Chapter 11 ⏱️ 65 min read 📚 Advanced

Manage Services & Boot Process

Master systemd service management and boot process control. Learn to start, stop, enable services, understand systemd targets, troubleshoot boot issues, and reset the root password.

📋 Table of Contents

🎯 Introduction to systemd

systemd is the init system and service manager for RHEL 9. It replaces the older SysV init system and provides parallel service startup, dependency management, and advanced logging.

systemd Features

  • Parallel Startup: Start services concurrently for faster boot
  • Service Dependencies: Automatically handle service relationships
  • Socket Activation: Start services on-demand when accessed
  • Targets: Group services like runlevels (multi-user, graphical)
  • Journal Logging: Integrated logging with journalctl
  • Resource Control: Limit CPU, memory, I/O per service

systemd Components

Component Description
systemctl Control systemd services and system
journalctl Query systemd journal logs
systemd-analyze Analyze boot performance
Unit Files Service configuration files (.service, .target, .mount)

Unit Types

# Common unit types:
.service    # Services (sshd, httpd)
.target     # Groups of units (multi-user.target)
.mount      # Mount points
.socket     # IPC sockets
.timer      # Scheduled tasks
.path       # File/directory monitoring
.device     # Hardware devices

⚙️ Managing Services

Basic Service Commands

# Start a service
sudo systemctl start httpd

# Stop a service
sudo systemctl stop httpd

# Restart a service
sudo systemctl restart httpd

# Reload configuration (without restart)
sudo systemctl reload httpd

# Restart if running, start if stopped
sudo systemctl try-restart httpd

# Reload config, or restart if reload not supported
sudo systemctl reload-or-restart httpd

Service Status

# Check service status
systemctl status httpd

# Output example:
● httpd.service - The Apache HTTP Server
     Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; preset: disabled)
     Active: active (running) since Mon 2025-01-13 10:30:15 EST; 2h 15min ago
       Docs: man:httpd.service(8)
   Main PID: 1234 (httpd)
     Status: "Total requests: 150; Idle/Busy workers 100/0"
      Tasks: 213 (limit: 11123)
     Memory: 25.1M
        CPU: 3.456s
     CGroup: /system.slice/httpd.service
             ├─1234 /usr/sbin/httpd -DFOREGROUND
             └─1235 /usr/sbin/httpd -DFOREGROUND

# Quick status (just active/inactive)
systemctl is-active httpd

# Check if enabled
systemctl is-enabled httpd

# Check if failed
systemctl is-failed httpd

Enable/Disable Services

# Enable service (start at boot)
sudo systemctl enable httpd
# Creates symlink in /etc/systemd/system/multi-user.target.wants/

# Disable service (don't start at boot)
sudo systemctl disable httpd

# Enable and start now
sudo systemctl enable --now httpd

# Disable and stop now
sudo systemctl disable --now httpd

# Mask service (prevent starting completely)
sudo systemctl mask httpd

# Unmask service
sudo systemctl unmask httpd

Listing Services

# List all loaded units
systemctl list-units

# List all services
systemctl list-units --type=service

# List all services (including inactive)
systemctl list-units --type=service --all

# List enabled services
systemctl list-unit-files --state=enabled

# List failed services
systemctl --failed

# Show service dependencies
systemctl list-dependencies httpd

Viewing Service Configuration

# Show unit file
systemctl cat httpd

# Edit unit file (creates override)
sudo systemctl edit httpd
# Creates: /etc/systemd/system/httpd.service.d/override.conf

# Edit full unit file
sudo systemctl edit --full httpd

# Show all properties
systemctl show httpd

# Show specific property
systemctl show httpd -p ActiveState

Procedure: Installing and Enabling Apache

  1. Install Apache: 
    sudo dnf install -y httpd
  2. Start the service: 
    sudo systemctl start httpd
  3. Enable at boot: 
    sudo systemctl enable httpd
  4. Verify status: 
    systemctl status httpd
systemctl is-enabled httpd
  5. Test (if firewall open): 
    curl http://localhost
💡 Enable vs Start

enable: Service starts automatically at boot
start: Service starts now (but won't persist reboot)
enable --now: Both enable and start in one command

🎯 Systemd Targets

Targets are groups of units that define system states, similar to old SysV runlevels.

Common Targets

Target Runlevel Description
poweroff.target 0 Shut down system
rescue.target 1 Single-user mode (root shell)
multi-user.target 3 Multi-user, no GUI
graphical.target 5 Multi-user with GUI
reboot.target 6 Reboot system
emergency.target - Minimal shell (before rescue)

Managing Targets

# Show default target
systemctl get-default

# Set default target
sudo systemctl set-default multi-user.target
sudo systemctl set-default graphical.target

# Switch to target immediately
sudo systemctl isolate multi-user.target
sudo systemctl isolate graphical.target

# List available targets
systemctl list-units --type=target

# Show target dependencies
systemctl list-dependencies graphical.target

System State Commands

# Reboot system
sudo systemctl reboot

# Power off system
sudo systemctl poweroff

# Halt system
sudo systemctl halt

# Suspend (sleep)
sudo systemctl suspend

# Hibernate
sudo systemctl hibernate

# Enter rescue mode
sudo systemctl rescue

# Enter emergency mode
sudo systemctl emergency
📘 Rescue vs Emergency

rescue.target: Mounts filesystems, minimal services, prompts for root password
emergency.target: Root filesystem mounted read-only, no services, single-user shell

🚀 Boot Process

RHEL 9 Boot Sequence

  1. UEFI/BIOS: Hardware initialization, POST
  2. Bootloader (GRUB2): Load kernel and initramfs
  3. Kernel: Initialize hardware, mount root filesystem
  4. systemd: First process (PID 1), start services
  5. Default Target: Reach multi-user.target or graphical.target
  6. Login Prompt: System ready

Analyzing Boot Performance

# Show boot time
systemd-analyze

# Output:
Startup finished in 1.234s (kernel) + 5.678s (initrd) + 15.432s (userspace) = 22.344s
graphical.target reached after 15.123s in userspace

# Show service startup times
systemd-analyze blame

# Output (slowest first):
5.234s NetworkManager-wait-online.service
2.123s kdump.service
1.456s firewalld.service

# Critical chain (what blocked boot)
systemd-analyze critical-chain

# Visualize boot (create SVG)
systemd-analyze plot > boot.svg

GRUB2 Boot Menu

# GRUB2 configuration
/boot/grub2/grub.cfg        # Main config (DO NOT EDIT)
/etc/default/grub           # User settings
/etc/grub.d/                # Config scripts

# Modify GRUB settings
sudo vi /etc/default/grub

# Example settings:
GRUB_TIMEOUT=5
GRUB_CMDLINE_LINUX="rhgb quiet"

# Regenerate GRUB config
sudo grub2-mkconfig -o /boot/grub2/grub.cfg

# For UEFI systems:
sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg

Kernel Command Line

# View current kernel parameters
cat /proc/cmdline

# Common kernel parameters:
rhgb               # Red Hat Graphical Boot (splash screen)
quiet              # Minimal boot messages
systemd.unit=      # Boot to specific target
rd.break           # Break into initramfs shell
init=/bin/bash     # Boot to bash (dangerous!)
selinux=0          # Disable SELinux temporarily

🔧 Troubleshooting Boot Issues

Boot to Rescue Mode

  1. Reboot the system
  2. Press e at GRUB menu
  3. Find line starting with linux or linux16
  4. Append to end: systemd.unit=rescue.target
  5. Press Ctrl+x to boot
  6. Enter root password

Boot to Emergency Mode

  1. Same as rescue, but append: systemd.unit=emergency.target
  2. Root filesystem mounted read-only
  3. Remount read-write: mount -o remount,rw /

Break into initramfs

# At GRUB, add to kernel line:
rd.break

# You'll get a shell before root is mounted
# Root is at /sysroot (read-only)

# Remount read-write
mount -o remount,rw /sysroot

# Chroot into system
chroot /sysroot

# Make changes, then:
exit
reboot -f

Common Boot Problems

Problem Solution
Bad /etc/fstab entry Boot to emergency, fix fstab
Forgotten root password rd.break, reset password
Service fails at boot Disable service, check logs
SELinux prevents boot Add selinux=0 to kernel line

🔑 Reset Root Password

Procedure: Reset Root Password (RHCSA Exam Critical!)

  1. Reboot the system
  2. At GRUB menu, press e to edit
  3. Find line starting with linux
  4. Add rd.break to end of line: 
    linux ($root)/vmlinuz-... root=UUID=... rhgb quiet rd.break
  5. Press Ctrl+x to boot
  6. You'll get a switch_root:/# prompt
  7. Remount /sysroot as read-write: 
    mount -o remount,rw /sysroot
  8. Chroot into system: 
    chroot /sysroot
  9. Change root password: 
    passwd root
# Enter new password twice
  10. Critical for SELinux: Relabel on next boot: 
    touch /.autorelabel
  11. Exit chroot and reboot: 
    exit
reboot -f
  12. System will relabel (may take time), then boot normally
⚠️ Critical: Don't Forget .autorelabel

If you don't create /.autorelabel, SELinux will prevent login after password change! The system will relabel files on next boot. This is REQUIRED for exam success!

Alternative: Boot with init=/bin/bash

# At GRUB, replace 'rhgb quiet' with:
init=/bin/bash

# System boots directly to bash (no systemd)
# Root filesystem is read-only

# Remount read-write
mount -o remount,rw /

# Change password
passwd root

# Create autorelabel
touch /.autorelabel

# Sync and reboot
sync
reboot -f
⚠️ Security Consideration

Physical access = root access. Protect GRUB with password or use BIOS/UEFI password to prevent unauthorized password resets. Also consider full disk encryption.

📝 Practice Questions

Question 1: What command enables httpd to start at boot?

  • A) systemctl start httpd
  • B) systemctl enable httpd
  • C) systemctl activate httpd
  • D) systemctl boot httpd
Answer: B) systemctl enable httpd
enable creates symlink in target.wants directory for automatic startup. start only starts now (doesn't persist reboot). Use enable --now to both enable and start immediately.

Question 2: Which target is equivalent to runlevel 3 (multi-user, no GUI)?

  • A) graphical.target
  • B) multi-user.target
  • C) rescue.target
  • D) default.target
Answer: B) multi-user.target
multi-user.target = runlevel 3 (text mode). graphical.target = runlevel 5 (GUI). rescue.target = runlevel 1 (single user). Set default: systemctl set-default multi-user.target

Question 3: What's the CRITICAL step when resetting root password with rd.break?

  • A) Run passwd root
  • B) Mount -o remount,rw /sysroot
  • C) touch /.autorelabel
  • D) chroot /sysroot
Answer: C) touch /.autorelabel
All steps are required, but touch /.autorelabel is CRITICAL for SELinux systems. Without it, SELinux prevents login after password change. System will relabel on next boot. This is a common exam mistake!

Question 4: How do you prevent a service from starting (even manually)?

  • A) systemctl disable httpd
  • B) systemctl stop httpd
  • C) systemctl mask httpd
  • D) systemctl isolate httpd
Answer: C) systemctl mask httpd
mask creates symlink to /dev/null, preventing start completely (even manually). disable only prevents automatic boot start. unmask reverses masking. Useful for conflicting services.

Question 5: Which mode provides minimal shell before mounting filesystems?

  • A) rescue.target
  • B) emergency.target
  • C) multi-user.target
  • D) rd.break
Answer: B) emergency.target
emergency.target: root filesystem read-only, minimal shell, no services. rescue.target: filesystems mounted, basic services, root password prompt. rd.break: interrupts before switching to real root, gives initramfs shell.

Question 6: What command shows which services delayed boot the most?

  • A) systemctl --failed
  • B) systemd-analyze blame
  • C) journalctl -b
  • D) systemctl list-units
Answer: B) systemd-analyze blame
systemd-analyze blame lists services by startup time (slowest first). systemd-analyze shows total boot time. systemd-analyze critical-chain shows dependency chain that blocked boot.