systemd our next-generation init system PABLO N. HESS Instructor Red Hat São Paulo December 2011 General info & History !uthors: Current default init for# $ennart Poettering (Red Hat) .edora Pulseaudio' A(ahi o*enS+SE )ay Sie(ers %o*enSUSE& /andri(a +de( Spelling# .uture default init for# It0s systemd' Gentoo not system D !rc" not System D /ageia not SystemD not system d Probably e(eryone else Major features Massi(ely *arallel service initiali4ation Re*laces +*start and SysVinit 5n-demand network ser(ice initiali4ation Re*laces %x)inetd 5n-demand fsc70ing & mounting Re*laces fstab and autofs 5n-demand socket-based initiali4ation 2etter than +*start /otivation# Reliable supervisioning 8"at current init systems Reliable de*endencies do not9can not *rovide Parallel ser(ice initiali4ation Socket-based initiali4ation 2etter-than-shellscri*t speeds -ode dedu*lication/ saniti4ation $o6 first user PIDs Path-based initiali4ation 2etter-than-shellscri*t s*eeds Code deduplication/ saniti4ation PIDs user $o6 first initiali4ationPath-based Reliable su*er(isioning Reliable de*endencies Reliable ser(ice Parallel initiali4ation Soc7et-based initiali4ation daemon sto**ed -"ild not stop*ed double for7%& to init Re-*arented Daemon *rocess SysV/Upstart 2etter-than-shellscri*t speeds -odededuplication/ saniti4ation PIDs user $o6 first initiali4ationPath-based Reliable super(isioning Reliable de*endencies Reliable ser(ice Parallel initiali4ation Soc7et-based initiali4ation daemon sto**ed stop*ed 8"ole cgrou* double for7%& to init Re-*arented daemon0s cgrou* daemon0s Daemon *rocess systemd Sys19+*start Reliable super(isioning Reliable de*endencies i n i -+PS starts' t Parallel ser(ice s needs D-bus t a initiali4ation r t s D -+PS may send Socket-based - b D-bus messages u initiali4ation s 2etter-than-shellscri*t S speeds P D-bus started' + - l open soc7et l -ode deduplication/ e t saniti4ation $o6 first user PIDs Path-based initiali4ation systemd systemd "as already Reliable su*er(isioning opened needed soc7ets Reliable de*endencies s y -+PS starts' s Parallel ser(ice t needs D-bus e m initiali4ation d s t Soc7et-based -+PS may send a r t D-bus messages s initiali4ation D - b 2etter-than-shellscri*t u s speeds -ode deduplication/ D-bus started' saniti4ation retrie(es messages $o6 first user PIDs Path-based initiali4ation SystemV start() { [ -x $exec ] || exit 5 Reliable super(isioning # Source config Reliable de*endencies if [ -f /etc/sysconfig/rsyslog ] ; then Parallel service . /etc/sysconfig/rsyslog initiali4ation fi umask 077 Soc7et-based echo -n $"Starting system logger: " daemon --pidfile="${PIDFILE}" \ initiali4ation $exec $SYSLOGD_OPTIONS 2etter-than-shellscri*t RETVAL=$? echo s*eeds [ $RETVAL -eq 0 ] && touch $lockfile Code deduplication/ return $RETVAL } saniti4ation ExecStartPre=/bin/systemctl stop \ $o6 first user PIDs systemd-kmsg-syslogd.service ExecStart=/usr/sbin/rsyslogd -n -c5 Path-based initiali4ation Sockets=syslog.socket StandardOutput=null systemd Rsyslog as an example Reliable super(isioning Reliable de*endencies sysvinit scri*t Parallel ser(ice 106 lines initiali4ation ;< lines of code Socket-based initiali4ation systemd =unit file> 2etter-than-shellscri*t 11 lines speeds 9 lines of code -ode deduplication9 saniti4ation $o6 first user PIDs Path-based initiali4ation 2etter-than-shellscri*t speeds -ode dedu*lication/ saniti4ation PIDs user first $o6 initiali4ationPath-based Reliable supervisioning Reliable de*endencies ser(ice Parallel initiali4ation Socket-based initiali4ation systemd starts -+PS *rocesses job *rocesses -+PS started' .ile .ile created in -+PS as an example as -+PS /var/s*ool9cu*s 8orking 6it" systemd ,(erything is a unit: home@automount auto-mounted .S rsyslog@service regular service sshd@soc7et soc7et definition cu*s.*ath *at" definition Aargets =6ant” units [email protected] *ostfix@service cron.target sysinit.target sysinit.target@6ants/ remount-rootfs.ser(ice Buotaon.ser(ice In(ocation# systemd versus System1 System1 systemd # service sshd start # systemctl start sshd.service # chkconfig sshd on # systemctl enable sshd.service add autofs ma* # systemctl enable home.automount add fstab entry # systemctl enable home.mount # init 5 # systemctl isolate graphical.target +nit files example# automount mount home@automount [Unit] Description=Automount my /home man systemd@automount [Automount] Where=/home [Install] WantedBy=sysinit.target home@mount [Unit] Description=My home directory [Mount] triggers "ome@mount #What=UUID=fd6e2ed9-d430-45b3-9... What=/dev/sdb9 Where=/home Type=ext4 Options=noatime,discard,nobarrier man systemd@mount +nit files example# swap de(-sda<@swa* [Unit] Description=Swap on /dev/sda5 man systemd@swa* [Swap] What=/dev/sda5 Priority=1 TimeoutSec=5 [Install] WantedBy=swap.target +nit files example# services sshd@service [Unit] Description=OpenSSH server daemon. After=syslog.target network.target auditd.service or [Service] Type=simple ExecStart=/usr/sbin/sshd -D ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target man systemd@ser(ice +nit files example# services gettyC@service ... [Service] Environment=TERM=linux ExecStart=-/sbin/agetty %I 38400 Restart=always or RestartSec=0 UtmpIdentifier=%I TTYPath=/dev/%I ... # systemctl --full --no-pager |grep getty [email protected] [email protected] [email protected] [email protected] [email protected] man systemd@ser(ice +nit files example# services sshd@soc7et sshdC@service [Unit] Conflicts=sshd.service [Unit] Description=SSH Per-Connection [Socket] Server ListenStream=22 After=syslog.target ListenStream=2200 Accept=yes [Service] ExecStart=/usr/sbin/sshd -i [Install] StandardInput=socket WantedBy=sockets.target man systemd@ser(ice man systemd@soc7et # systemctl --full --no-pager |grep sshd [email protected]:22-192.168.123.100:50083.service [email protected]:22-192.168.123.245:35623.service [email protected]:22-192.168.123.245:35624.service [email protected]:22-192.168.123.245:60016.service [email protected]:2200-66.187.233.202:11574.service +nit files example# services %ones"ot& i*tables.ser(ice [Unit] Description=IPv4 firewall with iptables After=syslog.target ConditionPathExists=/etc/sysconfig/iptables [Service] Type=oneshot RemainAfterExit=yes ExecStart=/usr/libexec/iptables.init start ExecStop=/usr/libexec/iptables.init stop external scriptsD Environment=BOOTUP=serial Environment=CONSOLETYPE=serial StandardOutput=syslog StandardError=syslog [Install] WantedBy=basic.target +nit files example# services %forking& dnsmasq@ser(ice [Unit] Description=DNS caching server. After=syslog.target network.target the c"oice for [Service] Type=forking legacy SysV PIDFile=/var/run/dnsmasq.pid EnvironmentFile=-/etc/sysconfig/network init scripts ExecStart=/usr/sbin/dnsmasq -s $HOSTNAME [Install] WantedBy=multi-user.target 5ne dir for the *ackager $ ls /lib/systemd/system abrt-ccpp.service poweroff.service abrtd.service poweroff.target abrt-oops.service poweroff.target.wants abrt-vmcore.service pppoe-server.service accounts-daemon.service prefdm.service alsa-restore.service printer.target alsa-store.service proc-sys-fs-binfmt_misc.automount [email protected] proc-sys-fs-binfmt_misc.mount anaconda.target psacct.service arp-ethers.service quotacheck.service atd.service quotaon.service auditd.service rc-local.service [email protected] rdisc.service avahi-daemon.service reboot.service avahi-daemon.socket reboot.target basic.target reboot.target.wants basic.target.wants remote-fs.target bluetooth.service remount-rootfs.service bluetooth.target rescue.service canberra-system-bootup.service rescue.target canberra-system-shutdown-reboot.service restorecond.service canberra-system-shutdown.service rpcbind.target chronyd.service rsyslog.service chrony-wait.service rtkit-daemon.service console-kit-daemon.service runlevel0.target console-kit-log-system-restart.service runlevel1.target console-kit-log-system-start.service runlevel1.target.wants console-kit-log-system-stop.service runlevel2.target console-shell.service runlevel2.target.wants crond.service runlevel3.target cryptsetup.target runlevel3.target.wants ctrl-alt-del.target runlevel4.target cups.path runlevel4.target.wants cups.service runlevel5.target cups.socket runlevel5.target.wants dbus-org.freedesktop.hostname1.service runlevel6.target dbus-org.freedesktop.locale1.service saslauthd.service dbus-org.freedesktop.login1.service sendmail.service dbus-org.freedesktop.timedate1.service [email protected] dbus.service shutdown.target dbus.socket shutdown.target.wants dbus.target.wants sigpwr.target default.target single.service default.target.wants smartcard.target dev-hugepages.mount sm-client.service dev-mqueue.mount sockets.target display-manager.service sockets.target.wants dm-event.service sound.target dm-event.socket speech-dispatcherd.service dnsmasq.service sshd-keygen.service emergency.service sshd.service emergency.target sssd.service fcoe.service swap.target fedora-autorelabel-mark.service sys-fs-fuse-connections.mount fedora-autorelabel.service sysinit.target fedora-configure.service sysinit.target.wants fedora-loadmodules.service sys-kernel-config.mount fedora-readonly.service sys-kernel-debug.mount fedora-storage-init-late.service sys-kernel-security.mount fedora-storage-init.service syslog.socket fedora-wait-storage.service syslog.target final.target syslog.target.wants final.target.wants systemd-ask-password-console.path firstboot-graphical.service systemd-ask-password-console.service fsck-root.service systemd-ask-password-plymouth.path [email protected]