The Basics of Managing Linux Services with Systemd

In the world of Linux, managing system services—background processes that power everything from web servers to network daemons—has evolved significantly over the years. One of the most impactful changes in this space is the adoption of systemd, a system and service manager that has become the de facto standard for most modern Linux distributions (e.g., Ubuntu, Fedora, CentOS, Debian). Unlike its predecessors (such as SysVinit), systemd offers robust features like parallelized service startup, on-demand activation, and centralized logging, making it a critical tool for Linux administrators and power users alike. This blog will demystify systemd, covering its core concepts, essential commands, service file structure, and best practices. By the end, you’ll have the skills to confidently manage, troubleshoot, and optimize Linux services using systemd.

What is Systemd?
Key Concepts in Systemd
- Units
- Targets
- Services
Basic Systemd Commands with systemctl
Understanding Systemd Service Files
Targets and Runlevels
- Runlevels vs. Targets
- Managing Targets
Monitoring and Troubleshooting with journalctl
Common Practices
Best Practices
Conclusion
References

What is Systemd?

Systemd is a system and service manager for Linux operating systems. It is designed to bootstrap the user space and manage system processes after boot. Introduced in 2010, systemd replaced traditional init systems like SysVinit and Upstart by addressing their limitations, such as slow sequential startup and limited process supervision.

Key features of systemd include:

Parallel service startup: Reduces boot time by starting independent services simultaneously.
On-demand activation: Starts services only when needed (e.g., via sockets or D-Bus).
Centralized logging: Uses journald to collect and manage logs from all services.
Dependency management: Ensures services start in the correct order based on dependencies.
Service supervision: Automatically restarts failed services and manages process lifecycles.

Key Concepts in Systemd

To effectively use systemd, you must first understand its core building blocks: units, targets, and services.

Units

A unit is the basic object systemd manages. Units represent resources that systemd can control, such as services, sockets, devices, or mount points. Units are defined by configuration files (typically ending in .service, .target, .socket, etc.).

Common unit types include:

.service: A background process (the focus of this guide).
.target: A logical group of units (similar to “runlevels” in traditional init systems).
.socket: A network or IPC socket that triggers service activation.
.mount: A filesystem mount point.

Targets

A target is a special type of unit that groups other units together to achieve a specific system state (e.g., “multi-user mode” or “graphical mode”). Targets do not execute actions directly; instead, they depend on other units (services, sockets, etc.) and ensure they start in the correct order.

Targets replace traditional SysVinit runlevels. For example:

multi-user.target (analogous to runlevel 3) = Text-based multi-user mode.
graphical.target (analogous to runlevel 5) = Graphical multi-user mode with a desktop environment.

Services

A service (.service unit) is the most common unit type. It defines how to start, stop, and manage a background process (e.g., nginx, sshd, or a custom application). Service files specify details like the executable path, user/group context, restart behavior, and dependencies.

Basic Systemd Commands with `systemctl`

The primary tool for interacting with systemd is systemctl (system control). It allows you to start, stop, enable, disable, and monitor services, as well as manage targets. Below are essential systemctl commands.

Checking Service Status

To check if a service is running, use:

systemctl status <service-name>

Example: Check the status of the Nginx web server:

systemctl status nginx

Sample Output:

● nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-03-20 10:15:30 UTC; 2h 30min ago
       Docs: man:nginx(8)
   Main PID: 1234 (nginx)
      Tasks: 2 (limit: 4915)
     Memory: 3.5M
     CGroup: /system.slice/nginx.service
             ├─1234 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
             └─1235 nginx: worker process

Key details in the output:

Loaded: Whether the service file is found and enabled.
Active: Current state (e.g., active (running), inactive, failed).
Main PID: Process ID of the service’s main process.
CGroup: Control group hierarchy for the service.

Starting, Stopping, and Restarting Services

To manually control a service’s state:

Action	Command
Start a service	`systemctl start <service-name>`
Stop a service	`systemctl stop <service-name>`
Restart a service	`systemctl restart <service-name>`
Reload configuration	`systemctl reload <service-name>`

Example: Restart Nginx after modifying its config:

systemctl restart nginx

If the service supports reloading (without downtime), use reload instead:

systemctl reload nginx

Enabling and Disabling Services on Boot

“Enabling” a service ensures it starts automatically at boot. “Disabling” prevents this.

Action	Command
Enable on boot	`systemctl enable <service-name>`
Disable on boot	`systemctl disable <service-name>`
Check if enabled	`systemctl is-enabled <service-name>`

Example: Enable Nginx to start on boot:

systemctl enable nginx

Output: Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /lib/systemd/system/nginx.service.

To check if Nginx is enabled:

systemctl is-enabled nginx

Output: enabled

Reloading Systemd Configuration

After creating or modifying a service file, systemd won’t recognize changes until you reload its configuration:

systemctl daemon-reload

This is critical—always run this command after editing .service files!

Understanding Systemd Service Files

Service files define how systemd manages a service. They are plain text files with a .service extension and follow a specific structure.

Location of Service Files

Systemd looks for service files in three primary directories (ordered by priority, from lowest to highest):

/usr/lib/systemd/system/: Default location for vendor-provided services (e.g., Nginx, SSHd). Do not edit these files—they may be overwritten during updates.
/etc/systemd/system/: Custom or overridden service files. Use this directory for user-defined services.
/run/systemd/system/: Runtime-generated service files (temporary, not persistent across reboots).

Anatomy of a `.service` File

A .service file has three main sections, each with key-value directives:

`[Unit]` Section

Defines metadata and dependencies for the service. Common directives:

Description: A human-readable description of the service.
After: Specifies units that must start before this service (e.g., network.target for network-dependent services).
Requires: Hard dependencies—if the required unit fails, this service fails too.
Wants: Soft dependencies—this service prefers the unit to run but won’t fail if it doesn’t.

`[Service]` Section

Defines how the service runs. Critical directives:

ExecStart: Path to the executable to launch the service (required). Use absolute paths!
Type: The process startup type (e.g., simple, forking, oneshot). Most services use simple (executable runs in foreground).
User/Group: The user/group to run the service as (avoid root unless necessary).
Restart: When to restart the service (e.g., always, on-failure, no).
WorkingDirectory: The directory from which the service runs.

`[Install]` Section

Defines how the service is installed (e.g., which target it belongs to). Common directives:

WantedBy: The target that “wants” this service. When the target is activated, the service starts. Typically multi-user.target (text mode) or graphical.target (GUI mode).

Example: Creating a Custom Service File

Let’s create a service file for a hypothetical Python app (myapp.py) that runs in the background.

Create the service file in /etc/systemd/system/:
```
sudo nano /etc/systemd/system/myapp.service
```

Add the following content:

[Unit]
Description=My Custom Python Application
After=network.target  # Start after the network is up
Wants=network.target   # Soft dependency on network

[Service]
User=appuser           # Run as non-root user "appuser"
Group=appuser
WorkingDirectory=/opt/myapp  # App’s working directory
ExecStart=/usr/bin/python3 /opt/myapp/myapp.py  # Absolute path to executable
Restart=on-failure     # Restart if the app crashes (exit code != 0)
RestartSec=5           # Wait 5 seconds before restarting

[Install]
WantedBy=multi-user.target  # Start when the system reaches multi-user mode

Save the file and exit the editor.
Reload systemd to detect the new service:
```
sudo systemctl daemon-reload
```

Start and enable the service:

sudo systemctl start myapp
sudo systemctl enable myapp

Verify the service is running:
```
systemctl status myapp
```

Targets and Runlevels

Systemd targets replace traditional SysVinit runlevels. Targets group services to define system states (e.g., “boot to text mode” or “boot to GUI”).

Runlevels vs. Targets

Traditional runlevels (0-6) map to systemd targets like this:

Runlevel	Purpose	Equivalent Systemd Target
0	Halt the system	`poweroff.target`
1/S	Single-user mode	`rescue.target`
2	Multi-user, no GUI	`multi-user.target` (on some distros)
3	Multi-user, no GUI	`multi-user.target`
4	Unused/ custom	`multi-user.target` (on some distros)
5	Multi-user with GUI	`graphical.target`
6	Reboot	`reboot.target`

Managing Targets

Use systemctl to interact with targets:

Action	Command
List all targets	`systemctl list-targets`
Get current default target	`systemctl get-default`
Set default target	`sudo systemctl set-default <target-name>`
Activate a target now	`sudo systemctl isolate <target-name>`

Example: Set the default target to multi-user.target (text mode):

sudo systemctl set-default multi-user.target

To switch to graphical.target (GUI) immediately:

sudo systemctl isolate graphical.target

Monitoring and Troubleshooting with `journalctl`

Systemd uses journald to collect logs from services and the kernel. The journalctl command queries these logs, making it indispensable for troubleshooting.

Basic `journalctl` Usage

Task	Command
View all logs (newest last)	`journalctl`
View logs for a specific service	`journalctl -u <service-name>`
View logs since a time/date	`journalctl --since "2024-03-20 10:00"`
View logs for the last hour	`journalctl --since "1 hour ago"`
Follow real-time logs (like `tail -f`)	`journalctl -u <service-name> -f`
View only error logs	`journalctl -p err`

Example: Troubleshoot a failed myapp service:

journalctl -u myapp --since "10 minutes ago"

This displays logs from myapp in the last 10 minutes, helping identify why it crashed.

Common Practices

1. Check Service Dependencies

Use systemctl list-dependencies <service-name> to see what units a service depends on (or what depends on it).
Example:

systemctl list-dependencies nginx

2. Mask Services (Permanent Disable)

To prevent a service from starting even manually (e.g., for security), “mask” it:

sudo systemctl mask nginx

To unmask:

sudo systemctl unmask nginx

3. Reload vs. Restart

Use reload for services that support dynamic config reloading (e.g., Nginx, Apache) to avoid downtime. Use restart only when necessary (e.g., config changes require a full restart).

4. Check for Failed Services

List all failed units with:

systemctl --failed

Best Practices

1. Use Absolute Paths in `ExecStart`

Always specify full paths for executables in ExecStart (e.g., /usr/bin/python3 instead of python3). Systemd’s $PATH is minimal, so relative paths may fail.

2. Run Services as Non-Root Users

Avoid running services as root unless strictly necessary. Define User and Group in the [Service] section to limit privileges.

3. Handle Process Supervision

Use Restart= to auto-recover from crashes:

Restart=always: Restart on exit, regardless of exit code.
Restart=on-failure: Restart only if exit code indicates failure (non-zero).
Restart=unless-stopped: Restart unless explicitly stopped with systemctl stop.

4. Limit Service Capabilities

Enhance security with directives like:

ProtectSystem=strict: Make /usr and /boot read-only.
PrivateTmp=yes: Give the service a private temporary directory.
NoNewPrivileges=yes: Prevent the service from gaining new privileges (e.g., via setuid).

5. Document Service Files

Add comments to custom service files explaining their purpose, dependencies, and any special configuration.

Conclusion

Systemd is a powerful tool for managing Linux services, offering faster boot times, robust process supervision, and centralized logging. By mastering systemctl, understanding service file structure, and following best practices, you can efficiently control system services, troubleshoot issues, and ensure your Linux environment runs reliably.

Key takeaways:

Use systemctl to start, stop, enable, and monitor services.
Service files define how systemd manages processes—learn their structure to create custom services.
journalctl is your go-to tool for service logs and troubleshooting.
Targets replace runlevels to define system states (e.g., text vs. GUI mode).

Practice with these commands and experiment with creating your own service files to solidify your skills!

References

[Systemd Official Documentation](https://www.freedes

Table of Contents