linuxlab.io
Tutorials▾
  • Linux & networking
    File system, processes, TCP/IP, BGP and OSPF
    →
  • Terraform & IaC
    HCL, state, plan/apply on a LocalStack sandbox
    →
  • Git & GitHub
    Object model, plumbing, branching, GitHub Actions
    →
All tutorials →
PricingAboutSign inCreate account
/
  • Introduction
  • Lessons
  • How it works
  • Simulator
  • Knowledge base
  • Interview prep
Index
Categories
All entries
Footer
linuxlab-TutorialsPricingAboutPrivacy & cookies
Copyright © 2026 LinuxLab. All rights reserved.
home/linux/kb/Processes & resources/systemd

kb/processes ── Processes & resources ── intermediate

systemd: the init system and service manager

systemd is the Linux init system: PID 1 that starts everything else, tracks dependencies, restarts what crashes, and collects the logs.

view as markdownaka: systemd-init, init-system, pid-1

What PID 1 does

Once the kernel has booted, it starts one process with PID 1. On modern Linux that process is systemd. Its jobs:

  • Start the services the system needs at boot
  • Watch their state and restart the ones that crash
  • Manage dependencies (start docker after network)
  • Adopt orphaned processes (when a parent dies, PID 1 becomes the new parent)
  • Log everything through journald
  • Manage cgroups for limits and isolation

Unit files

Everything systemd can do is a unit. The kinds:

  • .service: an ordinary daemon (nginx, ssh, postgres)
  • .socket: listen on a socket and start the service on the first connection
  • .timer: a cron replacement that runs a unit on a schedule
  • .mount / .automount: filesystem mounts
  • .target: a group of units (like a runlevel: multi-user.target, graphical.target)
  • .path: react when a file appears or changes
  • .slice: a node in the cgroup hierarchy

Where they live:

  • /lib/systemd/system/: shipped by packages
  • /etc/systemd/system/: your local files and drop-ins (these take priority)

A minimal service unit

ini
[Unit]
Description=My App
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
ExecStart=/usr/local/bin/myapp --config=/etc/myapp.yml
Restart=on-failure
RestartSec=5
User=myapp
Group=myapp
[Install]
WantedBy=multi-user.target

Put it in /etc/systemd/system/myapp.service, then:

bash
sudo systemctl daemon-reload
sudo systemctl enable --now myapp

Type: the startup model

  • simple: ExecStart is a binary that does NOT fork; the default
  • forking: the old-school style (the binary forks a child and exits); needs PIDFile=
  • notify: the app sends READY=1 through sd_notify once it is ready
  • oneshot: run and exit (for scripts and setup tasks)
  • idle: like simple, but starts only after other units have settled

Dependencies

  • Wants=: a soft dependency (we want it, but it is not critical)
  • Requires=: a hard one (if the dependency fails, this unit fails too)
  • After= / Before=: ordering (not a dependency, just the sequence)
  • Conflicts=: mutual exclusion

Isolation through cgroups

systemd puts each service in its own cgroup and supports sandboxing:

ini
[Service]
MemoryMax=512M
CPUQuota=50%
PrivateTmp=yes              # private /tmp
ProtectSystem=strict         # /usr, /etc read-only
ProtectHome=yes              # /home, /root inaccessible
NoNewPrivileges=yes          # block setuid escalation
CapabilityBoundingSet=CAP_NET_BIND_SERVICE

This gives you most of the "containerization" without Docker.

Targets instead of runlevels

Old vs new:

runlevelsystemd target
0poweroff.target
1rescue.target
3multi-user.target (CLI)
5graphical.target (GUI)
6reboot.target
bash
systemctl get-default                    # current default target
sudo systemctl set-default multi-user.target
systemctl isolate rescue.target          # switch to a target right now

Debugging

bash
systemctl status myapp                   # state + recent logs
journalctl -u myapp -f                   # tail the logs
systemd-analyze blame                    # who was slow to start
systemd-analyze critical-chain           # the critical path of the boot
systemctl list-dependencies myapp

§ команды

bash
systemctl --failed

Every service that crashed. The first thing you check after boot

bash
systemd-analyze blame | head

The slowest units at startup, to optimize boot time

bash
sudo systemctl edit myapp

Open a drop-in override without editing the original unit

bash
systemctl cat myapp

Show the resulting unit with all overrides applied

bash
systemctl daemon-reload

Required after editing unit files, or systemd keeps the old version

§ см. также

  • cmd-systemctlsystemctl: managing systemd services`systemctl` is the main CLI for managing systemd units: services, timers, mounts, and sockets. It replaces SysV init and `service` on modern distros.
  • cmd-journalctljournalctl: systemd journal`journalctl` reads the binary journal written by systemd-journald. It is the central log for the system: kernel, systemd services, syslog, all through one interface.
  • cgroupscgroups (v2)cgroups v2 is a hierarchical virtual FS under `/sys/fs/cgroup` that the kernel uses to limit CPU, memory, and I/O for processes. Docker, k8s, and systemd write here.
  • cgroups-v2-deepcgroups v2: unified hierarchy, PSI, eBPF controlcgroups v2 uses one tree instead of separate per-controller hierarchies. Clean semantics, new fields (memory.high, io.cost). PSI shows resource pressure. eBPF can manage resources. Default in RHEL 9, Ubuntu 22+.
  • process-and-pidProcess and PIDA process is a running program with its own PID, memory, open descriptors, and UID. Every process forms a tree rooted at init (PID 1).
Footer
linuxlab-
Copyright © 2026 LinuxLab. All rights reserved.
Tutorials
Pricing
About
Privacy & cookies