• Get application security done the right way! Detect, Protect, Monitor, Accelerate, and more…
  • The default system and service manager for most Linux distributions now is systemd.

    The systemd process replaces the SysV init. It runs as the first process after the kernel boot and is responsible for bringing the Linux host up to the state where it can be used. It is responsible for starting and managing the services, mounting filesystems, managing hardware, generating the login prompt, and much more.

    A key benefit over SysV is that systemd starts as many services as possible in parallel, thus speeding up the startup process, and that brings up the login screen faster.

    Units

    The items that are managed by the systemd are called units. The unit files are located in /lib/systemd/system.

    Service Units

    For service management, the target units are service units, which have unit files with a suffix of .service.

    Managing systemd services

    The command to manage systemd units is systemctl.

    Starting and Stopping Services

    To start a systemd service, use the systemctl start command:

    $ sudo systemctl start name.service

    You can leave .service suffix. For example, to start the apache server on Ubuntu:

    $ sudo systemctl start apache2

    To stop a running service:

    $ sudo systemctl stop name.service

    So, to stop the apache server on Ubuntu:

    $ sudo systemctl stop apache2

    Restarting and Reloading services

    To restart a running service, use restart command:

    $ sudo systemctl restart name.service

    And where the only reloading configuration file is required

    $ sudo systemctl reload name.service

    Enabling and Disabling Services

    If you want a service to start automatically at system boot, use enable command:

    $ sudo systemctl enable name.service

    To disable a service from starting at system boot:

    $ sudo systemctl disable name.service

    Disabling does not stop a running service.

    Viewing service status

    To view information about a service:

    $ sudo systemctl status name.service

    This will show you the status of the service and the first few lines of the log file. So, while the service is running is, the output of

    sudo systemctl status apache2

    is

    apache2.service - The Apache HTTP Server
       Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
      Drop-In: /lib/systemd/system/apache2.service.d
               └─apache2-systemd.conf
       Active: active (running) since Tue 2020-05-19 22:11:36 UTC; 4 days ago
      Process: 116002 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
    Main PID: 104165 (apache2)
        Tasks: 55 (limit: 1024)
       CGroup: /system.slice/apache2.service
               ├─104165 /usr/sbin/apache2 -k start
               ├─116006 /usr/sbin/apache2 -k start
               └─116007 /usr/sbin/apache2 -k start
    
    May 19 22:11:36 ubuntu18 systemd[1]: Starting The Apache HTTP Server...
    May 19 22:11:36 ubuntu18 systemd[1]: Started The Apache HTTP Server.
    May 21 06:25:01 ubuntu18 systemd[1]: Reloading The Apache HTTP Server.
    May 21 06:25:01 ubuntu18 systemd[1]: Reloaded The Apache HTTP Server.
    May 22 06:25:01 ubuntu18 systemd[1]: Reloading The Apache HTTP Server.

    To check if a service is active:

    $ sudo systemctl is-active name.service

    So, while the apache2 service is running, the output of systemctl is-active command is :

    $ sudo systemctl is-active apache2
    active

    To check if a service is enabled:

    $ sudo systemctl is-enabled name.service.

    Viewing System State

    All commands you have seen till now are used to manage a single service. When you want an overview of the system state, use the following set of commands:

    To see all unit types

    $ sudo systemctl -t help
    Available unit types:
    service
    socket
    target
    device
    mount
    automount
    swap
    timer
    path
    slice
    scope

    To list all installed units, use list-unit-files

    $ sudo systemctl list-unit-files
    UNIT FILE                              STATE          
    proc-sys-fs-binfmt_misc.automount      static         
    -.mount                                generated      
    boot-efi.mount                         generated      
    dev-hugepages.mount                    static         
    dev-mqueue.mount                       static         
    mnt.mount                              generated      
    proc-sys-fs-binfmt_misc.mount          static         
    sys-fs-fuse-connections.mount          static         
    sys-kernel-config.mount                static         
    sys-kernel-debug.mount                 static         
    acpid.path                             enabled        
    apport-autoreport.path                 enabled        
    systemd-ask-password-console.path      static         
    systemd-ask-password-plymouth.path     static         
    systemd-ask-password-wall.path         static         
    session-161.scope                      transient      
    accounts-daemon.service                enabled        
    

    The output has only two columns Unit File and State. The state will usually be enabled, disabled, static or masked.

    • Static: This means the unit cannot be enabled, performs a one-off action, or is a dependency of another unit and cannot be run by itself.
    • Masked: A unit listed as masked means it is completely unstartable, as it is linked to /dev/null. This is called masking the unit. This prevents the service from being started, manually or automatically.

    List all installed services

    The systemctl list-unit-files command with -t or –type service filter shows the state of installed services only.

    $ sudo systemctl list-unit-files -t service
    
    UNIT FILE                              STATE    
    accounts-daemon.service                enabled  
    acpid.service                          disabled 
    apache-htcacheclean.service            disabled 
    [email protected]           disabled 
    apache2.service                        enabled  
    [email protected]                       disabled 
    apparmor.service                       enabled  
    apport-autoreport.service              static   
    [email protected]                static   
    apport.service                         generated
    apt-daily-upgrade.service              static   
    apt-daily.service                      static   
    atd.service                            enabled  
    [email protected]                        enabled  
    blk-availability.service               enabled  
    bootlogd.service                       masked   
    bootlogs.service                       masked   
    

    To see all active service units, use list-units with -t service filter

    $ sudo systemctl list-units -t service
    
    UNIT                                 LOAD   ACTIVE SUB     DESCRIPTION                             
      accounts-daemon.service              loaded active running Accounts Service                        
      apache2.service                      loaded active running The Apache HTTP Server                  
      apparmor.service                     loaded active exited  AppArmor initialization                 
      apport.service                       loaded active exited  LSB: automatic crash report generation  
      atd.service                          loaded active running Deferred execution scheduler            
      blk-availability.service             loaded active exited  Availability of block devices           
      cloud-config.service                 loaded active exited  Apply the settings specified in cloud-con
      cloud-final.service                  loaded active exited  Execute cloud user/final scripts        
      cloud-init-local.service             loaded active exited  Initial cloud-init job (pre-networking) 
      cloud-init.service                   loaded active exited  Initial cloud-init job (metadata service 
      console-setup.service                loaded active exited  Set console font and keymap             
      cron.service                         loaded active running Regular background program processing dae
    

    The output has the following columns :

    • UNIT: The systemd service unit name
    • LOAD: Shows whether the unit definition was properly read and loaded
    • ACTIVE: Describes if the unit is active.
    • SUB: Low-level activation state of the unit, giving more detailed information about the unit. This will vary by unit type.
    • DESCRIPTION: The service unit’s description.

    Conclusion

    I hope this gives you an idea about using systemctl to manage services on Linux. If interested in learning more, you can check out this Linux Mastery course.