Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
documentation.suse.com / Introduction to systemd Basics

Introduction to systemd Basics

Publication Date: 27 Sep 2024
WHAT?

systemd is used to manage system settings and services. systemd organizes tasks into components called units and groups of units into targets.

WHY?

Learn about the basics of systemd, which include essential functionalities such as service management, dependency tracking, logging, resource management, socket activation and system control.

EFFORT

20 minutes of reading time.

REQUIREMENTS
  • Basic understanding of Linux commands

  • Basic understanding of Linux processes, daemons, and control groups

1 What is systemd?

systemd is a system and service manager for Linux operating systems. It is the default initialization system for major Linux distributions. systemd is not directly initiated by the user, but installed through the /sbin/init and started during the early boot. systemd acts as the init system that brings up and maintains user space services when run as the first process on boot (PID 1). PID 1 is known as init and is the first Linux user-mode process created. It runs until the system shutdown.

systemd owns PID 1, and is started directly by the kernel. All other processes are started directly by systemd or one of its child processes. systemd mounts the host's file system and manages temporary files. It is backward compatible with the SysV init scripts. SysV is an initialization system that predates systemd.

In systemd, a unit is a resource that the system knows how to operate on and manage. This is the primary object that the systemd tools use. These resources are defined with configuration files called unit files.

systemctl is the central management tool for controlling the init system. It is used to examine and control the state of the systemd system and service manager.

Targets in systemd are groups of related units that act as synchronization points during a system boot. Target unit files have a .target file extension. Target units group together various systemd units through a chain of dependencies.

For troubleshooting, you can use journalctl, which is used to query and display log messages from the systemd journal.

For more information on systemd, you can refer to https://systemd.io and man 1 systemd.

2 About the systemd boot process

The first step in the boot process is to load the Linux kernel, which is the main component of the Linux operating system. Once the kernel is loaded, it initializes the hardware and starts the systemd process, which is the first process that runs on the system.

2.1 Linux boot process

The Linux boot process is the initial stage of the operating system's startup. It is the process by which the operating system loads the memory, initializes the components and prepares to execute user applications.

The Linux boot process is divided into four main stages:

Stage 1: BIOS

When you power on your computer, your computer starts BIOS (Basic Input/Output System) and performs a POST (Power On Self Test). This is an integrity check that probes the hardware functionality of components such as hard disks, SSD, keyboard, RAM, USB ports and any other hardware. If the hardware works as expected, the boot process moves on to the next stage.

Stage 2: The boot loader

Once POST is complete, BIOS searches for and loads the boot loader program stored in the MBR (Master Boot Record). The MBR is a 512-byte code that is usually located at /dev/sda or /dev/hda depending on your hard drive architecture. The MBR can also be located on a live USB or DVD installation of Linux. BIOS loads and executes this MBR code.

There are three main boot loaders in Linux: LILO, GRUB and GRUB2. The GRUB2 (Grand Unified Bootloader) boot loader is the latest and primary boot loader in modern Linux distributions. The GRUB2 configuration file is located at /boot/grub2/grub2.cfg. Once BIOS locates the GRUB2 boot loader, It executes and loads it into the main memory (RAM).

Stage 3: Linux kernel initialization

The Linux kernel is the heart of the operating system. In your Linux system, the kernel interfaces with the hardware, controls memory management and manages processes. The boot loader loads the selected Linux kernel. The kernel self extracts from a compressed version and mounts the root file system. It then runs the /sbin/init program.

Stage 4: systemd

The kernel loads systemd, which is a system and service manager for Linux operating systems. systemd then runs all the other initialization processes.

2.2 Boot process with systemd

Once the kernel loads systemd, systemd takes over and starts the other system services that are required to bring the system up and running. This includes services such as networking service, the login manager, etc.

The boot process is parallelized in the order in which specific target units are executed. systemd uses the /etc/systemd/system/default.target file to determine the target that the Linux system should boot into. This file is a link to graphical.target which boots the graphical login manager. systemd activates all target units that are dependencies of default.target as well as recursively all dependencies of these dependencies. Once all the services are started, your system is ready to use and the login manager displays. You can now log in and start using the system.

2.3 Analyzing the system boot process performance with the systemd-analyze command

Use the systemd-analyze command to analyze the performance of the system boot process. The command can also be used to retrieve other state and tracing information from the system and service manager. It is used to check that unit files are correct and also to access special functions useful for advanced system manager debugging.

Some examples include:

Viewing the time it takes for the system to boot
> systemd-analyze time
Startup finished in 3.404s (kernel) + 2.415s (initrd) + 13.125s (userspace) = 18.945s
graphical.target reached after 13.117s in userspace
Getting a high-level overview of the boot process, which includes services that are started and the time it takes for each service to start
> systemd-analyze critical-chain
  The time when unit became active or started is printed after the "@" character.
  The time the unit took to start is printed after the "+" character.

  graphical.target @13.117s
  └─multi-user.target @13.117s
    └─getty.target @13.117s
      └─getty@tty1.service @13.116s
        └─plymouth-quit-wait.service @10.775s +2.338s
          └─systemd-user-sessions.service @10.769s +3ms
            └─remote-fs.target @10.764s
              └─iscsi.service @10.747s +16ms
                └─network-online.target @10.744s
                  └─NetworkManager-wait-online.service @1.547s +9.197s
                    └─NetworkManager.service @1.507s +37ms
                      └─network-pre.target @1.504s
                        └─wpa_supplicant.service @2.341s +5ms
                          └─dbus.service @1.042s
                            └─basic.target @1.036s
                              └─sockets.target @1.036s
                                └─snapd.socket @1.035s +590us
                                  └─sysinit.target @1.030s
                                    └─systemd-update-utmp.service @1.025s +5ms
                                      └─auditd.service @976ms +47ms
                                        └─systemd-tmpfiles-setup.service @964ms +9ms
                                          └─local-fs.target @962ms
                                            └─snapd.mounts.target @961ms
                                              └─snap-core18-2796.mount @417ms +543ms
                                                └─dev-loop9.device @961ms +628us

This command prints a tree of time-critical units either for each of the specified units or for the default target. The initialization of services might depend on socket activation and the parallel execution of units. Similar to the blame command, it displays the time taken by a unit to activate, which is not defined for units like device units that transition directly to active state.

Viewing a list of services started during the boot process and displayed according to the time taken by each service
> systemd-analyze blame
  9.197s NetworkManager-wait-online.service
  4.002s fwupd.service
  2.338s plymouth-quit-wait.service
  1.282s dracut-pre-udev.service
  1.062s sys-devices-platform-serial8250-tty-ttyS0.device
  1.062s dev-ttyS0.device
  1.061s dev-ttyS1.device
  1.061s sys-devices-platform-serial8250-tty-ttyS1.device
  1.060s dev-ttyS11.device
  1.060s sys-devices-platform-serial8250-tty-ttyS11.device
  1.059s sys-devices-platform-serial8250-tty-ttyS13.device
  1.059s dev-ttyS13.device
  1.059s sys-devices-platform-serial8250-tty-ttyS10.device
  1.059s dev-ttyS10.device
  1.058s sys-devices-platform-serial8250-tty-ttyS14.device
  1.058s dev-ttyS14.device
  1.058s dev-ttyS12.device
  1.058s sys-devices-platform-serial8250-tty-ttyS12.device
  1.056s sys-devices-platform-serial8250-tty-ttyS17.device

The initialization of one service might be slow because it is waiting for another service initialization to complete. It displays the time taken by a unit to activate, which is not defined for units like device units that transition directly to active state. This command does not display results for services with Type=simple because systemd considers these services to be started immediately, hence the initialization delays cannot be analyzed.

Generating a vector graphics file that displays the events that take place during the boot process
> systemd-analyze plot > /temp/sample.svg

This command creates a SVG file in the temp directory. The SVG file is a text file that defines a set of graphics vectors that applications such as LibreOffice Draw use to generate a graph.

3 Structure of a unit file

In systemd, a unit refers to any resource that the system knows how to operate on and manage. This is the primary object that the systemd tools use. These resources are defined using configuration files called unit files. Administration is easier when you understand unit files when working with systemd. Unit files use a simple declarative syntax that allows you to see easily the purpose and effects of a unit upon activation. Unit files have sections with directives, for example:

        [Section]
        Directive1=value
        Directive2=value
        . . .

Unit file types include the following sections:

[Unit]

The first section found in most unit files is the [Unit] section. This section is used to define the metadata of the unit file and configure the relationship of the unit file to other unit files. This section is usually placed at the top because it provides an overview of the unit file.

[Automount] / [Mount] / [Path] / [Service] / [Slice] / [Socket] /[Swap] / [Timer]

Sections containing directives that are specific to the respective type. See Section 4, “Unit file types” for a list of available types. Note that the types device, target, snapshot and scope do not have a type-specific section.

[Install]

This is often the last section in the unit file and is optional. This section is used to define the behavior of a unit file when it is enabled or disabled. When you enable a unit file, it automatically starts at boot. Based on the specific unit, there could be a dependency on other related units to work properly. For example, chrony requires the directives After, Wants, and Before, which are all dependencies for chrony to work with.

Example 1: A systemd service file
[Unit]
Description=usbguard 1

[Service]
ExecStart=/usr/sbin/usb-daemon 2

[Install]
WantedBy=multi-user.target 3

1

A brief and meaningful description explaining the service file's purpose.

2

Specifies the program to be executed when the service is started.

3

Starts a multi-user system with networking, and no graphical environment. This directive allows you to specify a dependency relationship.

4 Unit file types

You can determine the type of unit by its file extension. systemd categorizes units according to the type of resource they describe.

Types of unit files available for systemd:

.service

Describes how to manage a service or application. This includes how to start or stop the service, reload its configuration file (if applicable), under what conditions the service starts automatically, and the dependency or the hierarchy information for related unit files.

.scope

This unit file is automatically created by systemd from the information received from the D-Bus interface and is used to manage sets of system processes that are created externally.

.path

Defines a path for path-based activation. By default, a .service unit file of the same base name is activated. inotify is a kernel API that is used by programs that want to be notified about changes to files.

.snapshot

The systemctl snapshot command automatically creates a .snapshot unit file. This command creates temporary snapshots of the current state of the system. You can modify the current state of the system after making changes. Snapshots are used for rolling back temporary states.

.timer

Defines a timer that is managed by systemd. This is similar to a cron job for delayed or scheduled activation. A unit file with the same name, but with file extension .service is started when the timer is reached.

.slice

Associate Linux Control Group nodes, which allow resources to be assigned or restricted to any processes associated with the slice. The name indicates the hierarchy within the control group tree. Units are placed in slices by default depending on their type.

.target

Provides synchronization for other units during a boot up or a change in state, or brings the system to a new state. Other units specify their relation to targets in order to sync with the target's operations.

.socket

Describes a network, an IPC socket, or a FIFO buffer that systemd uses for socket-based activation. There is an associated .service file that starts when an activity is seen on the socket that this unit defines.

.device

Defines a device that has been designated for systemd management by udev or sysfs file system. Not all devices have the .device file. This unit file is required when ordering, mounting, or accessing a device.

.swap

Defines the swap space on the system. The name of the unit file must reflect the device or file path of the space.

.mount

Defines a mount point on the system to be managed by systemd. This file is named after the mount path, with the slashes changed to dashes. Entries within /etc/fstab can have units created automatically.

.automount

Defines a mount point that is automatically mounted. Name the file after the mount point that it refers to. A matching .mount unit file is required to define the specifics of the mount.

5 Unit dependencies and order

systemd has two types of dependencies: requirement and order dependencies. Requirement dependencies specify which other units must be either started or stopped when activating a unit. Order dependencies specify the order in which units must be started.

Unit dependencies

Unit files have the dependencies feature. A unit may want or require one or more other units before it can run. These dependencies are set in unit files with the directives Wants and Requires.

Wants

For example, if unit A has Wants=unit B, when unit A is run, unit B runs as well. But if unit B starts successfully or not, does not have an influence on unit A running successfully.

Requires

If unit A has Requires=unit B, both units run but if unit B does not run successfully, unit A is deactivated. It does not matter if the processes of unit A would have run successfully.

Unit order

Without proper instructions, systemd can run a group of units at the same time. Starting services in the right order is important for a good functioning of the Linux system. You can arrange the order with the unit file directives Before and After.

Before

For example, if unit A has Before=unit B, when both units are run, unit A is executed fully before unit B.

After

If unit A has After=unit B, when both units are run, unit B is executed fully before unit A.

6 Logging

Log files and journals are important for system administration. They give in-depth information about a system and are very important for troubleshooting and auditing. Log files contain events and messages generated by the kernel, applications, and users that log into the system. You can use the journalctl command to query the journal. This command views logs collected by systemd. The systemd-journald service handles systemd's log collection. systemd-journald saves the events and messages in a binary format.

7 systemd targets

systemd uses units and targets. A systemd unit defines a service or action on the system, which consists of a name, type, and configuration file. A systemd target combines several units and defines which services have to be started to reach the target. On a server, for example, this is a state where the network is running and multiple users can log in. These files are identified by the suffix .target.

Similar to unit files, different targets may be nested via dependencies. For example, multi-user.target requires (among others) the targets that set up login and user session services.

Common systemd targets:

default.target

Boots by default. The default.target file is a symbolic link to the true target file, such as graphical.target for a desktop workstation. For a server, it is usually graphical.target.

poweroff.target

Shuts down and powers off the system.

rescue.target

Target unit that pulls the base system and starts a rescue shell session.

multi-user.target

Sets up a non-graphical (console) multi-user system.

graphical.target

Uses a graphical multi-user system with network services.

reboot.target

Shuts down and reboots the system.

For more information on systemd targets, refer to man 5 systemd.target and man 7 systemd.special.

8 Using systemd as a regular user

You can use systemd as a regular user for better security or when you do not have root user privileges. Running an unprivileged service can be done by creating a user service.

When creating and using a user service, consider the following:

  • User service sessions are terminated when the user's session ends. This can be overridden by using the loginctl enable-linger USERNAME command.

  • User service files are located in /etc/systemd/user or $HOME/.config/systemd/user/.

  • You can control user services with the systemctl --user command.

9 systemctl commands overview

The systemctl command is used to examine and control the state of systemd and service manager.

You can use the following common systemctl commands and refer to the man systemctl page.

9.1 Viewing systemd information

To view information about systemd components, you can use the following commands:

systemctl list-units

Lists the systemd units. You can use the optional arguments: --state=running to show the active units and --type=service to show the exited and active units.

systemctl list-unit-files

Lists the systemd units and the status, such as static, generated, disabled, alias, masked, and enabled.

systemctl list-dependencies

Lists the dependency tree.

systemctl list-dependencies UNIT_FILE

Lists the dependencies of a unit file.

9.2 Managing systemd services

The systemctl command enables you to perform the following tasks with services.

systemctl status SERVICE

Checks the status of the specific service.

systemctl show SERVICE

Displays the service information.

systemctl start SERVICE

Instead of manually starting the service, use the start command. When a change is made to the configuration file, the related service must be started again.

systemctl stop SERVICE

Stops a specific running service.

systemctl restart SERVICE

Instead of manually restarting the service, use the restart command. When a change is made to the configuration file, the related service must be restarted again.

systemctl enable SERVICE

Enables the service on boot.

systemctl disable SERVICE

Disables the service on boot.

systemctl reload-or-restart SERVICE

Reload the service if it supports reloading, otherwise it restarts the service. If the service is not running, it is restarted.

systemctl mask SERVICE

When a service is masked, this means the unit file is symlinked to /dev/null. A symlink for a masked service is created from /etc/systemd/system to point to /dev/null. This makes it impossible to load the service even if another enabled service requires it. It must be stopped manually, or it continues to run in the background. You can use --runtime option to only mask temporarily until the next reboot of the system.

Created symlink /etc/systemd/system/FOSSLinux.service → /dev/null.
systemctl unmask SERVICE

Unmasks the service. It is effective when the system is started or restarted manually.

9.3 Managing system states

The systemctl command enables you to perform power management processes on your system, like restarting, shutting down and so on, as described below.

systemctl reboot

Reboots the system reboot.target.

systemctl poweroff

Powers off the system poweroff.target.

systemctl emergency

Goes into the emergency mode emergency.target.

systemctl default

Goes back to default target multi-user.target.

10 systemd troubleshooting

You can use the following troubleshooting tips to identify and resolve issues with systemd services and ensure a smooth system operation.

Check the syntax of your systemd unit file with the systemd-analyze verify SERVICE

Before starting or enabling a systemd service, check the syntax of the unit file to ensure there are no errors. For example:

> sudo systemd-analyze verify /etc/systemd/system/my-custom-service.service

The command analyzes the unit file and reports any syntax errors, missing files, or other issues. You must fix any reported issues before enabling and starting the service.

Check the logs for your service with the journalctl -u SERVICE command

If you experience any issue with a systemd service, check the service's log. For example:

> sudo  journalctl -u my-custom-service.service

The command displays logs for the specified service, including any error messages, warnings, or other relevant information. You can use these logs to identify and fix issues with the service.

Use the systemd-analyze plot command to visualize the boot process

If a service is causing issues during the boot process, you can use the systemd-analyze plot command to visualize the boot process and identify issues. For example:

> sudo systemd-analyze plot > boot-plot.svg

The command creates an SVG file called boot-plot.svg that contains a graphical representation of the boot process and potential issues. This includes the start and stop time of each service. You can open this file in an SVG-compatible image viewer or Web browser to analyze services that are causing issues during the boot process.

Troubleshoot failed services

To find out which services have failed and to inspect the log output:

> sudo systemctl --state=failed
Check the runtime status of a service

To find out the current runtime status of a service:

> sudo systemctl status SERVICE
Shutdown or reboot takes long

If the shutdown or reboot takes long, it could be a service that is not exiting. systemd waits for some time for each service to exit before trying to terminate it. A common issue is a suspended service or a stalled shutdown. To find out, use the following:

> sudo systemctl poweroff
  Failed to power off system via logind: There's already a shutdown or sleep operation in progress
> sudo systemctl list-jobs

You can cancel the running and waiting jobs, and again shut down or reboot:

> sudo systemctl cancel
> sudo systemctl stop systemd-suspend.service

11 systemd best practices

You can follow some of the best practices to ensure efficient systemd services that are equipped to handle different situations.

Check the runtime status of a service

To find out the current runtime status of a service:

> sudo systemctl status SERVICE
Use absolute path in your systemd unit file

Use an absolute path for executable files and required files, such as configuration files or scripts in your systemd unit file. systemd does not rely on the user's environment variables like $PATH to locate files.

Use the ExecReload directive

Use the ExecReload directive in the [SERVICE] section when you want to define a specific command that should be executed when you reload a service with the systemctl reload command. This is useful for services that can dynamically reload their configuration without a restart.

[Service]
ExecStart=PATH_TO_EXECUTABLE
ExecReload=PATH_TO_RELOAD_SCRIPT
Use the RestartSec directive

Use the RestartSec directive in the [SERVICE] section when you want to define a delay (in seconds) before the service is restarted after a failure. This is useful for services that require a specified time to release resources or prevent rapid restart loops that can cause high system load.

[Service]
ExecStart=PATH_TO_EXECUTABLE
Restart=on-failure
RestartSec=5
Disable emergency mode on a remote machine

You can disable emergency mode on a remote machine, for example, a virtual machine hosted on Google Cloud. If this mode is enabled, the machine is blocked from connecting to the network. For example:

> sudo systemctl mask emergency.service
> sudo systemctl mask emergency.target