Linux Service Management. systemctl, journalctl, sysvinit

Every NCAE service is managed by systemd. You will type `systemctl restart <service>` at least once per minute during competition. This lesson is the foundation. without it, nothing in the other lessons makes sense. It also teaches `journalctl`, which is where you find out why a service REFUSES to start.

Objectives

• Understand systemd as the init system (PID 1) and how it manages services
• Use `systemctl` to start, stop, restart, reload, enable, disable, and check status
• Use `journalctl` to read logs from any service with time filtering
• Distinguish between services (.service), targets (.target), and timers (.timer)
• Read a systemd unit file and identify ExecStart, Restart policy, and dependencies
• Know where custom unit files live: /etc/systemd/system/ (admin) vs /lib/systemd/system/ (package)

Quick reference

Common pitfalls

• Editing a unit file and forgetting `systemctl daemon-reload`. systemd still uses the old version
• `systemctl status` lies. it can show 'active (running)' briefly while the process dies; use `systemctl is-active` in loops
• `journalctl -u <svc>` without `-n` dumps the entire history. can be megabytes
• Confusing `enable` (auto-start on boot) with `start` (start now). they're independent
• Using `service foo restart`. still works via sysvinit shim but systemctl is the native tool

How it works (walkthrough)

# A minimal systemd service unit file
# /etc/systemd/system/my-watchdog.service
[Unit]
Description=Keep the tarball restore loop alive
After=network.target

[Service]
Type=simple
ExecStart=/root/restore-loop.sh
Restart=always                 # if it dies, systemd restarts it
RestartSec=2

[Install]
WantedBy=multi-user.target      # start on boot at multi-user runlevel

# After writing the file:
#   systemctl daemon-reload         # pick up the new file
#   systemctl enable --now my-watchdog

Skill drills

1. 1. Command to check if nginx is currently running?
   Reveal

   systemctl status nginx (or is-active nginx)
2. 2. Command to reload nginx without restarting?
   Reveal

   systemctl reload nginx
3. 3. Command to see why a service refused to start?
   Reveal

   journalctl -u <svc> -n 50
4. 4. After editing /etc/systemd/system/foo.service, what must you run?
   Reveal

   systemctl daemon-reload
5. 5. What runlevel does `multi-user.target` correspond to in sysvinit?
   Reveal

   Runlevel 3 (multi-user, no GUI)
6. 6. Follow the sshd log in real time?
   Reveal

   journalctl -u sshd -f

NCAE scoreboard patterns this lesson prevents

• 2,502.8 SSH Login. Failed to connect to host: IP
• 44.4 SSH Login. The following users failed to authenticate with their public key: nills, vetomo
• 44.4 SSH Login. The following users failed to authenticate with their public key: vetomo, nills
• 36.1 SSH Login. The following users failed to authenticate with their public key: simone_weil, todd_k
• 36.1 SSH Login. The following users failed to authenticate with their public key: vetomo, todd_k
• 30.6 SSH Login. The following users failed to authenticate with their public key: claude_chevalley
• 27.8 SSH Login. The following users failed to authenticate with their public key: claude_chevalley, simone_weil
• 27.8 SSH Login. The following users failed to authenticate with their public key: nills, simone_weil
• 27.8 SSH Login. The following users failed to authenticate with their public key: nills, todd_k
• 25 SSH Login. The following users failed to authenticate with their public key: simone_weil, vetomo, claude_chevalley
• 25 SSH Login. The following users failed to authenticate with their public key: nills
• 25 SSH Login. The following users failed to authenticate with their public key: simone_weil, nills
• 22.2 SSH Login. The following users failed to authenticate with their public key: vetomo, claude_chevalley
• 22.2 SSH Login. The following users failed to authenticate with their public key: vetomo
• 19.4 SSH Login. The following users failed to authenticate with their public key: simone_weil, vetomo, nills