Back to cert prep

Unofficial practice

Service Failed First Response

A service is marked failed after a change. Prove whether the failure is unit state, config syntax, or a runtime log error before restarting anything.

Linux One Liners is an independent study and practice resource. It is not affiliated with, endorsed by, or approved by LPI, The Linux Foundation, CompTIA, or any certification provider. This site does not provide exam dumps or real exam questions.

Try first

systemctl status nginx --no-pager && journalctl -u nginx -b --no-pager | tail -60

Troubleshooting ladder

  1. Name the symptom.
  2. Inspect read-only state.
  3. Find the owner, service, file, device, mount, or route.
  4. Read the decisive output field.
  5. Choose the next narrow command.
  6. Avoid broad or destructive changes.
  7. Make the smallest justified change if required.
  8. Verify and record what changed.

drill evidence

Sample output and answer key

Command anatomy

systemctl status nginx --no-pager && journalctl -u nginx -b --no-pager | tail -60
systemctl
read service state and unit metadata
journalctl
read systemd logs
-u
scope logs to one unit when present
--since/-b
limit the time window
--no-pager
make output copyable in drills

Annotated output

nginx.service - A high performance web server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled)
   Active: failed (Result: exit-code) since Fri 2026-07-03 10:12:04 CDT
Jul 03 10:12:04 web01 nginx[2310]: nginx: [emerg] open() "/etc/nginx/nginx.conf" failed (13: Permission denied)

What to notice

Loaded
whether the unit file exists and is enabled
Active
current service state
Result
how systemd classified the failure
log message
the concrete file, port, user, or syntax cause

Safe vs unsafe move

Common wrong move

Restarting the service before reading the failing line.

Next safe command

nginx -t

Goal

Prove the condition with command output before changing the system.

Safe first command

systemctl status nginx --no-pager && journalctl -u nginx -b --no-pager | tail -60

Correct interpretation

The decisive fields are `Active: failed (Result: exit-code)` and the nginx `[emerg]` log line. The affected object is `/etc/nginx/nginx.conf`. The next safe command is `nginx -t` because it validates the config without restarting the service. Do not restart nginx repeatedly before reading the failing line.

Next safe command

nginx -t

Common wrong move

Restarting the service before reading the failing line.

Self-check

Which line proves nginx failed before startup, which file should you inspect next, and why is `nginx -t` safer than another restart?

source and objective

Related cert objective

Source status: Linux Foundation LFCS page verified June 30, 2026. LFCS is an online, proctored, performance-based command-line exam.

Open related practice area

Why this matters

The point is not to memorize a flag. It is to read the evidence, name the next safe check, and avoid the tempting broad fix.