在上一章節中,介紹了有關於Linux作業系統上的process程序管理,以及取得主機上的CPU資訊等,本章節中,將要介紹背景服務的控制與管理。
systemd,就是當Linux作業系統啟動的時候,第一個啟動的背景服務(daemon),一般來說,包含了服務啟動和服務管理。同時也在系統啟動的後,啟動了系統資源、背景伺服器以及其他processes程序。process id為:1給systemd。
在systemd中,底下有幾種不同種類的的service,每個種類的service用途與定義都不同,相關的種類如下面列表:
.service
,這個單位的類型被用來啟動某一個背景服務(daemon)並掛到systemd底下,例如:web server網頁伺服器,httpd.service
。.socket
,這個通常用來IPC(inter-process communication,即程序之間的通訊)使用,比較像是短暫的服務的時候會啟動,像是telnet,即為socket,而此類服務有RAM限制,因此會以暫存的服務方式啟動。.path
,沒事的時候,這個服務類型通常會在硬碟中休息,有事的時候再由systemd進行呼叫來進行使用。可以使用sudo systemctl list-units
來列出所有的服務,相關的指令執行後的結果訊息如下:
UNIT LOAD ACTIVE SUB DESCRIPTION
proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File>
sys-devices-pci0000:00-0000:00:01.1-ata2-host2-target2:0:0-2:0:0:0-block-sr0.device loaded active plugged >
sys-devices-pci0000:00-0000:00:03.0-net-enp0s3.device loaded active plugged 82540EM Gigabit Ethernet >
sys-devices-pci0000:00-0000:00:05.0-sound-card0.device loaded active plugged 82801AA AC'97 Audio Contr>
sys-devices-pci0000:00-0000:00:0d.0-ata3-host1-target1:0:0-1:0:0:0-block-sda-sda1.device loaded active plug>
sys-devices-pci0000:00-0000:00:0d.0-ata3-host1-target1:0:0-1:0:0:0-block-sda-sda2.device loaded active plug>
sys-devices-pci0000:00-0000:00:0d.0-ata3-host1-target1:0:0-1:0:0:0-block-sda.device loaded active plugged >
sys-devices-platform-serial8250-tty-ttyS0.device loaded active plugged /sys/devices/platform/ser>
sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/ser>
sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/ser>
sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/ser>
sys-devices-virtual-block-dm\x2d0.device loaded active plugged /sys/devices/virtual/bloc>
sys-devices-virtual-block-dm\x2d1.device loaded active plugged /sys/devices/virtual/bloc>
sys-devices-virtual-net-virbr0.device loaded active plugged /sys/devices/virtual/net/>
sys-devices-virtual-net-virbr0\x2dnic.device loaded active plugged /sys/devices/virtual/net/>
sys-module-configfs.device loaded active plugged /sys/module/configfs
sys-module-fuse.device loaded active plugged /sys/module/fuse
sys-subsystem-net-devices-enp0s3.device loaded active plugged 82540EM Gigabit Ethernet >
sys-subsystem-net-devices-virbr0.device loaded active plugged /sys/subsystem/net/device>
sys-subsystem-net-devices-virbr0\x2dnic.device loaded active plugged /sys/subsystem/net/device>
-.mount loaded active mounted Root Mount
boot.mount loaded active mounted /boot
dev-hugepages.mount loaded active mounted Huge Pages File System
dev-mqueue.mount loaded active mounted POSIX Message Queue File >
run-user-1000-gvfs.mount loaded active mounted /run/user/1000/gvfs
run-user-1000.mount loaded active mounted /run/user/1000
lines 1-27
從上述執行的明令結果來看,在systemd底下的服務單位列表示很多的,多到會讓指令直接自動進入到閱讀器的模式,最後一行有lines 1-27
之字樣,就是列出第1到27行的訊息,要往下的話,則是按下「enter」控鍵即可以往下,若按下「q」鍵即可以離開讀器模式,若是要篩選出其他的unit單位的類型,則可以加上--type
參數來加以篩選,下列指令執行執行就是篩選出所有有關於service單位類型的服務名稱:
[rockylinux@workstation ~]$ sudo systemctl list-units --type=service
UNIT LOAD ACTIVE SUB DESCRIPTION
accounts-daemon.service loaded active running Accounts Service
alsa-state.service loaded active running Manage Sound Card State (restore and store)
atd.service loaded active running Job spooling tools
auditd.service loaded active running Security Auditing Service
avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack
chronyd.service loaded active running NTP client/server
colord.service loaded active running Manage, Install and Generate Color Profiles
crond.service loaded active running Command Scheduler
cups.service loaded active running CUPS Scheduler
dbus.service loaded active running D-Bus System Message Bus
dracut-shutdown.service loaded active exited Restore /run/initramfs on shutdown
firewalld.service loaded active running firewalld - dynamic firewall daemon
gdm.service loaded active running GNOME Display Manager
gssproxy.service loaded active running GSSAPI Proxy Daemon
import-state.service loaded active exited Import network configuration from initramfs
irqbalance.service loaded active running irqbalance daemon
iscsi-shutdown.service loaded active exited Logout off all iSCSI sessions on shutdown
kdump.service loaded active exited Crash recovery kernel arming
kmod-static-nodes.service loaded active exited Create list of required static device nodes for th>
ksm.service loaded active exited Kernel Samepage Merging
ksmtuned.service loaded active running Kernel Samepage Merging (KSM) Tuning Daemon
libstoragemgmt.service loaded active running libstoragemgmt plug-in server daemon
lvm2-monitor.service loaded active exited Monitoring of LVM2 mirrors, snapshots etc. using d>
lvm2-pvscan@8:2.service loaded active exited LVM event activation on device 8:2
mcelog.service loaded active running Machine Check Exception Logging Daemon
ModemManager.service loaded active running Modem Manager
lines 1-27
若要觀看一個指定的服務狀態,可以使用status
這個動作,下列執行指令的結果與輸出訊息如下:
[rockylinux@workstation ~]$ sudo systemctl status sshd.service
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2021-09-30 21:47:41 CST; 1h 23min ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 997 (sshd)
Tasks: 1 (limit: 11262)
Memory: 4.3M
CGroup: /system.slice/sshd.service
└─997 /usr/sbin/sshd -D -oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ct>
Sep 30 21:47:40 workstation systemd[1]: Starting OpenSSH server daemon...
Sep 30 21:47:41 workstation sshd[997]: Server listening on 0.0.0.0 port 22.
Sep 30 21:47:41 workstation sshd[997]: Server listening on :: port 22.
Sep 30 21:47:41 workstation systemd[1]: Started OpenSSH server daemon.
Sep 30 23:04:27 workstation sshd[2739]: Accepted password for rockylinux from 192.168.0.9 port 11203 ssh2
Sep 30 23:04:27 workstation sshd[2739]: pam_unix(sshd:session): session opened for user rockylinux by (uid=>
lines 1-17/17 (END)
指令有時候會像這樣自動進入到閱讀器的模式,若要退出閱讀器模式,一樣也是按下「q」鍵即可,若不要進入到此模式的話,則可以加上--no-pager
的參數,這樣一來的話就不會自動進入到閱讀器的模式了。相關的指令執行後的輸出結果如下:
[rockylinux@workstation ~]$ sudo systemctl status sshd.service --no-pager
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2021-09-30 21:47:41 CST; 1h 25min ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 997 (sshd)
Tasks: 1 (limit: 11262)
Memory: 4.3M
CGroup: /system.slice/sshd.service
└─997 /usr/sbin/sshd -D -oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ct…
Sep 30 21:47:40 workstation systemd[1]: Starting OpenSSH server daemon...
Sep 30 21:47:41 workstation sshd[997]: Server listening on 0.0.0.0 port 22.
Sep 30 21:47:41 workstation sshd[997]: Server listening on :: port 22.
Sep 30 21:47:41 workstation systemd[1]: Started OpenSSH server daemon.
Sep 30 23:04:27 workstation sshd[2739]: Accepted password for rockylinux from 192.168.0.9 port 11203 ssh2
Sep 30 23:04:27 workstation sshd[2739]: pam_unix(sshd:session): session opened for user rockylinux b…(uid=0)
Hint: Some lines were ellipsized, use -l to show in full.
[rockylinux@workstation ~]$
sshd.service
是一種unit單位類型為服務的SSH server,作為遠端連線所使用的,後面的章節會更詳細的介紹這個功能,預設使用status
之動作來觀看指定的服務狀態,預設是觀看單位類行為service的,因此若要觀看這類型的,可以不需要加上.service
,因此執行指令的時候可以改成如下:
[rockylinux@workstation ~]$ sudo systemctl status sshd --no-pager
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2021-09-30 21:47:41 CST; 1h 28min ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 997 (sshd)
Tasks: 1 (limit: 11262)
Memory: 4.3M
CGroup: /system.slice/sshd.service
└─997 /usr/sbin/sshd -D -oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ct…
Sep 30 21:47:40 workstation systemd[1]: Starting OpenSSH server daemon...
Sep 30 21:47:41 workstation sshd[997]: Server listening on 0.0.0.0 port 22.
Sep 30 21:47:41 workstation sshd[997]: Server listening on :: port 22.
Sep 30 21:47:41 workstation systemd[1]: Started OpenSSH server daemon.
Sep 30 23:04:27 workstation sshd[2739]: Accepted password for rockylinux from 192.168.0.9 port 11203 ssh2
Sep 30 23:04:27 workstation sshd[2739]: pam_unix(sshd:session): session opened for user rockylinux b…(uid=0)
Hint: Some lines were ellipsized, use -l to show in full.
[rockylinux@workstation ~]$
輸出的服務狀態訊息中,欄位說明如下:
systemctl所指定查看服務的狀態訊息會有以下這幾種輸出:
可以分別使用is-active
、is-enabled
以及is-failed
來確認目前指定的服務狀態為何,下列以sshd.service這個來作範例,分別使用上述的三個指令來驗證目前此SSHD服務之狀態:
[rockylinux@workstation ~]$ sudo systemctl is-active sshd.service
active
[rockylinux@workstation ~]$ sudo systemctl is-failed sshd.service
active
[rockylinux@workstation ~]$ sudo systemctl is-enabled sshd.service
enabled
可以使用start
、stop
與restart
以及reload
來控制一個指定的服務,相關的動作說明如下:
start
就是讓指定的服務啟動。stop
就是讓指定的服務停止。reload
是指讓服務的相關設定檔重新載入,並不會讓服務重新啟動。有一些服務沒有reload
動作,要端看unit單位服務之設定檔有沒有填寫reload
時候所使用的動作,相關的執行的方式如下:
[rockylinux@workstation ~]$ sudo yum install -y httpd
[sudo] password for rockylinux:
Last metadata expiration check: 1:01:27 ago on Thu 30 Sep 2021 10:36:25 PM CST.
Dependencies resolved.
============================================================================================================
Package Architecture Version Repository Size
============================================================================================================
Installing:
httpd x86_64 2.4.37-39.module+el8.4.0+571+fd70afb1 appstream 1.4 M
Installing dependencies:
apr x86_64 1.6.3-11.el8.1 appstream 124 k
apr-util x86_64 1.6.1-6.el8.1 appstream 104 k
httpd-filesystem noarch 2.4.37-39.module+el8.4.0+571+fd70afb1 appstream 37 k
httpd-tools x86_64 2.4.37-39.module+el8.4.0+571+fd70afb1 appstream 105 k
mod_http2 x86_64 1.15.7-3.module+el8.4.0+553+7a69454b appstream 153 k
rocky-logos-httpd noarch 84.5-8.el8 baseos 22 k
Installing weak dependencies:
apr-util-bdb x86_64 1.6.1-6.el8.1 appstream 23 k
apr-util-openssl x86_64 1.6.1-6.el8.1 appstream 26 k
Enabling module streams:
httpd 2.4
Transaction Summary
首先先把網頁伺服器套件給安裝起來,接著安裝好之後,可以執行下列的指令:
[rockylinux@workstation ~]$ sudo systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Docs: man:httpd.service(8)
[rockylinux@workstation ~]$
[rockylinux@workstation ~]$ sudo systemctl is-enabled httpd
disabled
[rockylinux@workstation ~]$
利用status
動作可以看到httpd服務狀態在預設是,關閉且不活躍的,而利用is-enabled
動作可以知道服務是disabled狀態,意思是開機的時候,不會自動啟動這個服務,若要自動啟動服務,則可以使用下列的指令:
[rockylinux@workstation ~]$ sudo systemctl enable --now httpd
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[rockylinux@workstation ~]$
[rockylinux@workstation ~]$ sudo systemctl is-enabled httpd
enabled
[rockylinux@workstation ~]$ sudo systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2021-09-30 23:42:02 CST; 9s ago
Docs: man:httpd.service(8)
Main PID: 4889 (httpd)
Status: "Running, listening on: port 80"
Tasks: 213 (limit: 11262)
Memory: 17.2M
CGroup: /system.slice/httpd.service
├─4889 /usr/sbin/httpd -DFOREGROUND
├─4890 /usr/sbin/httpd -DFOREGROUND
├─4891 /usr/sbin/httpd -DFOREGROUND
├─4892 /usr/sbin/httpd -DFOREGROUND
└─4893 /usr/sbin/httpd -DFOREGROUND
Sep 30 23:42:01 workstation systemd[1]: Starting The Apache HTTP Server...
Sep 30 23:42:02 workstation httpd[4889]: AH00558: httpd: Could not reliably determine the server's fully qu>
Sep 30 23:42:02 workstation systemd[1]: Started The Apache HTTP Server.
Sep 30 23:42:02 workstation httpd[4889]: Server configured, listening on: port 80
lines 1-19/19 (END)
從上述的指令執行輸出的訊息可以知道,目前Apache服務狀態已經啟用了,並會開機的時候自動啟動,接著可以使用下列指令進行測試:
[rockylinux@workstation ~]$ sudo systemctl reload httpd
[rockylinux@workstation ~]$ sudo systemctl status httpd --no-pager
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2021-09-30 23:42:02 CST; 1min 23s ago
Docs: man:httpd.service(8)
Process: 5143 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
Main PID: 4889 (httpd)
Status: "Running, listening on: port 80"
Tasks: 213 (limit: 11262)
Memory: 27.1M
CGroup: /system.slice/httpd.service
├─4889 /usr/sbin/httpd -DFOREGROUND
├─5144 /usr/sbin/httpd -DFOREGROUND
├─5145 /usr/sbin/httpd -DFOREGROUND
├─5146 /usr/sbin/httpd -DFOREGROUND
└─5147 /usr/sbin/httpd -DFOREGROUND
Sep 30 23:42:01 workstation systemd[1]: Starting The Apache HTTP Server...
Sep 30 23:42:02 workstation httpd[4889]: AH00558: httpd: Could not reliably determine the server's f…message
Sep 30 23:42:02 workstation systemd[1]: Started The Apache HTTP Server.
Sep 30 23:42:02 workstation httpd[4889]: Server configured, listening on: port 80
Sep 30 23:43:15 workstation systemd[1]: Reloading The Apache HTTP Server.
Sep 30 23:43:15 workstation httpd[5143]: AH00558: httpd: Could not reliably determine the server's f…message
Sep 30 23:43:15 workstation systemd[1]: Reloaded The Apache HTTP Server.
Sep 30 23:43:15 workstation httpd[4889]: Server configured, listening on: port 80
Hint: Some lines were ellipsized, use -l to show in full.
[rockylinux@workstation ~]$ sudo systemctl restart httpd
[sudo] password for rockylinux:
[rockylinux@workstation ~]$ sudo systemctl status httpd --no-pager
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2021-10-01 00:26:10 CST; 2s ago
Docs: man:httpd.service(8)
Process: 5143 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
Main PID: 6186 (httpd)
Status: "Started, listening on: port 80"
Tasks: 213 (limit: 11262)
Memory: 26.3M
CGroup: /system.slice/httpd.service
├─6186 /usr/sbin/httpd -DFOREGROUND
├─6188 /usr/sbin/httpd -DFOREGROUND
├─6189 /usr/sbin/httpd -DFOREGROUND
├─6190 /usr/sbin/httpd -DFOREGROUND
└─6191 /usr/sbin/httpd -DFOREGROUND
Oct 01 00:26:10 workstation systemd[1]: httpd.service: Succeeded.
Oct 01 00:26:10 workstation systemd[1]: Stopped The Apache HTTP Server.
Oct 01 00:26:10 workstation systemd[1]: Starting The Apache HTTP Server...
Oct 01 00:26:10 workstation httpd[6186]: AH00558: httpd: Could not reliably determine the server's f…message
Oct 01 00:26:10 workstation systemd[1]: Started The Apache HTTP Server.
Oct 01 00:26:10 workstation httpd[6186]: Server configured, listening on: port 80
Hint: Some lines were ellipsized, use -l to show in full.
[rockylinux@workstation ~]$
從上述的執行指令可以發現,reload
與restart
之機制不同,reload就是只會將設定檔重新載入,因此main process id仍是一樣的,但是當使用了restart
動作之後,則會整個Apache server服務進行重新啟動,這時候使用status
才查看服務狀態的時候,則會發現main process id已經改變了,那在實務上,有reload的動作可以用,就盡量要用,若用restart則會讓服務有一瞬間會中斷。
若不曉得此服務有沒有支援reload
之動作,則可以使用reload-or-restart
來使用,這個動作會優先以reload
進行嘗試,若沒有的話才會使用restart
,相關的執行指令輸出的訊息如下:
[rockylinux@workstation ~]$ sudo systemctl reload-or-restart httpd
[rockylinux@workstation ~]$ sudo systemctl status httpd --no-pager
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2021-10-01 00:26:10 CST; 12min ago
Docs: man:httpd.service(8)
Process: 6658 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)
Main PID: 6186 (httpd)
Status: "Running, listening on: port 80"
Tasks: 213 (limit: 11262)
Memory: 27.1M
CGroup: /system.slice/httpd.service
├─6186 /usr/sbin/httpd -DFOREGROUND
├─6660 /usr/sbin/httpd -DFOREGROUND
├─6661 /usr/sbin/httpd -DFOREGROUND
├─6662 /usr/sbin/httpd -DFOREGROUND
└─6663 /usr/sbin/httpd -DFOREGROUND
Oct 01 00:26:10 workstation systemd[1]: httpd.service: Succeeded.
Oct 01 00:26:10 workstation systemd[1]: Stopped The Apache HTTP Server.
Oct 01 00:26:10 workstation systemd[1]: Starting The Apache HTTP Server...
Oct 01 00:26:10 workstation httpd[6186]: AH00558: httpd: Could not reliably determine the server's f…message
Oct 01 00:26:10 workstation systemd[1]: Started The Apache HTTP Server.
Oct 01 00:26:10 workstation httpd[6186]: Server configured, listening on: port 80
Oct 01 00:38:26 workstation systemd[1]: Reloading The Apache HTTP Server.
Oct 01 00:38:26 workstation httpd[6658]: AH00558: httpd: Could not reliably determine the server's f…message
Oct 01 00:38:26 workstation systemd[1]: Reloaded The Apache HTTP Server.
Oct 01 00:38:26 workstation httpd[6186]: Server configured, listening on: port 80
Hint: Some lines were ellipsized, use -l to show in full.
[rockylinux@workstation ~]$
有時候服務之間可能會有衝突,為了不要讓服務之間在啟動的時候會互相干擾,這個時候就可以使用mask之動作方式來將指定的服務給永久關閉,當服務被mask的時候,則其他的動作,如:enable、status以及start等將不會有作用,若要解除mask的狀態的話,則可以使用unmask來做到,相關的執行指令輸出的訊息如下:
[rockylinux@workstation ~]$ sudo systemctl mask httpd.service
[sudo] password for rockylinux:
Created symlink /etc/systemd/system/httpd.service → /dev/null.
[rockylinux@workstation ~]$
[rockylinux@workstation ~]$ sudo systemctl enable --now httpd.service
Failed to enable unit: Unit file /etc/systemd/system/httpd.service is masked.
[rockylinux@workstation ~]$
[rockylinux@workstation ~]$ sudo systemctl unmask httpd.service
Removed /etc/systemd/system/httpd.service.
[rockylinux@workstation ~]$ sudo systemctl enable --now httpd.service
[rockylinux@workstation ~]$
若要知道一個服務啟動之後,所相依其服務的列表,則可以使用list-dependencies
之動作來做到,相關的執行指令之輸出訊息如下:
[rockylinux@workstation ~]$ sudo systemctl list-dependencies sshd
sshd.service
● ├─system.slice
● ├─sshd-keygen.target
● │ ├─sshd-keygen@ecdsa.service
● │ ├─sshd-keygen@ed25519.service
● │ └─sshd-keygen@rsa.service
● └─sysinit.target
● ├─dev-hugepages.mount
● ├─dev-mqueue.mount
● ├─dracut-shutdown.service
● ├─import-state.service
● ├─iscsi-onboot.service
● ├─kmod-static-nodes.service
● ├─ldconfig.service
● ├─loadmodules.service
● ├─lvm2-lvmpolld.socket
● ├─lvm2-monitor.service
● ├─multipathd.service
● ├─nis-domainname.service
● ├─plymouth-read-write.service
● ├─plymouth-start.service
● ├─proc-sys-fs-binfmt_misc.automount
● ├─selinux-autorelabel-mark.service
● ├─sys-fs-fuse-connections.mount
● ├─sys-kernel-config.mount
● ├─sys-kernel-debug.mount
● ├─systemd-ask-password-console.path
lines 1-27
sudo yum install -y httpd
指令將Apache server安裝起來,這邊照著做就好,之後章節會做yum指令的介紹。systemd
指令查看httpd服務的狀態。systemd
指令將httpd服務重新啟動設定檔,不要讓此服務中斷。systemd
指令將httpd服務設定成自動開機會啟動。