Systemctl
在本教程中,我们将向您介绍在运行systemd的linux系统上如何使用systemctl命令工具有效的控制系统和服务。
Systemctl 介绍
Systemctl是一个systemd工具,主要负责控制systemd系统和服务管理器。
Systemd是一个系统管理守护进程、工具和库的集合,用于取代System V初始进程。Systemd的功能是用于集中管理和配置类UNIX系统。
在Linux生态系统中,Systemd被部署到了大多数的标准Linux发行版中,只有为数不多的几个发行版尚未部署。Systemd通常是所有其它守护进程的父进程,但并非总是如此。
开始Systemd和Systemctl 基础工具之旅
- 首先检查系统上是否安装了systemd以及当前安装的Systemd的版本是什么?
1# systemd --version
2systemd 215
3+PAM +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ -SECCOMP -APPARMOR
从上面的例子可以清楚地看出,我们已经安装了systemd 215版本。
- 检查systemd和systemctl的二进制文件和库的安装位置。
1# whereis systemd
2systemd: /usr/lib/systemd /etc/systemd /usr/share/systemd /usr/share/man/man1/systemd.1.gz
3# whereis systemctl
4systemctl: /usr/bin/systemctl /usr/share/man/man1/systemctl.1.gz
- 检查systemd是否正在运行。
1# ps -eaf | grep [s]ystemd
2root 1 0 0 16:27 ? 00:00:00 /usr/lib/systemd/systemd --switched-root --system --deserialize 23
3root 444 1 0 16:27 ? 00:00:00 /usr/lib/systemd/systemd-journald
4root 469 1 0 16:27 ? 00:00:00 /usr/lib/systemd/systemd-udevd
5root 555 1 0 16:27 ? 00:00:00 /usr/lib/systemd/systemd-logind
6dbus 556 1 0 16:27 ? 00:00:00 /bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
systemd作为父守护进程运行(PID = 1)。 在上面的命令ps中使用(-e)选择所有进程,( - a)选择除会话前导之外的所有进程和(-f)选择完整格式列表(即-eaf)。
另请注意上面示例中的方括号以及其他示例。 Square Bracket表达式是grep的字符类模式匹配的一部分。
- 分析systemd启动过程
1# systemd-analyze
2Startup finished in 487ms (kernel) + 2.776s (initrd) + 20.229s (userspace) = 23.493s
- 分析每个进程在引导时花费的时间
1# systemd-analyze blame
28.565s mariadb.service
37.991s webmin.service
46.095s postfix.service
54.311s httpd.service
63.926s firewalld.service
73.780s kdump.service
83.238s tuned.service
91.712s network.service
101.394s lvm2-monitor.service
111.126s systemd-logind.service
12....
- 分析启动时的关键链
1# systemd-analyze critical-chain
2The time after the unit is active or started is printed after the "@" character.
3The time the unit takes to start is printed after the "+" character.
4multi-user.target @20.222s
5└─mariadb.service @11.657s +8.565s
6└─network.target @11.168s
7└─network.service @9.456s +1.712s
8└─NetworkManager.service @8.858s +596ms
9└─firewalld.service @4.931s +3.926s
10└─basic.target @4.916s
11└─sockets.target @4.916s
12└─dbus.socket @4.916s
13└─sysinit.target @4.905s
14└─systemd-update-utmp.service @4.864s +39ms
15└─auditd.service @4.563s +301ms
16└─systemd-tmpfiles-setup.service @4.485s +69ms
17└─rhel-import-state.service @4.342s +142ms
18└─local-fs.target @4.324s
19└─boot.mount @4.286s +31ms
20└─systemd-fsck@dev-disk-by\x2duuid-79f594ad\x2da332\x2d4730\x2dbb5f\x2d85d19608096
21└─dev-disk-by\x2duuid-79f594ad\x2da332\x2d4730\x2dbb5f\x2d85d196080964.device @4
Systemctl接受服务(.service),挂载点(.mount),套接字(.socket)和设备(.device)作为单位。
- 列出所有可用的单位
1# systemctl list-unit-files
2UNIT FILE STATE
3proc-sys-fs-binfmt_misc.automount static
4dev-hugepages.mount static
5dev-mqueue.mount static
6proc-sys-fs-binfmt_misc.mount static
7sys-fs-fuse-connections.mount static
8sys-kernel-config.mount static
9sys-kernel-debug.mount static
10tmp.mount disabled
11brandbot.path disabled
12.....
- 列出所有运行单元
1# systemctl list-units
2UNIT LOAD ACTIVE SUB DESCRIPTION
3proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File Syste
4sys-devices-pc...0-1:0:0:0-block-sr0.device loaded active plugged VBOX_CD-ROM
5sys-devices-pc...:00:03.0-net-enp0s3.device loaded active plugged PRO/1000 MT Desktop Adapter
6sys-devices-pc...00:05.0-sound-card0.device loaded active plugged 82801AA AC'97 Audio Controller
7sys-devices-pc...:0:0-block-sda-sda1.device loaded active plugged VBOX_HARDDISK
8sys-devices-pc...:0:0-block-sda-sda2.device loaded active plugged LVM PV Qzyo3l-qYaL-uRUa-Cjuk-pljo-qKtX-VgBQ8
9sys-devices-pc...0-2:0:0:0-block-sda.device loaded active plugged VBOX_HARDDISK
10sys-devices-pl...erial8250-tty-ttyS0.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS0
11sys-devices-pl...erial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1
12sys-devices-pl...erial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2
13sys-devices-pl...erial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3
14sys-devices-virtual-block-dm\x2d0.device loaded active plugged /sys/devices/virtual/block/dm-0
15sys-devices-virtual-block-dm\x2d1.device loaded active plugged /sys/devices/virtual/block/dm-1
16sys-module-configfs.device loaded active plugged /sys/module/configfs
17...
- 列出所有失败的单元
1# systemctl --failed
2
3UNIT LOAD ACTIVE SUB DESCRIPTION
4kdump.service loaded failed failed Crash recovery kernel arming
5LOAD = Reflects whether the unit definition was properly loaded.
6ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
7SUB = The low-level unit activation state, values depend on unit type.
81 loaded units listed. Pass --all to see loaded but inactive units, too.
9To show all installed unit files use 'systemctl list-unit-files'.
- 检查单元(cron.service)是否启用?
1# systemctl is-enabled crond.service
2enabled
- 检查单元或服务是否正在运行?
1 systemctl status firewalld.service
2firewalld.service - firewalld - dynamic firewall daemon
3Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
4Active: active (running) since Tue 2018-04-28 16:27:55 IST; 34min ago
5Main PID: 549 (firewalld)
6CGroup: /system.slice/firewalld.service
7└─549 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
8Apr 28 16:27:51 tecmint systemd[1]: Starting firewalld - dynamic firewall daemon...
9Apr 28 16:27:55 tecmint systemd[1]: Started firewalld - dynamic firewall daemon.
- 列出所有服务(包括启用和禁用)
1# systemctl list-unit-files --type=service
2UNIT FILE STATE
3arp-ethers.service disabled
4auditd.service enabled
5autovt@.service disabled
6blk-availability.service disabled
7brandbot.service static
8collectd.service disabled
9console-getty.service disabled
10console-shell.service disabled
11cpupower.service disabled
12crond.service enabled
13dbus-org.fedoraproject.FirewallD1.service enabled
14....
- 如何在Linux中启动,重新启动,停止,重新加载和检查服务(httpd.service)的状态
1# systemctl start httpd.service
2# systemctl restart httpd.service
3# systemctl stop httpd.service
4# systemctl reload httpd.service
5# systemctl status httpd.service
6httpd.service - The Apache HTTP Server
7Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
8Active: active (running) since Tue 2018-04-28 17:21:30 IST; 6s ago
9Process: 2876 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
10Main PID: 2881 (httpd)
11Status: "Processing requests..."
12CGroup: /system.slice/httpd.service
13├─2881 /usr/sbin/httpd -DFOREGROUND
14├─2884 /usr/sbin/httpd -DFOREGROUND
15├─2885 /usr/sbin/httpd -DFOREGROUND
16├─2886 /usr/sbin/httpd -DFOREGROUND
17├─2887 /usr/sbin/httpd -DFOREGROUND
18└─2888 /usr/sbin/httpd -DFOREGROUND
19Apr 28 17:21:30 tecmint systemd[1]: Starting The Apache HTTP Server...
20Apr 28 17:21:30 tecmint httpd[2881]: AH00558: httpd: Could not reliably determine the server's fully q...ssage
21Apr 28 17:21:30 tecmint systemd[1]: Started The Apache HTTP Server.
22Hint: Some lines were ellipsized, use -l to show in full.
当我们使用systemctl等启动,重启,停止和重载等命令时,我们将不会在终端上获得任何输出,只有status命令会打印输出。
- 如何在引导时激活服务并启用或禁用服务(系统引导时自动启动服务)
1# systemctl is-active httpd.service
2# systemctl enable httpd.service
3# systemctl disable httpd.service
- 如何屏蔽(使其无法启动)或取消屏蔽服务(httpd.service)
1ln -s '/dev/null' '/etc/systemd/system/httpd.service'
2# systemctl unmask httpd.service
3rm '/etc/systemd/system/httpd.service'
- 如何使用systemctl命令终止服务
1# systemctl kill httpd
2# systemctl status httpd
3httpd.service - The Apache HTTP Server
4Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
5Active: failed (Result: exit-code) since Tue 2018-04-28 18:01:42 IST; 28min ago
6Main PID: 2881 (code=exited, status=0/SUCCESS)
7Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
8Apr 28 17:37:29 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
9Apr 28 17:37:29 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
10Apr 28 17:37:39 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
11Apr 28 17:37:39 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
12Apr 28 17:37:49 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
13Apr 28 17:37:49 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
14Apr 28 17:37:59 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
15Apr 28 17:37:59 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
16Apr 28 18:01:42 tecmint systemd[1]: httpd.service: control process exited, code=exited status=226
17Apr 28 18:01:42 tecmint systemd[1]: Unit httpd.service entered failed state.
18Hint: Some lines were ellipsized, use -l to show in full.
使用Systemctl控制和管理挂载点
- 列出所有系统安装点
1# systemctl list-unit-files --type=mount
2UNIT FILE STATE
3dev-hugepages.mount static
4dev-mqueue.mount static
5proc-sys-fs-binfmt_misc.mount static
6sys-fs-fuse-connections.mount static
7sys-kernel-config.mount static
8sys-kernel-debug.mount static
9tmp.mount disabled
- 如何装载,卸载,重新装载,重新装载系统装载点,以及检查系统上装载点的状态
1# systemctl start tmp.mount
2# systemctl stop tmp.mount
3# systemctl restart tmp.mount
4# systemctl reload tmp.mount
5# systemctl status tmp.mount
6tmp.mount - Temporary Directory
7Loaded: loaded (/usr/lib/systemd/system/tmp.mount; disabled)
8Active: active (mounted) since Tue 2018-04-28 17:46:06 IST; 2min 48s ago
9Where: /tmp
10What: tmpfs
11Docs: man:hier(7)
12http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
13Process: 3908 ExecMount=/bin/mount tmpfs /tmp -t tmpfs -o mode=1777,strictatime (code=exited, status=0/SUCCESS)
14Apr 28 17:46:06 tecmint systemd[1]: Mounting Temporary Directory...
15Apr 28 17:46:06 tecmint systemd[1]: tmp.mount: Directory /tmp to mount over is not empty, mounting anyway.
16Apr 28 17:46:06 tecmint systemd[1]: Mounted Temporary Directory.
- 如何在引导时激活,启用或禁用装入点(在系统引导时自动装入)
1# systemctl is-active tmp.mount
2# systemctl enable tmp.mount
3# systemctl disable tmp.mount
- 如何在Linux中屏蔽(使其无法启动)或取消屏蔽挂载点
1# systemctl mask tmp.mount
2ln -s '/dev/null' '/etc/systemd/system/tmp.mount'
3# systemctl unmask tmp.mount
4rm '/etc/systemd/system/tmp.mount'
使用Systemctl控制和管理套接字
- 列出所有可用的系统套接字。
1# systemctl list-unit-files --type=socket
2UNIT FILE STATE
3dbus.socket static
4dm-event.socket enabled
5lvm2-lvmetad.socket enabled
6rsyncd.socket disabled
7sshd.socket disabled
8syslog.socket static
9systemd-initctl.socket static
10systemd-journald.socket static
11systemd-shutdownd.socket static
12systemd-udevd-control.socket static
13systemd-udevd-kernel.socket static
1411 unit files listed.
- 如何在Linux中启动,重新启动,停止,重新加载和检查套接字的状态(例如:cups.socket)
1# systemctl start cups.socket
2# systemctl restart cups.socket
3# systemctl stop cups.socket
4# systemctl reload cups.socket
5# systemctl status cups.socket
6cups.socket - CUPS Printing Service Sockets
7Loaded: loaded (/usr/lib/systemd/system/cups.socket; enabled)
8Active: active (listening) since Tue 2015-04-28 18:10:59 IST; 8s ago
9Listen: /var/run/cups/cups.sock (Stream)
10Apr 28 18:10:59 tecmint systemd[1]: Starting CUPS Printing Service Sockets.
11Apr 28 18:10:59 tecmint systemd[1]: Listening on CUPS Printing Service Sockets.
- 如何激活套接字并在引导时启用或禁用(在系统引导时自动启动套接字)
1# systemctl is-active cups.socket
2# systemctl enable cups.socket
3# systemctl disable cups.socket
- 如何屏蔽(使其无法启动)或取消屏蔽插座(cups.socket)
1# systemctl mask cups.socket
2ln -s '/dev/null' '/etc/systemd/system/cups.socket'
3# systemctl unmask cups.socket
4rm '/etc/systemd/system/cups.socket'
服务的CPU利用率(份额)
- 获取服务的当前CPU份额(比如httpd)
1# systemctl show -p CPUShares httpd.service
2CPUShares=1024
每个服务的默认值都为CPUShare = 1024.您可以增加/减少进程的CPU份额。
- 将服务的CPU份额(httpd.service)限制为2000 CPUShares /
1# systemctl set-property httpd.service CPUShares=2000
2# systemctl show -p CPUShares httpd.service
3CPUShares=2000
为服务设置CPUShare时,会创建一个名为service的目录(httpd.service.d),其中包含一个包含CPUShare Limit信息的文件90-CPUShares.conf。 您可以将文件视为:
1# vi /etc/systemd/system/httpd.service.d/90-CPUShares.conf
2[Service]
3CPUShares=2000
- 检查服务的所有配置详细信息
1# systemctl show httpd
2Id=httpd.service
3Names=httpd.service
4Requires=basic.target
5Wants=system.slice
6WantedBy=multi-user.target
7Conflicts=shutdown.target
8Before=shutdown.target multi-user.target
9After=network.target remote-fs.target nss-lookup.target systemd-journald.socket basic.target system.slice
10Description=The Apache HTTP Server
11LoadState=loaded
12ActiveState=active
13SubState=running
14FragmentPath=/usr/lib/systemd/system/httpd.service
15....
- 分析服务的关键链(httpd)
1# systemd-analyze critical-chain httpd.service
2The time after the unit is active or started is printed after the "@" character.
3The time the unit takes to start is printed after the "+" character.
4httpd.service +142ms
5└─network.target @11.168s
6└─network.service @9.456s +1.712s
7└─NetworkManager.service @8.858s +596ms
8└─firewalld.service @4.931s +3.926s
9└─basic.target @4.916s
10└─sockets.target @4.916s
11└─dbus.socket @4.916s
12└─sysinit.target @4.905s
13└─systemd-update-utmp.service @4.864s +39ms
14└─auditd.service @4.563s +301ms
15└─systemd-tmpfiles-setup.service @4.485s +69ms
16└─rhel-import-state.service @4.342s +142ms
17└─local-fs.target @4.324s
18└─boot.mount @4.286s +31ms
19└─systemd-fsck@dev-disk-by\x2duuid-79f594ad\x2da332\x2d4730\x2dbb5f\x2d85d196080964.service @4.092s +149ms
20└─dev-disk-by\x2duuid-79f594ad\x2da332\x2d4730\x2dbb5f\x2d85d196080964.device @4.092s
- 获取服务的依赖项列表(httpd)
1# systemctl list-dependencies httpd.service
2httpd.service
3├─system.slice
4└─basic.target
5├─firewalld.service
6├─microcode.service
7├─rhel-autorelabel-mark.service
8├─rhel-autorelabel.service
9├─rhel-configure.service
10├─rhel-dmesg.service
11├─rhel-loadmodules.service
12├─paths.target
13├─slices.target
14│ ├─-.slice
15│ └─system.slice
16├─sockets.target
17│ ├─dbus.socket
18....
- 按层次列出控制组
1# systemd-cgls
2├─1 /usr/lib/systemd/systemd --switched-root --system --deserialize 23
3├─user.slice
4│ └─user-0.slice
5│ └─session-1.scope
6│ ├─2498 sshd: root@pts/0
7│ ├─2500 -bash
8│ ├─4521 systemd-cgls
9│ └─4522 systemd-cgls
10└─system.slice
11├─httpd.service
12│ ├─4440 /usr/sbin/httpd -DFOREGROUND
13│ ├─4442 /usr/sbin/httpd -DFOREGROUND
14│ ├─4443 /usr/sbin/httpd -DFOREGROUND
15│ ├─4444 /usr/sbin/httpd -DFOREGROUND
16│ ├─4445 /usr/sbin/httpd -DFOREGROUND
17│ └─4446 /usr/sbin/httpd -DFOREGROUND
18├─polkit.service
19│ └─721 /usr/lib/polkit-1/polkitd --no-debug
20....
- 根据CPU,内存,输入和输出列出控制组
1# systemd-cgtop
2Path Tasks %CPU Memory Input/s Output/s
3/ 83 1.0 437.8M - -
4/system.slice - 0.1 - - -
5/system.slice/mariadb.service 2 0.1 - - -
6/system.slice/tuned.service 1 0.0 - - -
7/system.slice/httpd.service 6 0.0 - - -
8/system.slice/NetworkManager.service 1 - - - -
9/system.slice/atop.service 1 - - - -
10/system.slice/atopacct.service 1 - - - -
11/system.slice/auditd.service 1 - - - -
12/system.slice/crond.service 1 - - - -
13/system.slice/dbus.service 1 - - - -
14/system.slice/firewalld.service 1 - - - -
15/system.slice/lvm2-lvmetad.service 1 - - - -
16/system.slice/polkit.service 1 - - - -
17/system.slice/postfix.service 3 - - - -
18/system.slice/rsyslog.service 1 - - - -
19/system.slice/system-getty.slice/getty@tty1.service 1 - - - -
20/system.slice/systemd-journald.service 1 - - - -
21/system.slice/systemd-logind.service 1 - - - -
22/system.slice/systemd-udevd.service 1 - - - -
23/system.slice/webmin.service 1 - - - -
24/user.slice/user-0.slice/session-1.scope 3 - - - -
控制系统运行级别
- 如何启动系统救援模式
1# systemctl rescue
2Broadcast message from root@tecmint on pts/0 (Wed 2015-04-29 11:31:18 IST):
3The system is going down to rescue mode NOW!
- 如何进入紧急模式。
1# systemctl emergency
2Welcome to emergency mode! After logging in, type "journalctl -xb" to view
3system logs, "systemctl reboot" to reboot, "systemctl default" to try again
4to boot into default mode.
- 列出当前使用的运行级别
1# systemctl get-default
2multi-user.target
- 如何启动Runlevel 5 aka图形模式。
1# systemctl isolate runlevel5.target
2OR
3# systemctl isolate graphical.target
- 如何启动Runlevel 3又称多用户模式(命令行)
1# systemctl set-default runlevel3.target
2# systemctl set-default runlevel5.target
- 如何重启,暂停,暂停,休眠或将系统置于混合睡眠状态
1# systemctl reboot
2# systemctl halt
3# systemctl suspend
4# systemctl hibernate
5# systemctl hybrid-sleep
对于那些可能不了解跑步水平及其作用的人。
运行级别0:关闭并关闭系统电源。
运行级别1:救援?维护模式。
运行级别3:多用户,无图形系统。
运行级别4:多用户,无图形系统。
运行级别5:多用户,图形系统。
运行级别6:关闭并重新启动机器。