systemd and journalctl.
enable on boot, mask, and read the logs.
httpd is not surviving reboots and cost webadmin two hours after a kernel patch. Set it up properly with systemd, mask a daemon that should never run, and read its logs through journalctl.
The ticket: the web service runs but does not survive reboots. A kernel-patch reboot last week left httpd down and cost two hours. webadmin wants four things. Install httpd and enable it on boot in one command. Mask an old ntp-style daemon so it can never start, even by accident. Show how to read httpd logs through journalctl instead of digging in /var/log/httpd/. And confirm the default boot target is text, not a GUI.
The real problem: starting a service and enabling it are two different things, and the reboot survival everyone assumes comes from enable, not start. Masking is also stronger than disabling, and the difference matters here.
What we are doing: the service lifecycle with systemctl, log reading with journalctl, and boot targets.
The ticket
id webadmin systemctl --version sudo dnf repolist | head -3
Concept review. systemctl and targets.
man systemctl journalctl systemd.unit
start / stop / restart / reload lifecycle enable / disable boot persistence enable --now enable AND start in one command mask / unmask block a unit entirely is-active / is-enabled scriptable checks get-default / set-default boot target daemon-reload reload unit files after editing
Targets replaced the old runlevels. multi-user.target is text and networked, the old runlevel 3. graphical.target is the GUI, runlevel 5. rescue.target is single user, and emergency.target is minimal recovery. This server should sit on multi-user so no GUI ever loads.
Install and enable httpd in one shot
The key command is enable —now. enable makes it start at boot, and —now also starts it immediately, so you do not need a separate start. This is the shortcut the exam expects you to know cold.
sudo dnf install -y httpd sudo systemctl enable --now httpd systemctl is-active httpd # active systemctl is-enabled httpd # enabled sudo systemctl status httpd
Mask the daemon that should never run
Masking symlinks the unit to /dev/null, so it cannot start at all, not even when something else depends on it. That is stronger than disable, which only stops auto-start but still allows a manual start. Practice on chronyd, then unmask it, since you actually want chrony later.
sudo systemctl mask chronyd sudo systemctl start chronyd # fails: Unit chronyd.service is masked sudo systemctl unmask chronyd sudo systemctl start chronyd
Read the logs with journalctl
The journal replaces hunting through log files. Filter by unit, count, priority, boot, and time.
sudo journalctl -u httpd # all httpd logs sudo journalctl -u httpd -n 50 # last 50 lines sudo journalctl -u httpd -f # follow live, Ctrl+C to stop sudo journalctl -u httpd -b # since the current boot sudo journalctl -u httpd -p err # errors only sudo journalctl -u httpd --since "1 hour ago" sudo journalctl -u httpd --since today
Confirm the boot target
sudo systemctl get-default # expect multi-user.target # to change it (do not unless needed): # sudo systemctl set-default multi-user.target sudo systemctl list-units --type=target | head
Inspect and override unit files
Never edit a shipped unit file directly. systemctl edit creates a drop-in override, and after any unit change you reload the daemon.
systemctl cat httpd sudo systemctl edit httpd # creates a drop-in override.conf sudo systemctl daemon-reload sudo systemctl restart httpd
Exam questions
Write the command first.
Q1. Enable httpd to start at boot and start it immediately, in a single command.
Q2. Mask the cups service so it cannot be started by anyone, and verify.
Q3. Show all error-level httpd log entries since the last boot, newest first.
Answers.
# A1 sudo systemctl enable --now httpd # A2 sudo systemctl mask cups systemctl is-enabled cups # masked sudo systemctl start cups # fails: Unit cups.service is masked # A3 sudo journalctl -u httpd -p err -b -r # -p err level, -b since boot, -r newest first
Final checklist: confirm everything works
If every check passes, the ticket is done.
# 1. httpd installed, enabled, and running systemctl is-active httpd; systemctl is-enabled httpd # 2. masking demonstrated and reversed # 3. journalctl filters practiced: -u, -p, -b, --since # 4. default target is multi-user (no GUI) sudo systemctl get-default # 5. all three exam commands written before peeking # 6. tracker entry checked off
Reply to webadmin: httpd is enabled and running, and it will survive reboots because it is enabled, not just started. The masking pattern is documented for future use. Default target is multi-user, so no GUI will load.