(2|3) || 'rescue.target'(1)
|| 'emergency.target'(1) || 'graphical.target'(5)
NOTE: Old 'sysvinit' runlevel numbers are STILL supported
# Basics | System Info #
Features:
1. A variety of tools to ascertain and make changes to your systemd managed sys
tem
a. Bus data: 'busctl' - what's connected
b. Journal Data: 'journalctl'
c. Logged-in users: 'loginctl'
d. Dynamic hostname control via: 'hostnamectl'
e. Time information: 'timedatectl'
f. Locale control: 'localectl'
Tasks:
1. 'systemd' -> PID=1' - spawns ALL other user-space processes
2. 'dpkg -l | grep systemd' || 'yum search systemd && rpm -ql systemd'
a. '/etc/systemd' - top-level config container
3. Time control: 'timedatectl'
a. 'timedatectl' - displays current time | date | etc. information
b. 'timedatectl list-timezones' - returns list of possible timezones
c. 'timedatectl set-timezone TZ' - use one from the 'list-timezones' dump
d. 'timedatectl set-time YYYY-MM-DD HH:MM:SS' - sets the time and NTP should h
andle the rest
4. Locale Information: 'localectl'
a. 'localectl list-locales' - some systems have ALL or just the ones needed

5. On-the-fly && persistent HOSTNAME control

NOTE: Multiple names are managed:
a. Pretty Hostname: /etc/machine-info -> LONG HOSTNAME
a1. 'hostnamectl --pretty set-hostname "" '
b. Static Hostname: '/etc/hostname' - standard hostname that is part of the F
QDN
c. Transient Hostname (DHCP-assigned):
6. Bus information - D-Bus Data - 'busctl'
7. Logged-in users - 'loginctl'
a. 'loginctl user-status USER' - shows the full process tree of that user
8. systemd Journal - 'journalct'
# Targets ~ RunLevels #
Fetures:
1. Run-Level control ~ (0..6) - replaces these SysV INIT runlevels
Various Targets:
RunLevel Target
0
(poweroff|shutdown).target
1
(emergency|rescue).target
2-4
(multi-user.target) - sans graphics
5
(graphical.target)
6
(reboot.target)
Tasks:
1. Show the currently loaded targets:
a. 'systemctl -t target'
b. 'systemctl show -p "Requires" graphical.target'
2. Show the DEFAULT target
a. 'systemctl get-default'
3. Navigate Targets: i.e. 'init N(0..6)'
a. 'systemctl isolate TARGET'
NOTE: TTY6 may become your goto TTY when alternating between targets
4. Change Default Target on ALL systems to be 'multi-user.target'
a. 'systemctl get-default' && 'systemctl set-default TARGET'
NOTE: 'init NUM' - still works to achieve the various targets
# 'systemctl' #
Features:
1. Primary management tool for: 'systemd'
2. Replaces various power management commands:
a. 'halt'
b. 'reboot'
c. 'poweroff'
d. 'hibernate'
e. etc.
Tasks:
1. Reboot | Poweroff
a. 'systemctl [--no-wall] reboot [-i]' || 'reboot'(symlinked to: systemctl)'
b. 'systemctl "" poweroff '
c. 'systemctl "" suspend' - dumps state to RAM (faster recovery than 'hibernam
e') (does not persist across power outages on HOST)
NOTE: 'suspend' requires the HOST system to be on in order to preserve the conte
nts of the suspended state
NOTE: Resumption occurs quickly and often will NOT break active SSH sessions

d. 'systemctl "" hibernate' - dumps the state to disk (persists across power o
utages)
2. Service Management with: 'systemctl'
a. 'systemctl [list-units]' - dumps ALL managed units: services, devices, path
s, mounts, sockets, targets, etc.
b. 'systemctl list-sockets' - lists loaded sockets, ordered by address
c. 'systemctl --failed' - lists failed units
d. 'systemctl status [NAME...||[PID...] ] - show runtime stats of unit(s)
d1. 'systemctl ssh apache2' - enumerates status of both services
NOTE: Status returns current status and recent LOG details
e. 'systemctl show [NAME...||[PID...] ] - show runtime stats of unit(s)' - rev
eals properties of the unit(s)
f. 'systemctl --type service' - lists services
f1. 'systemctl --type service | grep tty' - enumerates currently-loaded TTYs
g. 'systemctl --type device' - lists devices
h. 'systemctl --type socket' - lists sockets
3. Manage Service
a. 'systemctl status (apache2|httpd)'
b. 'systemctl (start|stop|reload|restart) (apache2|httpd)'
c. 'systemctl kill (apache2|httpd)'
4. Disable | Enable Services
a. 'systemctl disable (apache2|httpd) && systemctl reboot' - confirm
b. 'systemctl enable (apache2|httpd) '
NOTE: You may still start a disabled service | daemon
# Remote Control #
Features:
1. Execute systemd-related commands on remote targets
2. Provided utilities support the remote option: '-H TARGET'
3. Requires SSH Passwordless-AUTH setup to avoid prompts per invocation
NOTE: For basic, non-privileged tasks using 'systemctl', setup passwordless-AUTH
as non-privileged
i.e. 'linuxcbt' -> 'linuxcbt'(remote target)
Tasks:
1. 'systemctl -H 192.168.75.121' - auto-paginates output received from target
NOTE: Sometimes, output from remote calls is truncated
2. Setup passwordless-AUTH on target systems
a. 'ssh-keygen' - generate a keypair
b. 'ssy-copy-id TARGET'
c. Test passwordless-AUTH on targets using: 'ssh'
3. Re-run 'systemctl' on TARGETs
a. 'systemctl -H 192.168.75.121'
4. Enable 'root' 'systemctl' access on targets
NOTE: If target does NOT allow password-AUTH for 'root' then copy key manually.
Otherwise, use: 'ssh-copy-id'
5. 'systemctl -H 192.168.75.121 -t service'
a. 'systemctl -H 192.168.75.121 status service'
b. 'systemctl -H 192.168.75.121 show service'
c. 'systemctl -H 192.168.75.121 get-default'
d. 'systemctl -H 192.168.75.121 set-default graphical.target'
d1. 'systemctl -H 192.168.75.121 reboot'
d2. 'systemctl -H 192.168.75.121 get-default' - now shows graphical
d3. revert to 'multi-user.target'

6. 'systemd-analyze (time(default)|blame|critical-chain)' - run per-node

NOTE: 'userspace'-related services take the bulk of boot-up time
7. Get Status of services
a. 'systemctl -H 192.168.75.131 -t service'
# Journal Control 'journalctl' #
Features:
1. Comprehensive LOGging - Startup -> Shutdown
2. Binary LOG format: structured, indexed, fast
3. Traps: Boot, Kernel, INITRD, Services(STDOUT/STDERR), SysLOG (syslog-ng/rsys
log-ng/syslog)
4. SYSLOG-style format: i.e. timestamp, calling process, PID, message
5. Maintains a plethora of metadata for each logged message
6. Error messages are colorized: Notice/Warn(Bold), Error+(Red)
7. Auto-pagination (less)
Tasks:
1. Explore 'journalctl' - dumps ALL messages in the current buffer
NOTE: By default, LOGs are maintained in memory: /run/log/journal/machine-id and
are NOT saved (flushed) to disk automatically
NOTE: If you make: '/var/log/journal' - then LOGs will be flushed as needed (siz
e | interval)
a. 'journalctl' - dumps ALL trapped messages since system was brought up
NOTE: System suspension (suspend) dumps its state to RAM, which so long as the H
OST system remains running, journalctl (systemd-journald) data are available
b. '-[k|b]' - 'dmesg' - shows logs from the current boot
c. '-u UNIT' - shows data for specified UNIT: i.e. '-u (httpd|apache2|sshd|eme
rgency.target)'
NOTE: Use 'systemctl -t service' - to get the proper name
d. '/run/log/journal/machine-id'
e. 'mkdir /var/log/journal' - apply to your NODEs to ensure persistence becaus
e default=auto as per: /etc/systemd/journald.conf
f. '--since "2015-06-05 00:00:00 --until now"
g. '_UID=1000'
h. '-f' - LIVE view - i.e. 'watch tail -n 30 /var/log/{messages,syslog}'
i. '-n NUM' - indicates number of lines to return
j. '-r' - reverses the order of LOG entries showing most-recent at the top
k. '-l' - do NOT ellipsisize