SystemD

Usefull commands

Find all the errors:

systemctl list-units --failed

systemctl list-units --state failed

Logs for a service

journalctl -u x.service

Kernel

journalctl -k

Live

journalctl -f

Debug a service

journalctl --catalog --pager-end --unit=x.service

Credential management

Check HW capabilities
```
systemd-creds has-tpm2
```

if library is not available:

sudo apt install tpm2-abrmd

You should see somthing like:

pierre@horn:~/src/pierreaubert.github.io$ sudo systemd-creds has-tpm2
yes
+firmware
+driver
+system
+subsystem
+libraries

Store secret

For service xyz, as root:

mkdir /etc/systemd/system/xyz.service.d
systemd-ask-password -n | ( echo "[Service]" && systemd-creds encrypt --name=password -p - - ) > /etc/systemd/system/xyz.service.d/50-password.conf

since the configuration file is in the default location, it is picked up automatically. You can now edit the config

sudo systemctl edit xyz.config

and remove the following lines:

Environment *
EnvironmentFile *

and the usual

systemctl daemon-reload
systemctl restart xyz.service

User scripts

Systemd also works for users, service files are in .config/systemd/user

systemctl --user daemon-reload
systemctl --user enable xyz.service
systemctl --user start xyz.service
systemctl --user status xyz.service

does the trick, and the same for getting logs:

journalctl --user -u xyz.service

Some examples (Roon, Polkadot Node, Komga) are on GH. Neat!