Managing
Network Services

Start, stop, and check the status of network services

CIS126RH | RHEL System Administration 1
Mesa Community College

Network services — SSH, HTTP, firewall, DNS, and others — are managed as systemd units on RHEL 9. Administrators must know how to start and stop them, check whether they are running and why, enable them to start automatically at boot, and diagnose why a service failed. The systemctl command is the central tool for all of these tasks. This module covers service management with a focus on network services and is tested extensively on the RHCSA exam.

Learning Objectives

  1. Start and stop services — Use systemctl start and systemctl stop to manage the running state of a service
  2. Enable and disable services at boot — Use systemctl enable and systemctl disable to control whether a service starts automatically
  3. Check service status and diagnose failures — Use systemctl status to interpret service state and read recent log output, and use journalctl -u for deeper investigation
  4. Reload and restart services after configuration changes — Distinguish between reload, restart, and restart --force and choose the right action

systemd Services on RHEL

On RHEL 9, all services are managed as systemd units. A service unit file defines how to start the service, what to do if it fails, and what other units it depends on.

  • Service unit files end in .service and live in /usr/lib/systemd/system/ (package-installed) or /etc/systemd/system/ (administrator-created)
  • The service name used with systemctl is the unit file name without the .service suffix
  • Common network service names: sshd, httpd, firewalld, NetworkManager, chronyd
# List all loaded service units
$ systemctl list-units --type=service

# List only services that have failed
$ systemctl list-units --type=service --state=failed

# Show all installed unit files (including disabled ones)
$ systemctl list-unit-files --type=service | grep enabled

Starting and Stopping Services

These commands change the running state of a service right now. They have no effect on whether the service starts at the next boot.

# Start a service immediately
$ sudo systemctl start sshd
$ sudo systemctl start httpd

# Stop a running service
$ sudo systemctl stop sshd

# Restart a service (stop then start)
$ sudo systemctl restart httpd

# Reload configuration without stopping the service
$ sudo systemctl reload sshd

# Reload if the service supports it, otherwise restart
$ sudo systemctl reload-or-restart httpd

# Confirm the result
$ systemctl is-active sshd
active
start/stop does not affect the next boot

Starting a service with systemctl start is temporary — if the service is disabled, it will not start on the next reboot. To make it persistent, also run systemctl enable.

Enabling and Disabling Services at Boot

These commands control whether a service starts automatically at boot. They have no immediate effect on the currently running state.

# Enable a service — creates a symlink so it starts on boot
$ sudo systemctl enable sshd
Created symlink /etc/systemd/system/multi-user.target.wants/sshd.service →
    /usr/lib/systemd/system/sshd.service.

# Disable a service — removes the symlink
$ sudo systemctl disable sshd

# Enable AND start in one command — the most common pattern
$ sudo systemctl enable --now httpd

# Disable AND stop in one command
$ sudo systemctl disable --now httpd

# Check if a service is enabled (will start at boot)
$ systemctl is-enabled sshd
enabled
RHCSA Most Common Pattern

sudo systemctl enable --now SERVICENAME starts the service right now AND ensures it starts on every future boot. This single command completes most service deployment tasks on the exam.

Checking Service Status

systemctl status shows a complete summary: running state, enabled state, PID, memory usage, and the most recent log entries.

$ systemctl status sshd
● sshd.service - OpenSSH server daemon
     Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; preset: enabled)
     Active: active (running) since Mon 2026-05-25 07:00:00 MST; 14 days ago
   Main PID: 872 (sshd)
      Tasks: 1 (limit: 49152)
     Memory: 5.2M
        CPU: 203ms
     CGroup: /system.slice/sshd.service
             └─872 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups

May 25 09:05:21 servera sshd[872]: Accepted publickey for student
May 25 09:10:04 servera sshd[872]: pam_unix(sshd:session): session opened
Read status output top to bottom

Line 1: unit description. Line 2: file location and enabled/disabled (boot state). Line 3: active/inactive/failed (running state) and how long. Lines at the bottom: the most recent log entries — often show exactly why the service failed.

Interpreting Service States

The Active line in systemctl status shows the current running state. The Loaded line shows the boot-time configuration.

Active state Meaning Action
active (running) Service is running with at least one process Normal — no action needed
active (exited) Service started successfully and its process has completed Normal for one-shot services (setup scripts)
inactive (dead) Service is not running and has not been started Start with systemctl start if needed
failed Service exited with a non-zero status or was killed Read the log lines below status; fix the problem then start
activating Service is in the process of starting up Wait; re-check status if it stays in this state too long
deactivating Service is in the process of stopping Normal during shutdown; investigate if it stays here

Diagnosing a Failed Service

When systemctl status shows failed, the diagnostic information is right there — read it carefully before taking action.

$ systemctl status httpd
● httpd.service - The Apache HTTP Server
     Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
     Active: failed (Result: exit-code) since Mon 2026-05-25 10:00:00 MST
    Process: 5432 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
   Main PID: 5432 (code=exited, status=1/FAILURE)

May 25 10:00:00 servera httpd[5432]: AH00526: Syntax error on line 47 of /etc/httpd/conf/httpd.conf
May 25 10:00:00 servera httpd[5432]: Invalid command 'ServerNam', perhaps misspelled
May 25 10:00:00 servera systemd[1]: httpd.service: Main process exited, code=exited
May 25 10:00:00 servera systemd[1]: httpd.service: Failed with result 'exit-code'.

# Get more detail from the journal
$ journalctl -u httpd --since "10 minutes ago"
The log lines tell you what to fix

The lines at the bottom of systemctl status are the last few journal entries from the service. In this example, the error message identifies the exact file and line number of the configuration problem. Fix the problem first, then restart the service.

reload vs restart: Choosing the Right Action

After changing a service's configuration file, the service must be told about the change. Choose based on what the service supports and how much disruption is acceptable.

Command What happens Connection disruption Use when
reload Service re-reads its config without stopping its process None — existing connections continue Service supports SIGHUP reload (sshd, httpd, nginx)
restart Service is stopped and then started again All existing connections dropped Config change requires full restart, or service does not support reload
reload-or-restart Reload if supported; otherwise restart Minimal — no disruption if reload works Safe default when unsure whether the service supports reload 
# Apply a sshd_config change without dropping active SSH sessions
$ sudo systemctl reload sshd

# Restart httpd after changing the server's IP binding
$ sudo systemctl restart httpd

Common Network Services on RHEL

Service name Purpose Default state Config file(s)
sshd Secure Shell remote access Enabled, running /etc/ssh/sshd_config
firewalld Dynamic firewall management Enabled, running /etc/firewalld/
httpd Apache HTTP web server Installed, disabled /etc/httpd/conf/httpd.conf
NetworkManager Network interface management Enabled, running /etc/NetworkManager/
chronyd NTP time synchronisation Enabled, running /etc/chrony.conf
rsyslog System log processing and routing Enabled, running /etc/rsyslog.conf
named DNS server (BIND) Installed, disabled /etc/named.conf

The Full Service Lifecycle

Deploying a new network service follows a consistent pattern on every RHEL system.

  1. Install the package
    sudo dnf install httpd
  2. Edit the configuration file
    sudo vim /etc/httpd/conf/httpd.conf
  3. Enable and start the service
    sudo systemctl enable --now httpd
  4. Check the status
    systemctl status httpd
  5. Open the firewall port
    sudo firewall-cmd --permanent --add-service=http && sudo firewall-cmd --reload
  6. Verify the service is reachable
    curl http://localhost or ss -tlnp | grep :80

Verifying Network Service Accessibility

A service can be running but still unreachable — due to the firewall, a wrong listen address, or a configuration error. Verify at multiple layers.

# Check what ports the service is listening on
$ ss -tlnp
State   Recv-Q  Send-Q  Local Address:Port  Peer Address:Port  Process
LISTEN  0       128     0.0.0.0:22         0.0.0.0:*          users:(("sshd",pid=872))
LISTEN  0       128     0.0.0.0:80         0.0.0.0:*          users:(("httpd",pid=1234))

# Check that the firewall allows the service
$ sudo firewall-cmd --list-services
cockpit dhcpv6-client ssh
# http is not listed — firewall is blocking it!

# Test connectivity to the service locally
$ curl -s http://localhost | head -3

# Test SSH connectivity to the server
$ ssh -o ConnectTimeout=5 localhost
Always check the firewall after starting a service

RHEL enables firewalld by default. A service can be running and listening correctly but completely unreachable from the network if its port is not allowed in the firewall.

Masking Services

Masking prevents a service from being started, even accidentally or by another service. It is stronger than disabling.

# Disable a service — can still be started manually
$ sudo systemctl disable httpd

# Mask a service — cannot be started by any means
$ sudo systemctl mask httpd
Created symlink /etc/systemd/system/httpd.service → /dev/null.

# Attempting to start a masked service fails
$ sudo systemctl start httpd
Failed to start httpd.service: Unit httpd.service is masked.

# Unmask to restore normal behaviour
$ sudo systemctl unmask httpd
Removed /etc/systemd/system/httpd.service.

# Confirm the service is no longer masked
$ systemctl is-enabled httpd
disabled
Masking creates a /dev/null symlink

systemd implements masking by creating a symlink pointing to /dev/null in /etc/systemd/system/. This symlink overrides the real unit file, making the service impossible to start.

Service Management Quick Reference

Task Command
Start a service nowsudo systemctl start SERVICE
Stop a running servicesudo systemctl stop SERVICE
Restart a servicesudo systemctl restart SERVICE
Reload config without stoppingsudo systemctl reload SERVICE
Reload or restart (safe default)sudo systemctl reload-or-restart SERVICE
Enable at boot onlysudo systemctl enable SERVICE
Enable at boot AND start nowsudo systemctl enable --now SERVICE
Disable at boot onlysudo systemctl disable SERVICE
Disable AND stop nowsudo systemctl disable --now SERVICE
Check running and boot statesystemctl status SERVICE
Check if runningsystemctl is-active SERVICE
Check if enabledsystemctl is-enabled SERVICE
Read service logsjournalctl -u SERVICE
Follow service logs livejournalctl -u SERVICE -f
Prevent service from startingsudo systemctl mask SERVICE
Restore masked servicesudo systemctl unmask SERVICE

Troubleshooting Service Failures

A systematic approach finds the cause of most service failures in under a minute.

  1. Check status — read the log lines at the bottom
    systemctl status SERVICENAME
  2. If the log lines are insufficient, read the full journal
    journalctl -u SERVICENAME --since "5 minutes ago"
  3. Check the service's own log file if it has one
    sudo tail -n 50 /var/log/httpd/error_log
  4. Verify the configuration file syntax
    httpd -t, sshd -t, named-checkconf
  5. Fix the problem, then start the service
    sudo systemctl start SERVICENAME
  6. Confirm the service is running
    systemctl status SERVICENAME

Common Mistakes

Mistake What goes wrong Correct approach
Starting a service without enabling it Service runs until reboot then never starts again Use systemctl enable --now SERVICE to do both at once
Enabling a service without starting it Service will start at the next boot but is not running now Use systemctl enable --now SERVICE to start immediately
Not checking status after start Service silently failed — task appears complete but service is not running Always run systemctl status SERVICE after starting
Using restart when reload would work All active connections are dropped unnecessarily Use reload for config changes when the service supports it
Forgetting to open the firewall port Service is running and listening but unreachable from the network Always check firewall-cmd --list-services after starting a network service
Editing a unit file in /usr/lib/systemd/system/ Changes overwritten by the next package update Create override files in /etc/systemd/system/SERVICE.d/override.conf

Knowledge Check

Answer these before moving to the next slide.

  1. Write the single command to install httpd, then the single command to ensure it is running now AND will start automatically on every future boot.
  2. What is the difference between systemctl enable sshd and systemctl start sshd?
  3. After editing /etc/ssh/sshd_config, you want to apply the changes without dropping any active SSH sessions. What command do you use?
  4. The output of systemctl status httpd shows Active: failed. What is the first thing you look at in the output, and what do you do next?
  5. Write the command to check which TCP ports sshd is listening on and which process owns each socket.
  6. What does masking a service do, and how is it different from disabling it?

Knowledge Check — Answers

  1. Install: sudo dnf install -y httpd
    Enable and start: sudo systemctl enable --now httpd — the --now flag both enables for boot AND starts immediately.
  2. systemctl enable sshd configures the service to start automatically at the next boot — it does not start the service now. systemctl start sshd starts the service right now in the current session — it has no effect on future boots.
  3. sudo systemctl reload sshd — reload sends SIGHUP to the sshd process, causing it to re-read its configuration without stopping. Existing sessions are not interrupted.
  4. First, read the log lines at the bottom of the status output — they almost always show the error message that caused the failure (syntax error, missing file, permission denied, etc.). If the status output does not provide enough detail, run journalctl -u httpd --since "5 minutes ago" to see the full log context.
  5. ss -tlnp-t for TCP, -l for listening, -n for numeric ports, -p for process name and PID.
  6. Masking creates a symlink to /dev/null that prevents the service from starting by any means — manually, by another service, or at boot. Disabling only removes the boot-time symlink; the service can still be started manually with systemctl start. Masking is a stronger, absolute prevention.

Key Takeaways

  1. start/stop controls running state now; enable/disable controls boot state. These are independent — a service can be running but disabled, or enabled but stopped. Use systemctl enable --now SERVICE to do both at once.
  2. Always check status after starting a service. systemctl status SERVICE shows running state, boot state, PID, and the last few log lines. A failed service always leaves evidence in those log lines. If status is insufficient, use journalctl -u SERVICE.
  3. Use reload instead of restart when the service supports it. reload applies configuration changes without dropping existing connections. restart drops all connections. Use reload-or-restart when unsure which the service supports.
  4. A running service may still be unreachable — check the firewall. ss -tlnp confirms the service is listening on the expected port. firewall-cmd --list-services shows what is allowed through. A service that is not in that list is blocked from external access.

Graded Lab

  • Check whether sshd is running and enabled with systemctl status sshd. Note both the Active state and the enabled/disabled state on the Loaded line.
  • Install httpd with dnf install httpd. After installation, check its status — it should be installed but not running and not enabled.
  • Enable and start httpd with a single systemctl enable --now httpd command. Verify it is active and enabled with systemctl status httpd.
  • Use ss -tlnp to confirm httpd is listening on port 80. Then check sudo firewall-cmd --list-services to see whether the firewall allows HTTP traffic.
  • Stop httpd with systemctl stop. Confirm it is inactive but still enabled. Start it again and confirm it returns to active.
  • Use journalctl -u httpd --since today to view today's log entries for the httpd service.
RHCSA Objective

"Start, stop, and check the status of network services." The exam pattern is: install, enable --now, verify with status, check firewall. These four steps complete most service deployment tasks.

Next: Securly transfer files between systems