Skip to content

Systemd

Check service status

systemctl status docker

Check runnin service

systemctl | grep -E -i -w 'docker|dockerd'
systemctl list-unit-files | grep -E -i -w 'docker|dockerd'

Start service

systemctl start dockerrm.timer

Enable service to auto start

systemctl enable docker.service

Stop service

systemctl stop docker

Show jobs

systemctl list-timers --all

Reload list of services

systemctl daemon-reload

Create script job

/etc/systemd/system/dockerrm.service

[Unit]
Description=Delete docker containers created longer than n days

[Service]
Type=oneshot
ExecStart=/usr/local/bin/dockerrm.sh

/etc/systemd/system/dockerrm.timer

[Unit]
Description=Run dockerrm.service on schedule

[Timer]
OnCalendar=Mon..Sun 22:00
Persistent=true

[Install]
WantedBy=timers.target

Reboot machine

systemctl reboot

Set timeout for service stop

If the application takes "forever" to exit, then it's possible that it will block a reboot indefinitely

systemctl edit --full node.service


[Service]
TimeoutStartSec=180


systemctl daemon-reload
systemctl show elasticsearch | grep ^Timeout

Edit original unit, run as dynamic user (do not create user fo service)

systemctl edit --force --full vouch-proxy.service


[Unit]
Description=Vouch Proxy
After=network.targe

[Service]
Type=simple
DynamicUser=yes
WorkingDirectory=/usr/local/bin
ExecStart=/usr/local/bin/vouch-proxy
Restart=on-failure
RestartSec=5
StartLimitInterval=60s
StartLimitBurst=3

[Install]
WantedBy=default.target


systemctl daemon-reload
ps axwwo pid,user:12,group:12,cmd | grep vouch

Disable SMB on Linux host

systemctl stop smbd
systemctl stop nmbd
systemctl mask smbd
systemctl mask nmbd

Systemd Auto boot service

cp /lib/systemd/system/postgresql-9.4.service /etc/systemd/system/postgresql-9.4-5434.service

Systemd start service

systemctl start postgresql-9.4.service

Systemd enable auto-boot service

systemctl enable postgresql-9.4.service

Systemd check if service is enabled (set to boot)

systemctl is-enabled nginx.service

Systemd show auto-boot services

systemctl list-unit-files --type=service

Systemd restart service

systemctl restart postgresql-9.4.service

Systemd show service unit-file

systemctl cat sshd

Systemd edit service unit-file

systemctl edit sshd

Systemd check service is active

systemctl is-active sshd

Systemd unit file installed by packages

/usr/lib/systemd/system/sshd.service

Systemd unit file local configuration

/etc/systemd/system

Systemd set an environment variable for a systemd service

Use EnvironmentFile= and point it to another configuration file that is only readable by the service account (and users with root access)

I put a configuration file at /etc/my_service/my_service.conf and put my secrets in there: 

MY_SECRET=correcthorsebatterystaple

Then in my service unit file, I used EnvironmentFile=:

[Unit]
Description=my_service

[Service]
ExecStart=/usr/bin/python /path/to/my_service.py
EnvironmentFile=/etc/my_service/my_service.conf
User=myservice

[Install]
WantedBy=multi-user.target

SystemD set maximum open files

/etc/systemd/system/redis.service

[Service]
LimitNOFILE=10032

systemctl daemon-reload
systemctl restart redis.service

Systemd multiple ExecStart

If Type=simple in your unit file, you can only specify one ExecStart, but you can add as many ExecStartPre, ExecStartPost, but none of this is suited for long running commands, because they are executed serially and everything one start is killed before starting the next one.

If Type=oneshot you can specify multiple ExecStart, they run serially not in parallel.

SystemD Network

networkctl status

SystemD Login

loginctl list-sessions

JournalD

Get service unit logs

journalctl -u docker | tail -50

Get logs since last boot

journalctl -b -r

Journald show service unit logs

journalctl -u docker -r

Journald log rotation config

/etc/systemd/journald.conf

Journald trunkate the logs (remove older)

journalctl --vacuum-size=1024M
journalctl --vacuum-time=7d

ResolveD

SystemD Resolve DNS

resolvectl status

SystemD DNS Stub Resolver

Systemd could list on port 53 for requests

/etc/systemd/resolved.conf

DNSStubListener=yes

In that case /etc/resolv.conf points to 127.0.0.1

/etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf

nameserver 127.0.0.53

Clear DNS cache

systemd-resolve --flush-caches

TimedateD

Set time zone

timedatectl set-timezone Europe/Copenhagen
cat /etc/timezone

SystemD Time

timedatectl status