Using the "Magic System Request Keys"
Novell Cool Solutions: Feature
By Kirk Coombs
|
Digg This -
Slashdot This
Posted: 16 Aug 2005 |
Applies To:
- SUSE Linux Professional
- SUSE Linux Enterprise Server
- Novell Linux Desktop
- Open Enterprise Server
Disclaimer
The System Request keys are great for debugging or for use on a non-production system. Enabling the System Request keys introduces a security risk--allowing any local or remote user to send commands such as SIGKILL or HALT to the system.
Summary
The Linux kernel contains an option to enable "Magic System Request (SysRq)" keys. When enabled these simple keystrokes allow commands to be sent directly to the kernel. These commands are received and acted upon when other commands may not be able get through. For example, an application may lock up and not allow the user the ability to get to a console to kill it. As long as the kernel is not frozen, the SysRq commands make it possible to cleanly kill applications or restart the system.
If you have the Linux kernel source installed, documentation can be
found at /usr/src/linux/Documentation/sysrq.txt.
Enabling the SysRq Keys
All Novell Linux kernels have support for SysRq keys, but it is disabled by default for security reasons. There are two ways to enable support, depending on whether it should be temporary or permanent.
-
To enable support temporarily (until the next reboot), enter (as root):
# echo 1 > /proc/sys/kernel/sysrq
It can be disabled by entering:
# echo 0 > /proc/sys/kernel/sysrq
-
To enable support permanently, use the SysConfig editor in YaST. Open YaST the select System > /etc/sysconfig Editor. Select System > Kernel > ENABLE_SYSRQ. Change the option to yes. This enable the SysRq keys on the next boot. To enable them now, enter (as root):
# echo 1 > /proc/sys/kernel/sysrq
Using the SysRq Keys
Once the SysRq function has been enabled, the keys are used by
entering <ALT>+<SysRq>+<Key>. On many keyboards
the <SysRq> key is labeled <Print Screen>. Output
that a SysRq sequence generates is given on TTY 10 (accessable with
<CTRL>+<ALT>+<F10>) and is written to
/var/log/messages. If an invalid key is entered, a
short HELP is
displayed, showing the various options (shortcut key is capitalized):
SysRq : HELP : loglevel0-8 reBoot tErm kIll saK showMem powerOff showPc unRaw Sync showTasks Unmount
Here are the options available, taken directly from /usr/src/linux/Documentation/sysrq.txt:
'r' - Turns off keyboard raw mode and sets it to XLATE.
'k' - Secure Access Key (SAK) Kills all programs on the current virtual
console.
'b' - Will immediately reboot the system without syncing or unmounting
your disks.
'o' - Will shut your system off (if configured and supported).
's' - Will attempt to sync all mounted filesystems.
'u' - Will attempt to remount all mounted filesystems read-only.
'p' - Will dump the current registers and flags to your console.
't' - Will dump a list of current tasks and their information to your
console.
'm' - Will dump current memory info to your console.
'v' - Dumps Voyager SMP processor info to your console.
'0'-'9' - Sets the console log level, controlling which kernel messages
will be printed to your console. ('0', for example would make
it so that only emergency messages like PANICs or OOPSes would
make it to your console.)
'e' - Send a SIGTERM to all processes, except for init.
'i' - Send a SIGKILL to all processes, except for init.
'l' - Send a SIGKILL to all processes, INCLUDING init. (Your system
will be non-functional after this.)
'h' - Will display help ( actually any other key than those listed
above will display help. but 'h' is easy to remember :-)
Why is This Useful?
There are several reasons why the SysRq keys may be useful.
One of the most common cases is to cleanly restart a locked
system. If the kernel still responds the system can be
restarted with s (sync mounted filesystems) then u
(remount filesystmes readonly) then b (reboot). The
documentation located
at /usr/src/linux/Documentation/sysrq.txt gives more
examples.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com