Differences between revisions 260 and 282 (spanning 22 versions)
Revision 260 as of 2016-12-31 18:10:58
Size: 12425
Editor: MichaelBiebl
Comment:
Revision 282 as of 2020-07-01 11:11:55
Size: 17143
Editor: ?Gerry
Comment: Fix missing closing bracket
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:
~-[[DebianWiki/EditorGuide#translation|Translation(s)]]: English - [[es/systemd|Español]] - [[fr/systemd|Français]] - [[ru/Systemd|Russian]] -~ ~-[[DebianWiki/EditorGuide#translation|Translation(s)]]: English - [[es/systemd|Español]] - [[fr/systemd|Français]] - [[it/systemd|Italiano]] - [[ko/systemd|한국어]] - [[ru/Systemd|Russian]] - [[pt_BR/systemd|Brasileiro]] - [[zh_CN/Systemd|简体中文]] -~
Line 7: Line 7:
## If your page gets really long, uncomment this Table of Contents
Line 12: Line 11:

DebianPkg:systemd is a system and service manager for Linux. systemd is compatible with SysV and LSB init scripts. It can work as a drop-in replacement for sysvinit. Systemd
DebianPkg:systemd is a system and service manager for Linux. It is the default init system for Debian since [[DebianJessie]]. Systemd is compatible with SysV and LSB init scripts. It can work as a drop-in replacement for sysvinit. Systemd
Line 22: Line 20:
Please see the [[http://www.freedesktop.org/wiki/Software/systemd|upstream]] page for more information.
Systemd runs as a daemon with PID 1.

Systemd tasks are organized as '''units'''. The most common units are services (.service), mount points (.mount), devices (.device), sockets (.socket), or timers (.timer). For instance, starting the secure shell daemon is done by the unit ssh.service.

Systemd puts every service into a dedicated '''control group''' (cgroup) named after the service. Modern kernels support process isolation and resource allocation based on cgroups.

'''Targets''' are groups of units. Targets call units to put the system together. For instance, graphical.target calls all units that are necessary to start a workstation with graphical user interface. Targets can build on top of another or depend on other targets. At boot time, systemd activates the target default.target which is an alias for another target such as graphical.target.

Systemd creates and manages the '''sockets''' used for communication between system components. For instance, it first creates the socket /dev/log and then starts the syslog daemon. This approach has two advantages: Firstly, processes communicating with syslog via /dev/log can be started in parallel. Secondly, crashed services can be restarted without processes that communicate via sockets with them losing their connection. The kernel will buffer the communication while the process restarts.

Please see the [[https://www.freedesktop.org/wiki/Software/systemd|upstream systemd page]] for more information.


== Basic usage ==
systemctl is the main tool used to introspect and control the state of the "systemd" system and service manager. You can use systemctl for instance to enable/disable services permanently or only for the current session. Refer to the [[DebianMan:1/systemctl|systemctl(1)]] manpage for more details.


=== Getting information on system status ===
Show system status:
{{{
$ systemctl status
}}}

List failed units:
{{{
$ systemctl --failed
}}}

List installed unit files:
{{{
$ systemctl list-unit-files
}}}

=== Managing services ===
List all running services:
{{{
$ systemctl
}}}

Activates the service "example1" immediately:
{{{
# systemctl start example1
}}}

Deactivates the service "example1" immediately:
{{{
# systemctl stop example1
}}}

Restarts the service "example1" immediately:
{{{
# systemctl restart example1
}}}

Shows status of the service "example1":
{{{
# systemctl status example1
}}}

Enables "example1" to be started on bootup:
{{{
# systemctl enable example1
}}}

Disables "example1" to not start during bootup:
{{{
# systemctl disable example1
}}}

=== Creating or altering services ===
Units are defined by individual configuration files, called '''unit files'''. The type of the unit is recognized by the file name suffix, .mount in case of a mount point. Unit files provided by Debian are located in the /lib/systemd/system directory. If an identically named local unit file exists in the directory /etc/systemd/system, it will take precedence and systemd will ignore the file in the /lib/systemd/system directory. Some units are created by systemd without a unit file existing in the file system.

System administrators should put new or heavily-customized unit files in '''/etc/systemd/system'''.

For small tweaks to a unit file, system administrators should use the "drop-in directory" feature (documented in [[DebianMan:5/systemd.unit|systemd.unit(5)]]).
 * Start by determining the ''canonical'' systemd service name (e.g. ssh.service, not an alias like sshd.service). We'll use "name.service" for this example.
 * Create the directory /etc/systemd/system/name.service.d
 * Create files inside this directory ending with a ".conf" suffix. For example, /etc/systemd/system/name.service.d/local.conf
 * Each file should contain the section headers and section options to be overridden, using the same format as unit files.

For more information about writing your own services, see [[systemd/Services]].
Line 46: Line 123:
init=/bin/systemd init=/lib/systemd/systemd
Line 52: Line 129:
linux /vmlinuz-3.13-1-amd64 root=/dev/mapper/root-root init=/bin/systemd ro quiet linux /vmlinuz-3.13-1-amd64 root=/dev/mapper/root-root init=/lib/systemd/systemd ro quiet
Line 81: Line 158:
For an up-to-date list, see section "REQUIREMENTS" in the upstream [[http://cgit.freedesktop.org/systemd/systemd/tree/README#n36|README]] file.

=== Managing services with systemd ===
systemctl is the main tool used to introspect and control the state of the "systemd" system and service manager. You can use systemctl for instance to enable/disable services permanently or only for the current session. Refer to the [[DebianMan:1/systemctl|systemctl(1)]] manpage for more details.

==== Some basic use examples ====
List all running services:
{{{
$ systemctl
}}}

Activates the service "example1" immediately:
{{{
# systemctl start example1
}}}
 
Deactivates the service "example1" immediately:
{{{
# systemctl stop example1
}}}

Restarts the service "example1" immediately:
{{{
# systemctl restart example1
}}}

Shows status of the service "example1":
{{{
# systemctl status example1
}}}

Enables "example1" to be started on bootup:
{{{
# systemctl enable example1
}}}

Disables "example1" to not start during bootup:
{{{
# systemctl disable example1
}}}
For an up-to-date list, see section "REQUIREMENTS" in the upstream [[https://cgit.freedesktop.org/systemd/systemd/tree/README#n36|README]] file.
Line 124: Line 163:
=== Failed units ===
In some cases units enter a '''failed state'''. The ''status''command can be used to find out some details:
{{{
$ systemctl status <UNITNAME>
}}}

Failed units can be manually cleared out:
{{{
# systemctl reset-failed
}}}


=== systemd hangs on startup or shutdown ===
Line 150: Line 202:
HINT: Extensive debugging information about systemd is on [[http://freedesktop.org/wiki/Software/systemd/Debugging/|this FreeDesktop page]]. HINT: Extensive debugging information about systemd is on [[https://freedesktop.org/wiki/Software/systemd/Debugging/|this FreeDesktop page]].
Line 159: Line 211:
"Set log level. As argument this accepts a numerical log level or the well-known syslog(3) symbolic names "Set log level. As an argument this accepts a numerical log level or the well-known syslog(3) symbolic names
Line 167: Line 219:
See also [[http://fedoraproject.org/wiki/How_to_debug_Systemd_problems]] See also [[https://fedoraproject.org/wiki/How_to_debug_Systemd_problems]]
Line 175: Line 228:
 * [[https://github.com/systemd/systemd/issues|Check upstream issue tracker]]
 * [[http://bugs.debian.org/cgi-bin/pkgreport.cgi?usertag=pkg-systemd-maintainers@lists.alioth.debian.org|Usertagged bugs in Debian BTS]]
 * [[https://github.com/systemd/systemd/issues|Upstream issue tracker]]
 * [[https://bugs.debian.org/src:systemd|Debian bug tracker]]
 * [[https
://bugs.debian.org/cgi-bin/pkgreport.cgi?usertag=pkg-systemd-maintainers@lists.alioth.debian.org|Usertagged bugs in Debian BTS]]
Line 181: Line 235:

=== sysvinit vs. systemd-sysv ===

Upgrade to sysvinit ≥ 2.88dsf-44.


=== Encrypted swap blocks boot ===

See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712439#70 for a patch.

According to the bug, the patch is no longer required as long as you upgrade to dmsetup 2:1.02.83-1.


=== Booting with lvm (especially with separate /usr) fails ===

Upgrade to lvm2 ≥ 2.02.104-1
Line 213: Line 250:
What you can do now instead, to is to: What you can do now instead, is to:
Line 221: Line 258:
 
The rationale for the change of the default behavior can be found in bug [[https://bugs.debian.org/739593|739593]], in particularily in [[https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739593#54|Lenart's comment]] therein.

The rationale for the change of the default behavior can be found in bug [[https://bugs.debian.org/739593|739593]], particularly in [[https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739593#54|Lenart's comment]] therein.
Line 226: Line 263:
If you happen to reboot/shutdown remote machine over ```ssh``` you may find out that your session isn't terminated properly, leaving you with the non-reacting terminal until long timeout is over. There is a bug [[https://bugs.debian.org/751636|751636]] about it. At the moment the work around this problem is to install: If you happen to reboot/shutdown remote machine over ```ssh``` you may find out that your session isn't terminated properly, leaving you with the non-reacting terminal until long a timeout has been reached. There was bug [[DebianBug:751636|751636]] about it. A workaround to this problem was to install:
Line 231: Line 268:
which will terminate ```ssh``` session before the network is dropped. Please note, that that would require ```PAM``` to be enabled in {{{sshd}}}. which would terminate the ```ssh``` session before the network was dropped. Please note, that that would require ```PAM``` to be enabled in {{{sshd}}}.
Line 261: Line 298:
However, it is generally preferable to add `console=ttyS0` on the kernel commandline, since this also enables kernel output on reboots. This is though by adding the following to `/etc/default/grub`: However, it is generally preferable to add `console=ttyS0` on the kernel commandline, since this also enables kernel output on reboots. This is done by adding the following to `/etc/default/grub`:
Line 269: Line 306:
=== Orphaned processes ===

Because it manages user sessions (taking over the role of X or other components), systemd may slightly change how processes survive a logoff. By default, when X shuts down all processes should exit and systemd will clean up the session, but there are some corner cases where certain processes don't cleanup after themselves properly.

You can configure how systemd manages leftover processes with the `KillUserProcesses=` parameter in [[DebianMan:logind.conf]]. By setting this to `yes`, processes will be forcibly killed when the session terminates. Note that this will break tools like DebianMan:screen or DebianMan:tmux, unless they are configured to run under a distinct `user@.service` unit and if `enable-linger` is set to `yes` in DebianMan:loginctl. A simple way to do this on the fly is to run the program in a "transient scope", using DebianMan:systemd-run:

{{{
systemd-run --scope --user screen
}}}

Now, normally sessions should cleanup after themselves, and such issues should be fixed without having to revert to the `KillUserProcesses=yes` sledgehammer. A good way to list the affected processes is to group them by "control group", with the DebianMan:systemd-cgls command:

{{{
systemd-cgls
}}}

Some known misbehaving applications:

 * DebianPackage:parcimonie - DebianBug:849016
 * DebianPackage:redshift-gtk? - workaround: run as a systemd service, DebianBug:827098
 * DebianPackage:xplanet
Line 272: Line 331:
 * mailing-list @ http://lists.freedesktop.org/mailman/listinfo/systemd-devel  * mailing-list @ https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Line 276: Line 335:
 * mailing-list @ http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers  * mailing-list @ https://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers
Line 282: Line 341:
 * [[http://en.opensuse.org/SDB:Systemd|openSUSE systemd setup instructions]]  * [[https://en.opensuse.org/SDB:Systemd|openSUSE systemd setup instructions]]
Line 311: Line 370:
 * [[http://www.freedesktop.org/wiki/Software/systemd|Upstream Homepage]]
 * [[http://0pointer.net/public/systemd-nluug-2014.pdf|slides]] and [[http://ftp.nluug.nl/video/nluug/2014-11-20_nj14/zaal-2/5_Lennart_Poettering_-_Systemd.webm|video]] about simple security features that can be enabled in service files]]
 * [[https://www.freedesktop.org/wiki/Software/systemd|Upstream Homepage]]
 * [[http://0pointer.net/public/systemd-nluug-2014.pdf|slides]] and [[http://ftp.nluug.nl/video/nluug/2014-11-20_nj14/zaal-2/5_Lennart_Poettering_-_Systemd.webm|video]] about simple security features that can be enabled in service files
 * [[https://alt.org/nethack/dudley/?f=2018.05.05|a nethack systemd comic strip]]
 * [[https://containersolutions.github.io/runbooks/posts/linux/debug-systemd-service-units/|thorough runbook for Debugging Systemd Services]]
Line 317: Line 378:
## This page is referenced from http://www.debian.org/releases/wheezy/amd64/release-notes/ch-whats-new ## This page is referenced from https://www.debian.org/releases/wheezy/amd64/release-notes/ch-whats-new

Translation(s): English - Español - Français - Italiano - 한국어 - Russian - Brasileiro - 简体中文


systemd - system and service manager

Introduction

systemd is a system and service manager for Linux. It is the default init system for Debian since DebianJessie. Systemd is compatible with SysV and LSB init scripts. It can work as a drop-in replacement for sysvinit. Systemd

  • Provides aggressive parallelization capabilities
  • Uses socket and D-Bus activation for starting services
  • Offers on-demand starting of daemons
  • Implements transactional dependency-based service control logic
  • Tracks processes using Linux cgroups
  • Supports snapshotting and restoring
  • Maintains mount and automount points

Systemd runs as a daemon with PID 1.

Systemd tasks are organized as units. The most common units are services (.service), mount points (.mount), devices (.device), sockets (.socket), or timers (.timer). For instance, starting the secure shell daemon is done by the unit ssh.service.

Systemd puts every service into a dedicated control group (cgroup) named after the service. Modern kernels support process isolation and resource allocation based on cgroups.

Targets are groups of units. Targets call units to put the system together. For instance, graphical.target calls all units that are necessary to start a workstation with graphical user interface. Targets can build on top of another or depend on other targets. At boot time, systemd activates the target default.target which is an alias for another target such as graphical.target.

Systemd creates and manages the sockets used for communication between system components. For instance, it first creates the socket /dev/log and then starts the syslog daemon. This approach has two advantages: Firstly, processes communicating with syslog via /dev/log can be started in parallel. Secondly, crashed services can be restarted without processes that communicate via sockets with them losing their connection. The kernel will buffer the communication while the process restarts.

Please see the upstream systemd page for more information.

Basic usage

systemctl is the main tool used to introspect and control the state of the "systemd" system and service manager. You can use systemctl for instance to enable/disable services permanently or only for the current session. Refer to the systemctl(1) manpage for more details.

Getting information on system status

Show system status:

$ systemctl status

List failed units:

$ systemctl --failed

List installed unit files:

$ systemctl list-unit-files

Managing services

List all running services:

$ systemctl

Activates the service "example1" immediately:

# systemctl start example1

Deactivates the service "example1" immediately:

# systemctl stop example1

Restarts the service "example1" immediately:

# systemctl restart example1

Shows status of the service "example1":

# systemctl status example1

Enables "example1" to be started on bootup:

# systemctl enable example1

Disables "example1" to not start during bootup:

# systemctl disable example1

Creating or altering services

Units are defined by individual configuration files, called unit files. The type of the unit is recognized by the file name suffix, .mount in case of a mount point. Unit files provided by Debian are located in the /lib/systemd/system directory. If an identically named local unit file exists in the directory /etc/systemd/system, it will take precedence and systemd will ignore the file in the /lib/systemd/system directory. Some units are created by systemd without a unit file existing in the file system.

System administrators should put new or heavily-customized unit files in /etc/systemd/system.

For small tweaks to a unit file, system administrators should use the "drop-in directory" feature (documented in systemd.unit(5)).

  • Start by determining the canonical systemd service name (e.g. ssh.service, not an alias like sshd.service). We'll use "name.service" for this example.

  • Create the directory /etc/systemd/system/name.service.d
  • Create files inside this directory ending with a ".conf" suffix. For example, /etc/systemd/system/name.service.d/local.conf
  • Each file should contain the section headers and section options to be overridden, using the same format as unit files.

For more information about writing your own services, see systemd/Services.

Installing and Testing

systemd was included in Debian wheezy as a technology preview. Please make sure that you are using Debian jessie or newer to get a recent version of systemd.

Installation

To install systemd run:

# apt-get update
# apt-get install systemd

This will install the systemd packages but will not configure systemd as your init system.

Configuring for testing

To test systemd before switching to it by default, you can add the following boot parameter to the kernel:

init=/lib/systemd/systemd

This can be done in the grub menu for a single boot - press "e" in the grub menu and add this to the kernel line. For example, depending on the options required for your particular system, it might look something like:

linux   /vmlinuz-3.13-1-amd64 root=/dev/mapper/root-root init=/lib/systemd/systemd ro quiet

If PID 1 is systemd then your system is running with systemd.

Configuring as default

In order to use systemd you should also install systemd-sysv which provides the symlinks links for /sbin/init. It is recommended to run this when already running under systemd, as described in the previous section.

# apt-get install systemd-sysv

In order to boot your system with the newly installed systemd, simply reboot.

# reboot

If you run a self-compiled kernel, make sure you have 2.6.39 or newer and enable the following options:

 * CONFIG_DEVTMPFS=y
 * CONFIG_CGROUPS=y
 * CONFIG_AUTOFS4_FS=[y|m]
 * CONFIG_IPV6=[y|m], optional, but highly recommended
 * CONFIG_FANOTIFY=y, optional, required for systemd readahead. available in Linux kernel >= 2.6.37.

For an up-to-date list, see section "REQUIREMENTS" in the upstream README file.

Debugging

Failed units

In some cases units enter a failed state. The statuscommand can be used to find out some details:

$ systemctl status <UNITNAME>

Failed units can be manually cleared out:

# systemctl reset-failed

systemd hangs on startup or shutdown

Sometimes it is necessary to investigate why systemd hangs on startup or on reboot/shutdown.

Solution #0: Remove "quiet" from Kernel command line (so called "cmdline" or "grub line")

Solution #1: Increase verbosity via cmdline: Add "systemd.log_target=kmsg systemd.log_level=debug"

Of course you can have a "temporary" persistent solution:

[ /etc/default/grub ]
GRUB_CMDLINE_LINUX="systemd.log_target=kmsg systemd.log_level=debug" <--- Add here (by uncommenting you can easily switch to debug)

# update-grub

Solution #2: Increase verbosity via /etc/systemd/system.conf

LogLevel=debug           <--- Uncomment this line and use "debug" (default: commented and "info")
LogTarget=syslog-or-kmsg <--- Uncomment this line (default: commented)

Solution #3: Boot an emergency shell: Add systemd.unit=rescue.target or just 1 (the number one) to the kernel command line.

Solution #4: Enable the debug shell: Run systemctl enable debug-shell.service. (You can do this in a chroot environment after booting a rescue system.) This starts a root shell on TTY 9.

HINT: "man systemd" and "man systemd-system.conf"

HINT: Extensive debugging information about systemd is on this FreeDesktop page.

HINT: How to check Kernel command line parameters/options?

# cat /proc/cmdline

NOTE on LogLevel (see systemd(1) and systemd-system.conf(5)):

"Set log level. As an argument this accepts a numerical log level or the well-known syslog(3) symbolic names (lowercase): emerg, alert, crit, err, warning, notice, info, debug."

HINT: Keep a copy of /sbin/init from sysvinit package in case of rescue (so you can use init=/sbin/init.sysvinit in cmdline)!

# cp -av /sbin/init /sbin/init.sysvinit <--- Before installing systemd-sysv package

See also https://fedoraproject.org/wiki/How_to_debug_Systemd_problems

Kernel debug without systemd debug in Jessie

Using the old "debug" kernel parameter in Jessie will turn on systemd debug logging as well as kernel debug logging. To get the old behaviour, do not use "debug", instead use the kernel parameter "loglevel=7".

Bugs and Bug-Tracking-Systems

Known Issues and Workarounds

Shared bind mounts

The default behavior of bind mounts changes under systemd. The Linux kernel makes bind mounts of anything below / PRIVATE. Systemd changes this to SHARED.

Thus, when you do this:

    mount --bind / $CHROOT
    mount --bind /dev/ $CHROOT/dev
    umount $CHROOT/dev

then /dev will be unmounted in your base/parent system as well!

What you can do now instead, is to:

    mount --bind --make-rslave / $CHROOT
    mount --bind --make-rslave /dev/ $CHROOT/dev

this will propagate mount changes (also mount options) in the base/parent system into the $CHROOT but not from the $CHROOT back to the parent.

The rationale for the change of the default behavior can be found in bug 739593, particularly in Lenart's comment therein.

SSH session doesn't cleanly terminate on reboot/shutdown

If you happen to reboot/shutdown remote machine over ssh you may find out that your session isn't terminated properly, leaving you with the non-reacting terminal until long a timeout has been reached. There was bug 751636 about it. A workaround to this problem was to install:

    apt-get install libpam-systemd

which would terminate the ssh session before the network was dropped. Please note, that that would require PAM to be enabled in sshd.

Missing startup messages on console(tty1) after the boot

With systemd console(tty1) is handled differently and if you used to check it to see how did your boot go now you'll see only couple of non-informative lines.

To be able to get full transcript of the system boot on your console you need to perform two steps.

1. Add to the kernel options systemd.show_status=1, for example via /etc/default/grub:

    GRUB_CMDLINE_LINUX_DEFAULT="quiet systemd.show_status=1"

and run update-grub2.

2. Create file /etc/systemd/system/getty@tty1.service.d/noclear.conf with the content:

[Service]
TTYVTDisallocate=no

to disable clearing of the terminal on getty invocation.

Virtual and serial console changes

Those used to change inittab to enable/disable virtual or serial consoles will notice that that file is gone from clean installs. This is all managed through systemd directly now. For example, you can enable a serial console on COM1 with:

systemctl enable serial-getty@ttyS0.service
systemctl start serial-getty@ttyS0.service

However, it is generally preferable to add console=ttyS0 on the kernel commandline, since this also enables kernel output on reboots. This is done by adding the following to /etc/default/grub:

GRUB_CMDLINE_LINUX="console=ttyS0"

... and running update-grub. This will take effect only on the next reboot, however.

Orphaned processes

Because it manages user sessions (taking over the role of X or other components), systemd may slightly change how processes survive a logoff. By default, when X shuts down all processes should exit and systemd will clean up the session, but there are some corner cases where certain processes don't cleanup after themselves properly.

You can configure how systemd manages leftover processes with the KillUserProcesses= parameter in logind.conf. By setting this to yes, processes will be forcibly killed when the session terminates. Note that this will break tools like screen or tmux, unless they are configured to run under a distinct user@.service unit and if enable-linger is set to yes in loginctl. A simple way to do this on the fly is to run the program in a "transient scope", using systemd-run:

systemd-run --scope --user screen

Now, normally sessions should cleanup after themselves, and such issues should be fixed without having to revert to the KillUserProcesses=yes sledgehammer. A good way to list the affected processes is to group them by "control group", with the systemd-cgls command:

systemd-cgls

Some known misbehaving applications:

Where to get help?

Systemd is a young project with a strong emphasis on solving problems in a distribution agnostic manner.

Debian specific channels include

Several other distributions are using systemd

Installing without systemd

Jessie installs systemd by default on new installs. Should one desire to install without systemd, i.e use sysvinit-core instead (old sysV5 init), it is possible to use preseed to replace systemd with sysvinit at the end of the install (This probably won't work if selecting one of the desktop environments that require systemd specific features however). If using a preseed file already, just make sure to set the preseed value

preseed/late_command="in-target apt-get install -y sysvinit-core"

If not using a preseed file, this can be added to the boot arguments instead by hitting TAB at the boot menu on the desired entry and appending the above preseed line at the end of the boot command.

There may still be a few bits of systemd installed, but at least init itself is not systemd and cleaning up any remaining pieces should not be too hard.

Debian Resources

Other Resources


CategoryPermalink