LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/LDP/LG/issue81/vikas.html

240 lines
9.4 KiB
HTML
Raw Permalink Blame History

<!--startcut ==============================================-->
<!-- *** BEGIN HTML header *** -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML><HEAD>
<title>SysRq: The Process-nuke LG #81</title>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#0000AF"
ALINK="#FF0000">
<!-- *** END HTML header *** -->
<CENTER>
<A HREF="http://www.linuxgazette.com/">
<IMG ALT="LINUX GAZETTE" SRC="../gx/lglogo.png"
WIDTH="600" HEIGHT="124" border="0"></A>
<BR>
<!-- *** BEGIN navbar *** -->
<IMG ALT="" SRC="../gx/navbar/left.jpg" WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="bottom"><A HREF="tougher.html"><IMG ALT="[ Prev ]" SRC="../gx/navbar/prev.jpg" WIDTH="16" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="index.html"><IMG ALT="[ Table of Contents ]" SRC="../gx/navbar/toc.jpg" WIDTH="220" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><A HREF="../index.html"><IMG ALT="[ Front Page ]" SRC="../gx/navbar/frontpage.jpg" WIDTH="137" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="http://www.linuxgazette.com/cgi-bin/talkback/all.py?site=LG&article=http://www.linuxgazette.com/issue81/vikas.html"><IMG ALT="[ Talkback ]" SRC="../gx/navbar/talkback.jpg" WIDTH="121" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><A HREF="../lg_faq.html"><IMG ALT="[ FAQ ]" SRC="./../gx/navbar/faq.jpg"WIDTH="62" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="lg_backpage.html"><IMG ALT="[ Next ]" SRC="../gx/navbar/next.jpg" WIDTH="15" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><IMG ALT="" SRC="../gx/navbar/right.jpg" WIDTH="15" HEIGHT="45" ALIGN="bottom">
<!-- *** END navbar *** -->
<P>
</CENTER>
<!--endcut ============================================================-->
<H4 ALIGN="center">
"Linux Gazette...<I>making Linux just a little more fun!</I>"
</H4>
<P> <HR> <P>
<!--===================================================================-->
<center>
<H1><font color="maroon">SysRq: The Process-nuke</font></H1>
<H4>By <a href="mailto:vikasgp386@hotmail.com">Vikas G P</a></H4>
</center>
<P> <HR> <P>
<!-- END header -->
<p>
So you thought you could always kill an offending program with <code>kill -9</code> ?
But what if it's your X server that has crashed, or that nifty svgalib program
you wrote ? That's where magic SysRq comes in.
<p>
<h2>What is it</h2>
<p>
Magic SysRq is a key combination directly intercepted by the kernel and
can be used, among other things, to perform an emergency shutdown. It is
described in Documentation/sysrq.txt and implemented in drivers/char/sysrq.c
in the kernel source tree. It exists primarily for kernel hackers, but it can be
useful to people in user-space also. Since it is implemented as a part of the
<a href="http://www.linuxjournal.com/article.php?sid=1080">keyboard driver,</a>
it is guaranteed to work most of the time, unless the
kernel itself is dead.
<p>
A note: In the rest of this article, when I say "SysRq key" I mean the single key
beside the Scroll lock key. But when I say "magic SysRq" I mean the <em>combination
</em>&lt Alt+SysRq &gt.
<p>
<h2>Enabling</h2>
<p>
To do the SysRq magic, your kernel needs to be compiled with CONFIG_MAGIC_SYSRQ.
Most distributions would have enabled it by default. If your's hasn't, you'll
just have to
<A href="http://www.tldp.org/HOWTO/Kernel-HOWTO.html">recompile</a>... :)</p>
<p>
After everything is OK with the kernel, check if SysRq is enabled by default.
</p>
<pre>
$ cat /proc/sys/kernel/sysrq
0
</pre>
If it shows zero, it's not enabled. Writing any non-zero value to
/proc/sys/kernel/sysrq will enable it.
<pre>
$ echo "1" > /proc/sys/kernel/sysrq
</pre>
If you want it to be always enabled, append these lines to one of your initialization
scripts(preferably rc.local).
<pre>
#Enable SysRq
echo -e "Enabling SysRq\n"
echo "1" > /proc/sys/kernel/sysrq
</pre>
<p>
Alternatively, you might look for a file called /etc/sysctl or /etc/sysctl.conf
which some distributions have(mine, RedHat, does). You can add a line like this to
it, and sysrq will be enabled at boot-time.
<pre>
kernel.sysrq = 1
</pre>
<p>
The magic SysRq combination is a unique one. Now, every key on the keyboard sends
a code when pressed or released, called the scan-code. The magic SysRq combination
(Alt+SysRq), however, sends only <em>one</em> scan-code(0x54, decimal 84) even though
two keys have been pressed. Check this out using <code>showkey -s</code>.
<p>
<h2>What can I do with it ?</h2>
<p>
Magic SysRq is invoked as &lt Alt+SysRq &gt + &lt command &gt. The SysRq key is
also labelled as Print Screen. The commands are:
<p>
k: Secure access key - This kills all processes running on the current virtual
console, so that no snoopy program can grab your keystrokes while you type your
password.
<p>
u: Attempts to unmount the root device, and remount it read-only. In addition to an
emergency shutdown, this command also comes in handy if you have only
one partition for Linux and need to do an fsck or low-level filesystem
editing(for example, ext2 undeletion. See
<a href="http://www.tldp.org/HOWTO/mini/Ext2fs-Undeletion.html">
Ext2fs Undeletion Howto</a>
<p>
s: This command syncs the kernel buffers to disk. You should do this
before unmounting.
<p>
b: Does an immediate reboot, pretty much like pressing the reset button. For a
safe shutdown, precede this with a sync and Unmount.
<p>
p: Prints the contents of the CPU registers.
<p>
m: Shows memory information.
<p>
t: Shows information about the tasks currently running.
<p>
0-9: Sets the console log-level to the specified number.
<p>
e: Sends a SIGTERM to all processes, except init.
<p>
i: Sends a SIGKILL(sure kill) to all processes, except init.
<p>
l: Sends a SIGKILL to all processes, including init(you won't be able to anything
after this).
<p>
<h2>Getting out</h2>
<p>
How do you get out of SysRq mode ? There is no definite documentation about this in
sysrq.txt. It talks about having to press the left and right control,alt and
shift keys, but a simpler thing worked for me. Just press Alt+SysRq once again,
and you'll get out of it.
<p>
The way I understand this is:
The kernel remembers the state of the magic SysRq combination: it's either down or
up. When you press the key for the first time, the state is changed to down. And when
you press any other key while SysRq's state is down, the kernel interprets it
as a command. If you press SysRq again, the state is changed to up, and further
keystrokes are handed to whatever program requests it.
<br>
(Actually, it's not that simple. Sometimes, the above mentioned method doesn't work.
I believe it's because the kernel uses a separate translation table when magic SysRq
is down.)
<p>
The SysRq key originally meant, as you can guess, "System Request". It was used by
early IBM terminals to get the attention of a central computer to execute a command.
The key seems to have few uses now, except in the linux kernel.
<p>
<h2> Security</h2>
<p>
Leaving magic SysRq enabled on a production machine can be potentially
dangerous. Anyone with physical access to the machine can bring it
down instantly.<br>
You should also disable SysRq if other people can log in to your system
remotely. A &lt break &gt sent from a remote console will be interpreted
as &lt Alt+SysRq &gt, and the consequences can be disastrous. See the
<a href="http://www.tldp.org/HOWTO/Remote-Serial-Console-HOWTO/index.html">
Remote-Serial-Console-HOWTO
</a> for more details.
<p>
<h2>Conclusion</h2>
<p>
The magic SysRq hack can come in very handy at times. However, it must be used
with care. It can also give you some insights into the inner workings of the kernel.
If you are enterprising, you might even hack the kernel and add new commands !
<!-- *** BEGIN bio *** -->
<SPACER TYPE="vertical" SIZE="30">
<P>
<H4><IMG ALIGN=BOTTOM ALT="" SRC="../gx/note.gif">Vikas G P</H4>
<EM>I'm in the last year of high school and live in Hassan, Karnataka in India,
trying to balance my studies and linuxing.</EM>
<!-- *** END bio *** -->
<!-- *** BEGIN copyright *** -->
<P> <hr> <!-- P -->
<H5 ALIGN=center>
Copyright &copy; 2002, Vikas G P.<BR>
Copying license <A HREF="../copying.html">http://www.linuxgazette.com/copying.html</A><BR>
Published in Issue 81 of <i>Linux Gazette</i>, August 2002</H5>
<!-- *** END copyright *** -->
<!--startcut ==========================================================-->
<HR><P>
<CENTER>
<!-- *** BEGIN navbar *** -->
<IMG ALT="" SRC="../gx/navbar/left.jpg" WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="bottom"><A HREF="tougher.html"><IMG ALT="[ Prev ]" SRC="../gx/navbar/prev.jpg" WIDTH="16" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="index.html"><IMG ALT="[ Table of Contents ]" SRC="../gx/navbar/toc.jpg" WIDTH="220" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><A HREF="../index.html"><IMG ALT="[ Front Page ]" SRC="../gx/navbar/frontpage.jpg" WIDTH="137" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="http://www.linuxgazette.com/cgi-bin/talkback/all.py?site=LG&article=http://www.linuxgazette.com/issue81/vikas.html"><IMG ALT="[ Talkback ]" SRC="../gx/navbar/talkback.jpg" WIDTH="121" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><A HREF="../lg_faq.html"><IMG ALT="[ FAQ ]" SRC="./../gx/navbar/faq.jpg"WIDTH="62" HEIGHT="45" BORDER="0" ALIGN="bottom"></A><A HREF="lg_backpage.html"><IMG ALT="[ Next ]" SRC="../gx/navbar/next.jpg" WIDTH="15" HEIGHT="45" BORDER="0" ALIGN="bottom" ></A><IMG ALT="" SRC="../gx/navbar/right.jpg" WIDTH="15" HEIGHT="45" ALIGN="bottom">
<!-- *** END navbar *** -->
</CENTER>
</BODY></HTML>
<!--endcut ============================================================-->
Reference in New Issue View Git Blame Copy Permalink