SlideShare a Scribd company logo

A journey through the years of UNIX and Linux service management

Lubomir Rintel
Lubomir Rintel

This document provides a history of Unix and Linux service management from the early days of /etc/init through the development of systemd. It describes the issues with early init systems like limitations in flexibility, lack of monitoring, and inconsistencies. It then discusses how various operating systems attempted to address these problems through tools like SMF, launchd, upstart, and others. Finally, it provides an overview of how systemd comprehensively solves the issues through features like unit files, control groups, journald logging, and integration with the Linux kernel.

Technology
1 of 23
Download to read offline
From /etc/init to systemd A journey through the years of UNIX and Linux service management Lubomir Rintel <lkundrak@v3.sk> BTC: 15wvWxN5QMpreKR37pYb7VBu8xLu4TiNR2
Sixth Edition UNIX (1976) ● /etc/init (219 lines) ● ● gettys from /etc/ttys ● ● Single user shell utmp & wtmp /etc/rc (2 lines) rm -f /etc/mtab /etc/update
UNIX System III (1980) ● /etc/init ● (486 lines) /etc/inittab "states" controlling gettys on terminals ● /etc/rc (67 lines) ● State aware, single user mode ● acct ● errdemon ● cron ● "edit to add umounts"
2.9 BSD UNIX (1983) ● /sbin/init (593 lines) ● ● ● Single user shell gettys from /etc/ttys /etc/rc (53 lines) ● fsck, quotacheck ● mount -a, from /etc/fstab ● savecore, ex/vi recovery ● clear /tmp, locks in /usr/spool ● update, cron, acct ● hostname
UNIX System V Release 4 (1983) ● /etc/init ● ● /etc/inittab with runlevels, respawns /etc/rc? ● Modular init system, /etc/rc.d ● Per-daemon init scripts (8-56 lines, avg. 26) – – ● ● start & stop arguments pid from ps, stop = kill -TERM Enablement/disablement by linking into level dir Ordered by numbers
#ident "@(#)/etc/init.d/cron.sl 1.1 4.0 10/15/90 8479 AT&T-SF" # cron control pid=`/usr/bin/ps -e | /usr/bin/grep cron | /usr/bin/sed -e 's/^ *//' -e 's/ .*//'` case $1 in 'start') if [ "${pid}" = "" ] then /usr/bin/rm -f /etc/cron.d/FIFO if [ -x /usr/bin/cron ] then /usr/bin/cron elif [ -x /usr/sbin/cron ] then /usr/sbin/cron fi fi ;; 'stop') if [ "${pid}" != "" ] then /usr/bin/kill ${pid} fi ;; *) echo "usage: /etc/init.d/cron {start|stop}" ;; esac
2.11 BSD UNIX (1986) ● /sbin/init (782 lines) ● ● ● Single user gettys from /etc/gettytab /etc/rc (165 lines) ● ● ● Everything 2.9BSD had Network, inetd, routed, named, lpd, rwhod /etc/rc.local ● Editable for starting local daemons
Red Hat Enterprise Linux 5 (2007) ● SVR4-like init ● ● Some BSD elements: /etc/rc, /etc/rc.local Init scripts LSB compliant ● 61-584 lines, avg. 128 ● start, stop, status, restart, condrestart ● Pidfiles in /var/run ● Subsystem locks in /var/lock/subsys ● /etc/rc.d/functions library ● /etc/sysconfig init script configuration
#!/bin/bash # # sendmail This shell script takes care of starting and stopping # sendmail. # # chkconfig: 2345 80 30 # description: Sendmail is a Mail Transport Agent, which is the program # that moves mail from one machine to another. # processname: sendmail # config: /etc/mail/sendmail.cf # pidfile: /var/run/sendmail.pid if [ -x /usr/bin/make -a -f /etc/mail/Makefile ]; then make all -C /etc/mail -s > /dev/null else for i in virtusertable access domaintable mailertable ; do if [ -f /etc/mail/$i ] ; then makemap hash /etc/mail/$i < /etc/mail/$i fi done fi daemon /usr/sbin/sendmail $([ "x$DAEMON" = xyes ] && echo -bd) $([ -n "$QUEUE" ] && echo -q$QUEUE) RETVAL=$? killproc sendmail -HUP RETVAL=$? echo if [ $RETVAL -eq 0 -a -f /var/run/sm-client.pid ]; then echo -n $"reloading sm-client: " killproc sm-client -HUP RETVAL=$? echo fi return $RETVAL # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. [ -f /etc/sysconfig/network ] && . /etc/sysconfig/network # Source sendmail configureation. if [ -f /etc/sysconfig/sendmail ] ; then . /etc/sysconfig/sendmail else DAEMON=no QUEUE=1h fi [ -z "$SMQUEUE" ] && SMQUEUE="$QUEUE" [ -z "$SMQUEUE" ] && SMQUEUE=1h } stop() { # Stop daemons. if test -f /var/run/sm-client.pid ; then echo -n $"Shutting down sm-client: " killproc sm-client RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/run/sm-client.pid [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sm-client fi echo -n $"Shutting down $prog: " killproc sendmail RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sendmail return $RETVAL # Check that networking is up. [ "${NETWORKING}" = "no" ] && exit 0 [ -f /usr/sbin/sendmail ] || exit 0 RETVAL=0 prog="sendmail" start() { # Start daemons. echo -n $"Starting $prog: " if test -x /usr/bin/make -a -f /etc/mail/Makefile ; then make all -C /etc/mail -s > /dev/null else for i in virtusertable access domaintable mailertable ; do if [ -f /etc/mail/$i ] ; then makemap hash /etc/mail/$i < /etc/mail/$i fi done fi /usr/bin/newaliases > /dev/null 2>&1 daemon /usr/sbin/sendmail $([ "x$DAEMON" = xyes ] && echo -bd) $([ -n "$QUEUE" ] && echo -q$QUEUE) $SENDMAIL_OPTARG RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sendmail if ! test -f /var/run/sm-client.pid ; then echo -n $"Starting sm-client: " touch /var/run/sm-client.pid chown smmsp:smmsp /var/run/sm-client.pid if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then /sbin/restorecon /var/run/sm-client.pid fi daemon --check sm-client /usr/sbin/sendmail -L sm-msp-queue -Ac -q$SMQUEUE $SENDMAIL_OPTARG RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sm-client fi return $RETVAL reload() { # Stop daemons.} echo -n $"reloading $prog: " /usr/bin/newaliases > /dev/null 2>&1 } # See how we were called. case "$1" in start) start ;; stop) stop ;; reload) reload RETVAL=$? ;; restart) stop start RETVAL=$? ;; condrestart) if [ -f /var/lock/subsys/sendmail ]; then stop start RETVAL=$? fi ;; status) status sendmail RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|condrestart|status}" exit 1 esac exit $RETVAL
·· ddish): hket (Yi far∙pot∙s pronoun  a result ruined as letely  erfection 1. comp inor imp o f ix a m ttempts t of a
Issues ● inittab ● service control inflexible Not actually used very much ● No way to monitor services ● Error output is lost ● Inflexible startup ordering ● Single-threaded startup ● ● ● Slow Malfunctional startup script can lock up boot Limited to single instance of a service
Issues (cont.) ● No way to track processes belonging to a service ● ● No way to reliably terminate a service ● No way to tell whether the service is operational ● ● They double-fork to daemonize Resource hogging Inconsistent ● Who drops privileges? ● Who writes PID files? ● Who chroots?
SVR4 & LSB init scripts ● Unbelievably shitty ● Unreliably work around issues mentioned ● Very long and ugly ● Lots of code duplication ● ● Races, improper subsystem locks Insecure PID determination
How did UNIX address this ● Sun Solaris 10: SMF ● ● Multiple service instances Apple Darwin: launchd ● ● On demand startup of network daemons (inetd) ● ● System and User sessions Job scheduler Common: ● ● Dependency management, service ordering ● ● Parallel startup Monitoring/restarts of services Various others: upstart, daemontools, Monit, ...
Linux: systemd ● Heavily inspired by concepts from launchd ● Already used in most modern Linux distributions ● Solves all of the mentioned issues! ● Leverages Linux inovations -- a lot more powerful ● Control groups, Namespaces ● Seccomp, Capabilities, SELinux ● Auditing ● Automounter ● DBus API ● Structured kernel messaging
systemd Unit types Unit type Description/equivalent service A daemon (SVR4 init script) socket A network or UNIX socket (inetd) device UDev device instance mount Mount point (fstab) target Runlevel swap Swap space (fstab) automount Autofs path Inotify watch timer Crond snapshot Dynamically created target
httpd.service ├─system.slice └─basic.target ├─fedora-loadmodules.service ├─paths.target ├─sockets.target │ ├─cups.socket │ ├─rpcbind.socket │ ├─systemd-initctl.socket │ └─systemd-udevd-kernel.socket ├─sysinit.target │ ├─kmod-static-nodes.service │ ├─systemd-udev-trigger.service │ ├─local-fs.target │ │ ├─-.mount │ │ ├─fedora-import-state.service │ │ ├─home.mount │ │ ├─systemd-fsck-root.service │ │ └─tmp.mount │ └─swap.target │ └─dev-disk-byx2dlabel-yolo.swap └─timers.target └─systemd-tmpfiles-clean.timer
systemd Units ● Defined from unit files ● ● ● /lib/systemd /etc/systemd Generated automatically ● ● ● Compatibility or dynamic changes device unit appears as device appears in udev mount units generated from /etc/fstab
Service units ● Service runs in its own control group ● Isolated from the rest of system to some extent ● A process can't escape ● Freezer control group assures reliable shutdown ● Service should not double-fork (launchd) ● systemd-journald takes care of logging ● Can depend on socket units for activation (inetd) ● DBus activation also possible
User sessions ● Manages processes for a user session (e.g. tty or GNOME desktop) ● Session runs in separate control group ● systemd-logind replaces ConsoleKit ● Multiseat ● Reliable log-off
Essential tools systemctl --all systemctl stop sshd.service systemctl status sshd systemctl disable sshd systemd-cgtop systemd-cgls journalctl -f systemd-analyze blame systemd-analyze critical-chain
What else ● Takes care of system-wide events ● ● Laptop lid close ● ● Pinging watchdog Shutdown, kexec Documentation ● ● Well written manual pages for everything Lightweight virtualization (LXC) ● clone()s all namespaces
Thanks for listening! Found this useful? My Bitcoin address: 15wvWxN5QMpreKR37pYb7VBu8xLu4TiNR2

Recommended

Pursue container architecture with mincs
Pursue container architecture with mincsPursue container architecture with mincs
Pursue container architecture with mincs
Yuki Nishiwaki
 
Solaris_quickref.pdf
Solaris_quickref.pdfSolaris_quickref.pdf
Solaris_quickref.pdf
RobertoBravo58
 
Linux Commands - 3
Linux Commands - 3Linux Commands - 3
Linux Commands - 3Kanchilug
 
Clase10 (consola linux)
Clase10 (consola linux)Clase10 (consola linux)
Clase10 (consola linux)
Miguel Eduardo Luces
 
Debian 5 Hardening Tips
Debian 5 Hardening TipsDebian 5 Hardening Tips
Debian 5 Hardening Tips
s3m1llon
 
Comets notes
Comets notesComets notes
Comets notes
Ilija Dukovski
 
Linux
LinuxLinux
Linux
Ankush Jain
 
lec4.docx
lec4.docxlec4.docx
lec4.docxismailaboshatra
 

Recommended

Pursue container architecture with mincs
Pursue container architecture with mincsPursue container architecture with mincs
Pursue container architecture with mincs
Yuki Nishiwaki
 
Solaris_quickref.pdf
Solaris_quickref.pdfSolaris_quickref.pdf
Solaris_quickref.pdf
RobertoBravo58
 
Linux Commands - 3
Linux Commands - 3Linux Commands - 3
Linux Commands - 3Kanchilug
 
Clase10 (consola linux)
Clase10 (consola linux)Clase10 (consola linux)
Clase10 (consola linux)
Miguel Eduardo Luces
 
Debian 5 Hardening Tips
Debian 5 Hardening TipsDebian 5 Hardening Tips
Debian 5 Hardening Tips
s3m1llon
 
Comets notes
Comets notesComets notes
Comets notes
Ilija Dukovski
 
Linux
LinuxLinux
Linux
Ankush Jain
 
lec4.docx
lec4.docxlec4.docx
lec4.docxismailaboshatra
 
Useful linux-commands
Useful linux-commandsUseful linux-commands
Useful linux-commands
Himani Singh
 
Zram
ZramZram
Zram
Nur Budiyanto
 
Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)
shimosawa
 
50 most frequently used unix
50 most frequently used unix50 most frequently used unix
50 most frequently used unixTeja Bheemanapally
 
Augeas
AugeasAugeas
Augeas
lutter
 
Shell scripting
Shell scriptingShell scripting
Shell scripting
Geeks Anonymes
 
Vi Editor
Vi EditorVi Editor
Vi Editor
Shiwang Kalkhanda
 
Shell & Shell Script
Shell & Shell Script Shell & Shell Script
Shell & Shell Script
Amit Ghosh
 
NUMOSS 4th Week - Commandline Tutorial
NUMOSS 4th Week - Commandline TutorialNUMOSS 4th Week - Commandline Tutorial
NUMOSS 4th Week - Commandline Tutorial
Gagah Arifianto
 
Linux Command Line
Linux Command LineLinux Command Line
Linux Command Line
Prima Yogi Loviniltra
 
4412 SDRAM
4412 SDRAM4412 SDRAM
4412 SDRAM
philippe_nuaa
 
100+ run commands for windows
100+ run commands for windows 100+ run commands for windows
100+ run commands for windows
Anand Garg
 
List Command at Run
List Command at RunList Command at Run
List Command at Run
Imam Dermawan
 
Introduction to shell scripting
Introduction to shell scriptingIntroduction to shell scripting
Introduction to shell scripting
Corrado Santoro
 
50 Most Frequently Used UNIX Linux Commands -hmftj
50 Most Frequently Used UNIX Linux Commands -hmftj50 Most Frequently Used UNIX Linux Commands -hmftj
50 Most Frequently Used UNIX Linux Commands -hmftj
LGS, GBHS&IC, University Of South-Asia, TARA-Technologies
 
Linux fundamental - Chap 11 boot
Linux fundamental - Chap 11 bootLinux fundamental - Chap 11 boot
Linux fundamental - Chap 11 boot
Kenny (netman)
 
Easiest way to start with Shell scripting
Easiest way to start with Shell scriptingEasiest way to start with Shell scripting
Easiest way to start with Shell scripting
Akshay Siwal
 
Terminal basic-commands(Unix) -partI
Terminal basic-commands(Unix) -partITerminal basic-commands(Unix) -partI
Terminal basic-commands(Unix) -partI
Kedar Bhandari
 
Linux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for BeginnersLinux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for Beginners
Davide Ciambelli
 
Really useful linux commands
Really useful linux commandsReally useful linux commands
Really useful linux commands
Michael J Geiser
 
От sysV к systemd
От sysV к systemdОт sysV к systemd
От sysV к systemd
Denis Kovalev
 
Andresen 8 21 02
Andresen 8 21 02Andresen 8 21 02
Andresen 8 21 02
FNian
 

More Related Content

What's hot

Useful linux-commands
Useful linux-commandsUseful linux-commands
Useful linux-commands
Himani Singh
 
Zram
ZramZram
Zram
Nur Budiyanto
 
Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)
shimosawa
 
Augeas
AugeasAugeas
Augeas
lutter
 
Shell scripting
Shell scriptingShell scripting
Shell scripting
Geeks Anonymes
 
Vi Editor
Vi EditorVi Editor
Vi Editor
Shiwang Kalkhanda
 
Shell & Shell Script
Shell & Shell Script Shell & Shell Script
Shell & Shell Script
Amit Ghosh
 
NUMOSS 4th Week - Commandline Tutorial
NUMOSS 4th Week - Commandline TutorialNUMOSS 4th Week - Commandline Tutorial
NUMOSS 4th Week - Commandline Tutorial
Gagah Arifianto
 
Linux Command Line
Linux Command LineLinux Command Line
Linux Command Line
Prima Yogi Loviniltra
 
4412 SDRAM
4412 SDRAM4412 SDRAM
4412 SDRAM
philippe_nuaa
 
100+ run commands for windows
100+ run commands for windows 100+ run commands for windows
100+ run commands for windows
Anand Garg
 
List Command at Run
List Command at RunList Command at Run
List Command at Run
Imam Dermawan
 
Introduction to shell scripting
Introduction to shell scriptingIntroduction to shell scripting
Introduction to shell scripting
Corrado Santoro
 
50 Most Frequently Used UNIX Linux Commands -hmftj
50 Most Frequently Used UNIX Linux Commands -hmftj50 Most Frequently Used UNIX Linux Commands -hmftj
50 Most Frequently Used UNIX Linux Commands -hmftj
LGS, GBHS&IC, University Of South-Asia, TARA-Technologies
 
Linux fundamental - Chap 11 boot
Linux fundamental - Chap 11 bootLinux fundamental - Chap 11 boot
Linux fundamental - Chap 11 boot
Kenny (netman)
 
Easiest way to start with Shell scripting
Easiest way to start with Shell scriptingEasiest way to start with Shell scripting
Easiest way to start with Shell scripting
Akshay Siwal
 
Terminal basic-commands(Unix) -partI
Terminal basic-commands(Unix) -partITerminal basic-commands(Unix) -partI
Terminal basic-commands(Unix) -partI
Kedar Bhandari
 
Linux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for BeginnersLinux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for Beginners
Davide Ciambelli
 

What's hot (19)

Useful linux-commands
Useful linux-commandsUseful linux-commands
Useful linux-commands
 
Zram
ZramZram
Zram
 
Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)
 
50 most frequently used unix
50 most frequently used unix50 most frequently used unix
50 most frequently used unix
 
Augeas
AugeasAugeas
Augeas
 
Shell scripting
Shell scriptingShell scripting
Shell scripting
 
Vi Editor
Vi EditorVi Editor
Vi Editor
 
Shell & Shell Script
Shell & Shell Script Shell & Shell Script
Shell & Shell Script
 
NUMOSS 4th Week - Commandline Tutorial
NUMOSS 4th Week - Commandline TutorialNUMOSS 4th Week - Commandline Tutorial
NUMOSS 4th Week - Commandline Tutorial
 
Linux Command Line
Linux Command LineLinux Command Line
Linux Command Line
 
4412 SDRAM
4412 SDRAM4412 SDRAM
4412 SDRAM
 
100+ run commands for windows
100+ run commands for windows 100+ run commands for windows
100+ run commands for windows
 
List Command at Run
List Command at RunList Command at Run
List Command at Run
 
Introduction to shell scripting
Introduction to shell scriptingIntroduction to shell scripting
Introduction to shell scripting
 
50 Most Frequently Used UNIX Linux Commands -hmftj
50 Most Frequently Used UNIX Linux Commands -hmftj50 Most Frequently Used UNIX Linux Commands -hmftj
50 Most Frequently Used UNIX Linux Commands -hmftj
 
Linux fundamental - Chap 11 boot
Linux fundamental - Chap 11 bootLinux fundamental - Chap 11 boot
Linux fundamental - Chap 11 boot
 
Easiest way to start with Shell scripting
Easiest way to start with Shell scriptingEasiest way to start with Shell scripting
Easiest way to start with Shell scripting
 
Terminal basic-commands(Unix) -partI
Terminal basic-commands(Unix) -partITerminal basic-commands(Unix) -partI
Terminal basic-commands(Unix) -partI
 
Linux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for BeginnersLinux Bash Shell Cheat Sheet for Beginners
Linux Bash Shell Cheat Sheet for Beginners
 

Similar to A journey through the years of UNIX and Linux service management

Really useful linux commands
Really useful linux commandsReally useful linux commands
Really useful linux commands
Michael J Geiser
 
От sysV к systemd
От sysV к systemdОт sysV к systemd
От sysV к systemd
Denis Kovalev
 
Andresen 8 21 02
Andresen 8 21 02Andresen 8 21 02
Andresen 8 21 02
FNian
 
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetVirtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetOmar Reygaert
 
How to go the extra mile on monitoring
How to go the extra mile on monitoringHow to go the extra mile on monitoring
How to go the extra mile on monitoring
Tiago Simões
 
Beyond Golden Containers: Complementing Docker with Puppet
Beyond Golden Containers: Complementing Docker with PuppetBeyond Golden Containers: Complementing Docker with Puppet
Beyond Golden Containers: Complementing Docker with Puppet
lutter
 
Mac OSX Terminal 101
Mac OSX Terminal 101Mac OSX Terminal 101
Mac OSX Terminal 101
Murugun Murugun
 
Linux Run Level
Linux Run LevelLinux Run Level
Linux Run Level
Gaurav Mishra
 
Globus toolkit4installationguide
Globus toolkit4installationguideGlobus toolkit4installationguide
Globus toolkit4installationguideAdarsh Patil
 
Docker 基本概念與指令操作
Docker 基本概念與指令操作Docker 基本概念與指令操作
Docker 基本概念與指令操作
NUTC, imac
 
Managing your Minions with Func
Managing your Minions with FuncManaging your Minions with Func
Managing your Minions with Func
danhanks
 
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
Leo Lorieri
 
OpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial DayOpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial Day
Joshua McKenty
 
FreeBSD: Dev to Prod
FreeBSD: Dev to ProdFreeBSD: Dev to Prod
FreeBSD: Dev to Prod
Sean Chittenden
 
Containers with systemd-nspawn
Containers with systemd-nspawnContainers with systemd-nspawn
Containers with systemd-nspawn
Gábor Nyers
 
Advanced Level Training on Koha / TLS (ToT)
Advanced Level Training on Koha / TLS (ToT)Advanced Level Training on Koha / TLS (ToT)
Advanced Level Training on Koha / TLS (ToT)
Ata Rehman
 
MINCS - containers in the shell script (Eng. ver.)
MINCS - containers in the shell script (Eng. ver.)MINCS - containers in the shell script (Eng. ver.)
MINCS - containers in the shell script (Eng. ver.)
Masami Hiramatsu
 

Similar to A journey through the years of UNIX and Linux service management (20)

Really useful linux commands
Really useful linux commandsReally useful linux commands
Really useful linux commands
 
От sysV к systemd
От sysV к systemdОт sysV к systemd
От sysV к systemd
 
Andresen 8 21 02
Andresen 8 21 02Andresen 8 21 02
Andresen 8 21 02
 
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetVirtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
 
Dev ops
Dev opsDev ops
Dev ops
 
How to go the extra mile on monitoring
How to go the extra mile on monitoringHow to go the extra mile on monitoring
How to go the extra mile on monitoring
 
Beyond Golden Containers: Complementing Docker with Puppet
Beyond Golden Containers: Complementing Docker with PuppetBeyond Golden Containers: Complementing Docker with Puppet
Beyond Golden Containers: Complementing Docker with Puppet
 
Unix 3 en
Unix 3 enUnix 3 en
Unix 3 en
 
EC2
EC2EC2
EC2
 
Mac OSX Terminal 101
Mac OSX Terminal 101Mac OSX Terminal 101
Mac OSX Terminal 101
 
Linux Run Level
Linux Run LevelLinux Run Level
Linux Run Level
 
Globus toolkit4installationguide
Globus toolkit4installationguideGlobus toolkit4installationguide
Globus toolkit4installationguide
 
Docker 基本概念與指令操作
Docker 基本概念與指令操作Docker 基本概念與指令操作
Docker 基本概念與指令操作
 
Managing your Minions with Func
Managing your Minions with FuncManaging your Minions with Func
Managing your Minions with Func
 
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
 
OpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial DayOpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial Day
 
FreeBSD: Dev to Prod
FreeBSD: Dev to ProdFreeBSD: Dev to Prod
FreeBSD: Dev to Prod
 
Containers with systemd-nspawn
Containers with systemd-nspawnContainers with systemd-nspawn
Containers with systemd-nspawn
 
Advanced Level Training on Koha / TLS (ToT)
Advanced Level Training on Koha / TLS (ToT)Advanced Level Training on Koha / TLS (ToT)
Advanced Level Training on Koha / TLS (ToT)
 
MINCS - containers in the shell script (Eng. ver.)
MINCS - containers in the shell script (Eng. ver.)MINCS - containers in the shell script (Eng. ver.)
MINCS - containers in the shell script (Eng. ver.)
 

More from Lubomir Rintel

Namespaces for Kazimir
Namespaces for KazimirNamespaces for Kazimir
Namespaces for Kazimir
Lubomir Rintel
 
Linux Kernel Debugging Essentials workshop
Linux Kernel Debugging Essentials workshopLinux Kernel Debugging Essentials workshop
Linux Kernel Debugging Essentials workshop
Lubomir Rintel
 
Namespaces in Linux
Namespaces in LinuxNamespaces in Linux
Namespaces in Linux
Lubomir Rintel
 
LinuxAlt 2013: Writing a driver for unknown USB device
LinuxAlt 2013: Writing a driver for unknown USB deviceLinuxAlt 2013: Writing a driver for unknown USB device
LinuxAlt 2013: Writing a driver for unknown USB device
Lubomir Rintel
 
Practical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profilingPractical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profiling
Lubomir Rintel
 
Reverse Engineering: Writing a Linux driver for an unknown device
Reverse Engineering: Writing a Linux driver for an unknown deviceReverse Engineering: Writing a Linux driver for an unknown device
Reverse Engineering: Writing a Linux driver for an unknown device
Lubomir Rintel
 
SELinux basics
SELinux basicsSELinux basics
SELinux basics
Lubomir Rintel
 
Brno meetr: Packaging Ruby Gems into RPM
Brno meetr: Packaging Ruby Gems into RPMBrno meetr: Packaging Ruby Gems into RPM
Brno meetr: Packaging Ruby Gems into RPM
Lubomir Rintel
 

More from Lubomir Rintel (8)

Namespaces for Kazimir
Namespaces for KazimirNamespaces for Kazimir
Namespaces for Kazimir
 
Linux Kernel Debugging Essentials workshop
Linux Kernel Debugging Essentials workshopLinux Kernel Debugging Essentials workshop
Linux Kernel Debugging Essentials workshop
 
Namespaces in Linux
Namespaces in LinuxNamespaces in Linux
Namespaces in Linux
 
LinuxAlt 2013: Writing a driver for unknown USB device
LinuxAlt 2013: Writing a driver for unknown USB deviceLinuxAlt 2013: Writing a driver for unknown USB device
LinuxAlt 2013: Writing a driver for unknown USB device
 
Practical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profilingPractical SystemTAP basics: Perl memory profiling
Practical SystemTAP basics: Perl memory profiling
 
Reverse Engineering: Writing a Linux driver for an unknown device
Reverse Engineering: Writing a Linux driver for an unknown deviceReverse Engineering: Writing a Linux driver for an unknown device
Reverse Engineering: Writing a Linux driver for an unknown device
 
SELinux basics
SELinux basicsSELinux basics
SELinux basics
 
Brno meetr: Packaging Ruby Gems into RPM
Brno meetr: Packaging Ruby Gems into RPMBrno meetr: Packaging Ruby Gems into RPM
Brno meetr: Packaging Ruby Gems into RPM
 

Recently uploaded

Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
Globus
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
Jen Stirrup
 

Recently uploaded (20)

Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Enhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZEnhancing Performance with Globus and the Science DMZ
Enhancing Performance with Globus and the Science DMZ
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
 

A journey through the years of UNIX and Linux service management

  • 1. From /etc/init to systemd A journey through the years of UNIX and Linux service management Lubomir Rintel <lkundrak@v3.sk> BTC: 15wvWxN5QMpreKR37pYb7VBu8xLu4TiNR2
  • 2. Sixth Edition UNIX (1976) ● /etc/init (219 lines) ● ● gettys from /etc/ttys ● ● Single user shell utmp & wtmp /etc/rc (2 lines) rm -f /etc/mtab /etc/update
  • 3. UNIX System III (1980) ● /etc/init ● (486 lines) /etc/inittab "states" controlling gettys on terminals ● /etc/rc (67 lines) ● State aware, single user mode ● acct ● errdemon ● cron ● "edit to add umounts"
  • 4. 2.9 BSD UNIX (1983) ● /sbin/init (593 lines) ● ● ● Single user shell gettys from /etc/ttys /etc/rc (53 lines) ● fsck, quotacheck ● mount -a, from /etc/fstab ● savecore, ex/vi recovery ● clear /tmp, locks in /usr/spool ● update, cron, acct ● hostname
  • 5. UNIX System V Release 4 (1983) ● /etc/init ● ● /etc/inittab with runlevels, respawns /etc/rc? ● Modular init system, /etc/rc.d ● Per-daemon init scripts (8-56 lines, avg. 26) – – ● ● start & stop arguments pid from ps, stop = kill -TERM Enablement/disablement by linking into level dir Ordered by numbers
  • 6. #ident "@(#)/etc/init.d/cron.sl 1.1 4.0 10/15/90 8479 AT&T-SF" # cron control pid=`/usr/bin/ps -e | /usr/bin/grep cron | /usr/bin/sed -e 's/^ *//' -e 's/ .*//'` case $1 in 'start') if [ "${pid}" = "" ] then /usr/bin/rm -f /etc/cron.d/FIFO if [ -x /usr/bin/cron ] then /usr/bin/cron elif [ -x /usr/sbin/cron ] then /usr/sbin/cron fi fi ;; 'stop') if [ "${pid}" != "" ] then /usr/bin/kill ${pid} fi ;; *) echo "usage: /etc/init.d/cron {start|stop}" ;; esac
  • 7. 2.11 BSD UNIX (1986) ● /sbin/init (782 lines) ● ● ● Single user gettys from /etc/gettytab /etc/rc (165 lines) ● ● ● Everything 2.9BSD had Network, inetd, routed, named, lpd, rwhod /etc/rc.local ● Editable for starting local daemons
  • 8. Red Hat Enterprise Linux 5 (2007) ● SVR4-like init ● ● Some BSD elements: /etc/rc, /etc/rc.local Init scripts LSB compliant ● 61-584 lines, avg. 128 ● start, stop, status, restart, condrestart ● Pidfiles in /var/run ● Subsystem locks in /var/lock/subsys ● /etc/rc.d/functions library ● /etc/sysconfig init script configuration
  • 9. #!/bin/bash # # sendmail This shell script takes care of starting and stopping # sendmail. # # chkconfig: 2345 80 30 # description: Sendmail is a Mail Transport Agent, which is the program # that moves mail from one machine to another. # processname: sendmail # config: /etc/mail/sendmail.cf # pidfile: /var/run/sendmail.pid if [ -x /usr/bin/make -a -f /etc/mail/Makefile ]; then make all -C /etc/mail -s > /dev/null else for i in virtusertable access domaintable mailertable ; do if [ -f /etc/mail/$i ] ; then makemap hash /etc/mail/$i < /etc/mail/$i fi done fi daemon /usr/sbin/sendmail $([ "x$DAEMON" = xyes ] && echo -bd) $([ -n "$QUEUE" ] && echo -q$QUEUE) RETVAL=$? killproc sendmail -HUP RETVAL=$? echo if [ $RETVAL -eq 0 -a -f /var/run/sm-client.pid ]; then echo -n $"reloading sm-client: " killproc sm-client -HUP RETVAL=$? echo fi return $RETVAL # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. [ -f /etc/sysconfig/network ] && . /etc/sysconfig/network # Source sendmail configureation. if [ -f /etc/sysconfig/sendmail ] ; then . /etc/sysconfig/sendmail else DAEMON=no QUEUE=1h fi [ -z "$SMQUEUE" ] && SMQUEUE="$QUEUE" [ -z "$SMQUEUE" ] && SMQUEUE=1h } stop() { # Stop daemons. if test -f /var/run/sm-client.pid ; then echo -n $"Shutting down sm-client: " killproc sm-client RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/run/sm-client.pid [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sm-client fi echo -n $"Shutting down $prog: " killproc sendmail RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sendmail return $RETVAL # Check that networking is up. [ "${NETWORKING}" = "no" ] && exit 0 [ -f /usr/sbin/sendmail ] || exit 0 RETVAL=0 prog="sendmail" start() { # Start daemons. echo -n $"Starting $prog: " if test -x /usr/bin/make -a -f /etc/mail/Makefile ; then make all -C /etc/mail -s > /dev/null else for i in virtusertable access domaintable mailertable ; do if [ -f /etc/mail/$i ] ; then makemap hash /etc/mail/$i < /etc/mail/$i fi done fi /usr/bin/newaliases > /dev/null 2>&1 daemon /usr/sbin/sendmail $([ "x$DAEMON" = xyes ] && echo -bd) $([ -n "$QUEUE" ] && echo -q$QUEUE) $SENDMAIL_OPTARG RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sendmail if ! test -f /var/run/sm-client.pid ; then echo -n $"Starting sm-client: " touch /var/run/sm-client.pid chown smmsp:smmsp /var/run/sm-client.pid if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then /sbin/restorecon /var/run/sm-client.pid fi daemon --check sm-client /usr/sbin/sendmail -L sm-msp-queue -Ac -q$SMQUEUE $SENDMAIL_OPTARG RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sm-client fi return $RETVAL reload() { # Stop daemons.} echo -n $"reloading $prog: " /usr/bin/newaliases > /dev/null 2>&1 } # See how we were called. case "$1" in start) start ;; stop) stop ;; reload) reload RETVAL=$? ;; restart) stop start RETVAL=$? ;; condrestart) if [ -f /var/lock/subsys/sendmail ]; then stop start RETVAL=$? fi ;; status) status sendmail RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|condrestart|status}" exit 1 esac exit $RETVAL
  • 11. Issues ● inittab ● service control inflexible Not actually used very much ● No way to monitor services ● Error output is lost ● Inflexible startup ordering ● Single-threaded startup ● ● ● Slow Malfunctional startup script can lock up boot Limited to single instance of a service
  • 12. Issues (cont.) ● No way to track processes belonging to a service ● ● No way to reliably terminate a service ● No way to tell whether the service is operational ● ● They double-fork to daemonize Resource hogging Inconsistent ● Who drops privileges? ● Who writes PID files? ● Who chroots?
  • 13. SVR4 & LSB init scripts ● Unbelievably shitty ● Unreliably work around issues mentioned ● Very long and ugly ● Lots of code duplication ● ● Races, improper subsystem locks Insecure PID determination
  • 14. How did UNIX address this ● Sun Solaris 10: SMF ● ● Multiple service instances Apple Darwin: launchd ● ● On demand startup of network daemons (inetd) ● ● System and User sessions Job scheduler Common: ● ● Dependency management, service ordering ● ● Parallel startup Monitoring/restarts of services Various others: upstart, daemontools, Monit, ...
  • 15. Linux: systemd ● Heavily inspired by concepts from launchd ● Already used in most modern Linux distributions ● Solves all of the mentioned issues! ● Leverages Linux inovations -- a lot more powerful ● Control groups, Namespaces ● Seccomp, Capabilities, SELinux ● Auditing ● Automounter ● DBus API ● Structured kernel messaging
  • 16. systemd Unit types Unit type Description/equivalent service A daemon (SVR4 init script) socket A network or UNIX socket (inetd) device UDev device instance mount Mount point (fstab) target Runlevel swap Swap space (fstab) automount Autofs path Inotify watch timer Crond snapshot Dynamically created target
  • 17. httpd.service ├─system.slice └─basic.target ├─fedora-loadmodules.service ├─paths.target ├─sockets.target │ ├─cups.socket │ ├─rpcbind.socket │ ├─systemd-initctl.socket │ └─systemd-udevd-kernel.socket ├─sysinit.target │ ├─kmod-static-nodes.service │ ├─systemd-udev-trigger.service │ ├─local-fs.target │ │ ├─-.mount │ │ ├─fedora-import-state.service │ │ ├─home.mount │ │ ├─systemd-fsck-root.service │ │ └─tmp.mount │ └─swap.target │ └─dev-disk-byx2dlabel-yolo.swap └─timers.target └─systemd-tmpfiles-clean.timer
  • 18. systemd Units ● Defined from unit files ● ● ● /lib/systemd /etc/systemd Generated automatically ● ● ● Compatibility or dynamic changes device unit appears as device appears in udev mount units generated from /etc/fstab
  • 19. Service units ● Service runs in its own control group ● Isolated from the rest of system to some extent ● A process can't escape ● Freezer control group assures reliable shutdown ● Service should not double-fork (launchd) ● systemd-journald takes care of logging ● Can depend on socket units for activation (inetd) ● DBus activation also possible
  • 20. User sessions ● Manages processes for a user session (e.g. tty or GNOME desktop) ● Session runs in separate control group ● systemd-logind replaces ConsoleKit ● Multiseat ● Reliable log-off
  • 21. Essential tools systemctl --all systemctl stop sshd.service systemctl status sshd systemctl disable sshd systemd-cgtop systemd-cgls journalctl -f systemd-analyze blame systemd-analyze critical-chain
  • 22. What else ● Takes care of system-wide events ● ● Laptop lid close ● ● Pinging watchdog Shutdown, kexec Documentation ● ● Well written manual pages for everything Lightweight virtualization (LXC) ● clone()s all namespaces
  • 23. Thanks for listening! Found this useful? My Bitcoin address: 15wvWxN5QMpreKR37pYb7VBu8xLu4TiNR2