Systemd 基本概論介紹

轉載路徑：https://wiki.archlinux.org/index.php/Systemd
參考路徑：
https://blog.linuxeye.com/400.html
http://www.linuxidc.com/Linux/2015-05/117640.htm
http://www.freedesktop.org/wiki/Software/systemd/
http://www.linuxidc.com/Linux/2014-11/110023.htm
http://www.ibm.com/developerworks/cn/linux/1407_liuming_init3/

• Basic systemctl usage
  
  1. Analyzing the system state

List running units:
$ systemctl
or:
$ systemctl list-units

List failed units:
$ systemctl --failed

The available unit files can be seen in /usr/lib/systemd/system/ and /etc/systemd/system/ (the latter takes precedence). List installed unit files with:
$ systemctl list-unit-files

Using units

Units can be, for example, services (.service), mount points (.mount), devices (.device) or sockets (.socket).
When using systemctl, you generally have to specify the complete name of the unit file, including its suffix, for example sshd.socket. There are however a few short forms when specifying the unit in the following systemctl commands:

• If you do not specify the suffix, systemctl will assume .service. For example, netctl and netctl.service are equivalent.
• Mount points will automatically be translated into the appropriate .mount unit. For example, specifying /home is equivalent to home.mount.
• Similar to mount points, devices are automatically translated into the appropriate .device unit, therefore specifying /dev/sda2 is equivalent to dev-sda2.device.

See man systemd.unit for details.

• Note: Some unit names contain an @ sign (e.g. [email protected]): this means that they are instances of a template unit, whose actual file name does not contain the string part (e.g. [email protected]). string is called the instance identifier, and is similar to an argument that is passed to the template unit when called with the systemctl command: in the unit file it will substitute the %i specifier.
  To be more accurate, before trying to instantiate the [email protected] template unit, systemd will actually look for a unit with the exact [email protected] file name, although by convention such a “clash” happens rarely, i.e. most unit files containing an @ sign are meant to be templates. Also, if a template unit is called without an instance identifier, it will just fail, since the %i specifier cannot be substituted.

• Tip:
  Most of the following commands also work if multiple units are specified, see man systemctl for more information.
  Since systemd 220, a –now switch can be used in conjunction with enable, disable and mask to respectively start or stop the unit all at once.
  A package may offer units for different purposes. If you just installed a package, pacman -Qql package | grep -Fe .service -e .socket can be used to check and find them.

Start a unit immediately:
# systemctl start unit
Stop a unit immediately:
# systemctl stop unit
Restart a unit:
# systemctl restart unit
Ask a unit to reload its configuration:
# systemctl reload unit
Show the status of a unit, including whether it is running or not:
$ systemctl status unit
Check whether a unit is already enabled or not:
$ systemctl is-enabled unit
Enable a unit to be started on bootup:
# systemctl enable unit
Disable a unit to not start during bootup:
# systemctl disable unit
Mask a unit to make it impossible to start it:
# systemctl mask unit
Unmask a unit:
# systemctl unmask unit
Show the manual page associated with a unit (this has to be supported by the unit file):
$ systemctl help unit
Reload systemd, scanning for new or changed units:
# systemctl daemon-reload

• Power management
  polkit is necessary for power management as an unprivileged user. If you are in a local systemd-logind user session and no other session is active, the following commands will work without root privileges. If not (for example, because another user is logged into a tty), systemd will automatically ask you for the root password.

Shut down and reboot the system:
$ systemctl reboot
Shut down and power-off the system:
$ systemctl poweroff
Suspend the system:
$ systemctl suspend
Put the system into hibernation:
$ systemctl hibernate
Put the system into hybrid-sleep state (or suspend-to-both):
$ systemctl hybrid-sleep

Writing unit files

The syntax of systemd’s unit files is inspired by XDG Desktop Entry Specification .desktop files, which are in turn inspired by Microsoft Windows .ini files. Unit files are loaded from two locations. From lowest to highest precedence they are:

• /usr/lib/systemd/system/: units provided by installed packages
• /etc/systemd/system/: units installed by the system administrator

Note:
The load paths are completely different when running systemd in user mode.
systemd unit names may only contain ASCII alphanumeric characters, underscores and periods. All other characters must be replaced by C-style “\x2d” escapes. See man systemd.unit and man systemd-escape for more information.
Look at the units installed by your packages for examples, as well as the annotated example section of man systemd.service.

Tip: Comments prepended with # may be used in unit-files as well, but only in new lines. Do not use end-line comments after systemd parameters or the unit will fail to activate.

Handling dependencies

With systemd, dependencies can be resolved by designing the unit files correctly. The most typical case is that the unit A requires the unit B to be running before A is started. In that case add Requires=B and After=B to the [Unit] section of A. If the dependency is optional, add Wants=B and After=B instead. Note that Wants= and Requires= do not imply After=, meaning that if After= is not specified, the two units will be started in parallel.
Dependencies are typically placed on services and not on targets. For example, network.target is pulled in by whatever service configures your network interfaces, therefore ordering your custom unit after it is sufficient since network.target is started anyway.

Service types

There are several different start-up types to consider when writing a custom service file. This is set with the Type= parameter in the [Service] section:

• Type=simple (default): systemd considers the service to be started up immediately. The process must not fork. Do not use this type if other services need to be ordered on this service, unless it is socket activated.
• Type=forking: systemd considers the service started up once the process forks and the parent has exited. For classic daemons use this type unless you know that it is not necessary. You should specify PIDFile= as well so systemd can keep track of the main process.
• Type=oneshot: this is useful for scripts that do a single job and then exit. You may want to set RemainAfterExit=yes as well so that systemd still considers the service as active after the process has exited.
• Type=notify: identical to Type=simple, but with the stipulation that the daemon will send a signal to systemd when it is ready. The reference implementation for this notification is provided by libsystemd-daemon.so.
• Type=dbus: the service is considered ready when the specified BusName appears on DBus’s system bus.
• Type=idle: systemd will delay execution of the service binary until all jobs are dispatched. Other than that behavior is very similar to Type=simple.
  See the systemd.service(5) man page for a more detailed explanation of the Type values.

Editing provided unit files

There are two ways to edit a unit file provided by a package: replace the entire unit file with a new one or create drop-in snippets which are applied on top of the existing unit file. For both methods, you must reload the unit afterwards to apply your changes. This can be done either by editing the unit with systemctl edit (which reloads the unit automatically) or by reloading all units with:

# systemctl daemon-reload

Tip:
You can use systemd-delta to see which unit files have been overridden or extended and what exactly has been changed.
Use systemctl cat unit to view the content of a unit file and all associated drop-in snippets.
Syntax highlighting for systemd unit files within Vim can be enabled by installing vim-systemd.

Replacement unit files

To replace the unit file /usr/lib/systemd/system/unit, create the file /etc/systemd/system/unit and reenable the unit to update the symlinks:

# systemctl reenable unit
Alternatively, run:
# systemctl edit --full unit

This opens /etc/systemd/system/unit in your editor (copying the installed version if it does not exist yet) and automatically reloads it when you finish editing.

Note: Pacman does not update the replacement unit files when the originals are updated, so this method can make system maintenance more difficult. For this reason the next approach is recommended.

Drop-in snippets

To create drop-in snippets for the unit file /usr/lib/systemd/system/unit, create the directory /etc/systemd/system/unit.d/ and place .conf files there to override or add new options. systemd will parse these .conf files and apply them on top of the original unit.
The easiest way to do this is to run:

# systemctl edit unit

This opens the file /etc/systemd/system/unit.d/override.conf in your text editor (creating it if necessary) and automatically reloads the unit when you are done editing.
Examples
For example, if you simply want to add an additional dependency to a unit, you may create the following file:

/etc/systemd/system/unit.d/customdependency.conf
[Unit]
Requires=new dependency
After=new dependency

As another example, in order to replace the ExecStart directive for a unit that is not of type oneshot, create the following file:

/etc/systemd/system/unit.d/customexec.conf
[Service]
ExecStart=
ExecStart=new command

Note how ExecStart must be cleared before being re-assigned ([1]).
One more example to automatically restart a service:

/etc/systemd/system/unit.d/restart.conf
[Service]
Restart=always
RestartSec=30

Targets

Tango-mail-mark-junk.pngTango-mail-mark-junk.png
This article or section needs language, wiki syntax or style improvements.
Reason: Unclear description, copy-pasted content (explicitly mentions “Fedora”). (Discuss in Talk:Systemd#Make section “Targets” more clearly)

systemd uses targets which serve a similar purpose as runlevels but act a little different. Each target is named instead of numbered and is intended to serve a specific purpose with the possibility of having multiple ones active at the same time. Some targets are implemented by inheriting all of the services of another target and adding additional services to it. There are systemd targets that mimic the common SystemVinit runlevels so you can still switch targets using the familiar telinit RUNLEVEL command.

Get current targets

The following should be used under systemd instead of running runlevel:

$ systemctl list-units --type=target

Create custom target

The runlevels that are assigned a specific purpose on vanilla Fedora installs; 0, 1, 3, 5, and 6; have a 1:1 mapping with a specific systemd target. Unfortunately, there is no good way to do the same for the user-defined runlevels like 2 and 4. If you make use of those it is suggested that you make a new named systemd target as /etc/systemd/system/your target that takes one of the existing runlevels as a base (you can look at /usr/lib/systemd/system/graphical.target as an example), make a directory /etc/systemd/system/your target.wants, and then symlink the additional services from /usr/lib/systemd/system/ that you wish to enable.

Targets table

SysV Runlevel systemd Target Notes
0 runlevel0.target, poweroff.target Halt the system.
1, s, single runlevel1.target, rescue.target Single user mode.
2, 4 runlevel2.target, runlevel4.target, multi-user.target User-defined/Site-specific runlevels. By default, identical to 3.
3 runlevel3.target, multi-user.target Multi-user, non-graphical. Users can usually login via multiple consoles or via the network.
5 runlevel5.target, graphical.target Multi-user, graphical. Usually has all the services of runlevel 3 plus a graphical login.
6 runlevel6.target, reboot.target Reboot
emergency emergency.target Emergency shell

Change current target

In systemd targets are exposed via target units. You can change them like this:

# systemctl isolate graphical.target

This will only change the current target, and has no effect on the next boot. This is equivalent to commands such as telinit 3 or telinit 5 in Sysvinit.

Change default target to boot into

The standard target is default.target, which is aliased by default to graphical.target (which roughly corresponds to the old runlevel 5). To change the default target at boot-time, append one of the following kernel parameters to your bootloader:
systemd.unit=multi-user.target (which roughly corresponds to the old runlevel 3),
systemd.unit=rescue.target (which roughly corresponds to the old runlevel 1).
Alternatively, you may leave the bootloader alone and change default.target. This can be done using systemctl:

# systemctl set-default multi-user.target
To be able to override the previously set default.target, use the force option:
# systemctl set-default -f multi-user.target

The effect of this command is output by systemctl; a symlink to the new default target is made at /etc/systemd/system/default.target.

Temporary files

“systemd-tmpfiles creates, deletes and cleans up volatile and temporary files and directories.” It reads configuration files in /etc/tmpfiles.d/ and /usr/lib/tmpfiles.d/ to discover which actions to perform. Configuration files in the former directory take precedence over those in the latter directory.
Configuration files are usually provided together with service files, and they are named in the style of /usr/lib/tmpfiles.d/program.conf. For example, the Samba daemon expects the directory /run/samba to exist and to have the correct permissions. Therefore, the samba package ships with this configuration:

/usr/lib/tmpfiles.d/samba.conf
D /run/samba 0755 root root

Configuration files may also be used to write values into certain files on boot. For example, if you used /etc/rc.local to disable wakeup from USB devices with echo USBE > /proc/acpi/wakeup, you may use the following tmpfile instead:

/etc/tmpfiles.d/disable-usb-wake.conf
w /proc/acpi/wakeup - - - - USBE

See the systemd-tmpfiles(8) and tmpfiles.d(5) man pages for details.

Note: This method may not work to set options in /sys since the systemd-tmpfiles-setup service may run before the appropriate device modules is loaded. In this case you could check whether the module has a parameter for the option you want to set with modinfo module and set this option with a config file in /etc/modprobe.d. Otherwise you will have to write a udev rule to set the appropriate attribute as soon as the device appears.

Troubleshooting

Investigating systemd errors
As an example, we will investigate an error with systemd-modules-load service:

• 1.Lets find the systemd services which fail to start:

$ systemctl --failed
systemd-modules-load.service   loaded failed failed  Load Kernel Modules

• 2.Ok, we found a problem with systemd-modules-load service. We want to know more:

$ systemctl status systemd-modules-load
systemd-modules-load.service - Load Kernel Modules
   Loaded: loaded (/usr/lib/systemd/system/systemd-modules-load.service; static)
   Active: failed (Result: exit-code) since So 2013-08-25 11:48:13 CEST; 32s ago
     Docs: man:systemd-modules-load.service(8).
           man:modules-load.d(5)
  Process: 15630 ExecStart=/usr/lib/systemd/systemd-modules-load (code=exited, status=1/FAILURE)

If the Process ID is not listed, just restart the failed service with systemctl restart systemd-modules-load

• 3.Now we have the process id (PID) to investigate this error in depth. Enter the following command with the current Process ID (here: 15630):

$ journalctl _PID=15630
-- Logs begin at Sa 2013-05-25 10:31:12 CEST, end at So 2013-08-25 11:51:17 CEST. --
Aug 25 11:48:13 mypc systemd-modules-load[15630]: Failed to find module 'blacklist usblp'
Aug 25 11:48:13 mypc systemd-modules-load[15630]: Failed to find module 'install usblp /bin/false'

• 4.We see that some of the kernel module configs have wrong settings. Therefore we have a look at these settings in /etc/modules-load.d/:

$ ls -Al /etc/modules-load.d/
...
-rw-r--r--   1 root root    79  1. Dez 2012  blacklist.conf
-rw-r--r--   1 root root     1  2. Mär 14:30 encrypt.conf
-rw-r--r--   1 root root     3  5. Dez 2012  printing.conf
-rw-r--r--   1 root root     6 14. Jul 11:01 realtek.conf
-rw-r--r--   1 root root    65  2. Jun 23:01 virtualbox.conf
...

• 5.The Failed to find module ‘blacklist usblp’ error message might be related to a wrong setting inside of blacklist.conf. Lets deactivate it with inserting a trailing # before each option we found via step 3:

/etc/modules-load.d/blacklist.conf
# blacklist usblp
# install usblp /bin/false

• 6.Now, try to start systemd-modules-load:

$ systemctl start systemd-modules-load

If it was successful, this should not prompt anything. If you see any error, go back to step 3 and use the new PID for solving the errors left.
If everything is ok, you can verify that the service was started successfully with:

$ systemctl status systemd-modules-load
systemd-modules-load.service - Load Kernel Modules
   Loaded: loaded (/usr/lib/systemd/system/systemd-modules-load.service; static)
   Active: active (exited) since So 2013-08-25 12:22:31 CEST; 34s ago
     Docs: man:systemd-modules-load.service(8)
           man:modules-load.d(5)
 Process: 19005 ExecStart=/usr/lib/systemd/systemd-modules-load (code=exited, status=0/SUCCESS)
Aug 25 12:22:31 mypc systemd[1]: Started Load Kernel Modules.

Often you can solve these kind of problems like shown above. For further investigation look at #Diagnosing boot problems.

Diagnosing boot problems

Boot with these parameters on the kernel command line: systemd.log_level=debug systemd.log_target=kmsg log_buf_len=1M

Boot to rescue mode

Assuming that it is possible to change the kernel command line before actually starting the system, you can resolve many boot and service configuration issues by adding the number 1 to the end of the arguments. This pauses normal startup and breaks into a shell shortly after the root filesystem has been remounted read/write. When you are finished, you can exit the shell as you normally would, and the system should resume starting up.

Boot to emergency mode

If rescue mode interrupts the boot at too late a time to be useful, you can start the system in emergency mode. To accomplish this, append emergency to the kernel command line before booting. This will provide a shell after the initramfs is finished running, but before the root is remounted as read/write, and before most other file systems are mounted. As with rescue mode, once you are finished troubleshooting you can exit the shell to continue normal boot.

Debug shell

If the boot process fails in such a way as to not provide a workable shell, systemd comes with a service file called debug-shell.service which you can enable to get a root shell on tty9 (switch there by pressing Ctrl+Alt+F9). Note that leaving this functionality enabled for a lengthy period of time is a serious security risk, because any person with access to the keyboard and terminal can switch to that VT and get an unrestricted root shell!

Diagnosing problems with a specific service

If some systemd service misbehaves and you want to get more information about what is going on, set the SYSTEMD_LOG_LEVEL environment variable to debug. For example, to run the systemd-networkd daemon in debug mode:

# systemctl stop systemd-networkd
# SYSTEMD_LOG_LEVEL=debug /lib/systemd/systemd-networkd

Or, equivalently, modify the service file temporarily for gathering enough output. For example:

/usr/lib/systemd/system/systemd-networkd.service
[Service]
...
Environment=SYSTEMD_LOG_LEVEL=debug
....

If debug information is required long-term, add the variable the regular way.

Shutdown/reboot takes terribly long

If the shutdown process takes a very long time (or seems to freeze) most likely a service not exiting is to blame. systemd waits some time for each service to exit before trying to kill it. To find out if you are affected, see this article.

Short lived processes do not seem to log any output

If journalctl -u foounit does not show any output for a short lived service, look at the PID instead. For example, if systemd-modules-load.service fails, and systemctl status systemd-modules-load shows that it ran as PID 123, then you might be able to see output in the journal for that PID, i.e. journalctl -b _PID=123. Metadata fields for the journal such as _SYSTEMD_UNIT and _COMM are collected asynchronously and rely on the /proc directory for the process existing. Fixing this requires fixing the kernel to provide this data via a socket connection, similar to SCM_CREDENTIALS.

Disabling application crash dumps journaling

Edit the file /etc/systemd/coredump.conf by adding this line:

 Storage=none

and run:

# systemctl daemon-reload

to reload the configuration.