Jump to content

Magic SysRq key

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 62.155.227.60 (talk) at 18:16, 1 April 2011 (Undid revision 421852154 by Drmies (talk) Moved REISUB and cleaned it up, but it is necessary as REISUB redirects here and it is the most common use of SysRq.). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The SysRq key

The magic SysRq key is a key combination understood by the Linux kernel, which allows the user to perform various low level commands regardless of the system's state. It is often used to recover from freezes, or to reboot a computer without corrupting the filesystem.[1][2]

To be able to use this functionality the CONFIG_MAGIC_SYSRQ option has to be enabled at kernel compile time.

Purpose

Much like Sun Microsystems's Open Firmware (OpenBoot), this key combination provides access to powerful tools for software development and disaster recovery. In this sense, it can be considered a form of escape sequence. Principal among the offered commands are means to forcibly unmount file systems, kill processes, recover keyboard state, and write unwritten data to disk. With respect to these tasks, this feature serves as a tool of last resort.

Magic commands

The key combination consists of Alt, SysRq and another key, which controls the command issued (as shown in the table below). Users with a keyboard layout other than QWERTY have to remember that their layout becomes QWERTY when they use one of these combinations. For example, on a Dvorak keyboard, the key below '9' and '0' counts as an 'o', not as an 'r', so it shuts the system down instead of switching the keyboard to raw mode. Furthermore, some keyboards may not provide a separate SysRq key. In this case, a separate "Print Screen" key should be present. Under graphical environments (such as Gnome or KDE) 'Alt'+'PrintScrn/SysRq'+key combination generally only leads to a screenshot being dumped. To avoid this Print Screen feature the magic SysRq combination should include the Ctrl, becoming 'Ctrl'+'Alt'+'SysRq'+key. For the same purposes the AltGr key, if present, can be used in place of the Alt key. The magic SysRq can also be accessed from the serial console.[3]

Action QWERTY Dvorak AZERTY
Set the console log level, which controls the types of kernel messages that are output to the console 0 through 9 0 through 9 0 through 9
(without using shift)
Immediately reboot the system, without unmounting partitions or syncing b x b
Reboot kexec and output a crashdump c j c
Display all currently held Locks d e d
Send the SIGTERM signal to all processes except init (PID 1) e . e
Call oom_kill, which kills a process to alleviate an OOM condition f u f
When using Kernel Mode Setting, provides emergency support for switching back to the kernel's framebuffer console[4] g i g
Output a terse help document to the console
Any key which is not bound to a command should also perform this action
h d h
Send the SIGKILL signal to all processes except init i c i
Kill all processes on the current virtual console (Can be used to kill X and svgalib programs, see below)
This was originally designed to imitate a Secure Access Key
k t k
Output current memory information to the console m m ,
Reset the nice level of all high-priority and real-time tasks n b n
Shut off the system o r o
Output the current registers and flags to the console p l p
Display all active high-resolution timers and clock sources. q ' a
Switch the keyboard from raw mode, the mode used by programs such as X11 and svgalib, to XLATE mode r p r
Sync all mounted filesystems s o s
Output a list of current tasks and their information to the console t y t
Remount all mounted filesystems in read-only mode u g u
Output Voyager SMP processor information v k v
Display list of blocked (D state) tasks w , z

Common usage

Command line access and configuration

While this was originally implemented as part of the kernel's keyboard handler for debugging, the functionality has been also exposed via the proc filesystem and is commonly used to provide extended management capabilities to headless and remote systems. As an example, shell script can be simply used:

echo b > /proc/sysrq-trigger

This is equivalent to the key combination Alt + SysRq + B which reboots the machine.

The feature is controlled both by a compile-time option in the kernel configuration, CONFIG_MAGIC_SYSRQ, and a sysctl kernel parameter, kernel.sysrq.

"Raising Elephants" mnemonic device

A common use of the magic SysRq key is to preform a safe reboot of a Linux computer which has otherwise locked up. This can prevent a fsck being required on reboot and gives some programs a chance to save emergency backups of unsaved work.[5] The QWERTY (or AZERTY) mnemonic "Raising Elephants Is So Utterly Boring", "Reboot Even If System Utterly Broken" or simply remembering the word "BUSIER" backwards, are often used. It stands for:

unRaw      (take control of keyboard back from X),  
 tErminate (send SIGTERM to all processes, allowing them to terminate gracefully),
 kIll      (send SIGKILL to all processes, forcing them to terminate immediately), 
  Sync     (flush data to disk),
  Unmount  (remount all filesystems read-only),
reBoot.

In practice, each command may require a few seconds to complete, especially if feedback is unavailable from the screen due to a freeze or display corruption.

Remote access

The linux daemon sysrqd provides a method of accessing SysRq features over TCP/IP port 4094 after authenticating with a plain-text password.

Graphical programs

When magic SysRq keys are used to kill a frozen graphical program, the program has no chance to restore text mode. This can make everything unreadable. The commands textmode (part of SVGAlib) and reset can restore text mode and make the console readable again.

In hypervisors

The Xen hypervisor has functionality to send magic commands to hosted domains via its "xm sysrq" command.[6]

Security concerns

Some people view this key as giving access to dangerous system-level commands to anyone who has physical access to the keyboard or serial console.[7] It has been argued that this perceived security is illusory, as anyone with physical access to the computer would already have the capability to compromise its security.[8][failed verification] The advent of the procfs interface has rekindled debate over this subject.

Disabling SysRq key

The SysRq key can be disabled with the following command:

echo 0 > /proc/sys/kernel/sysrq

To re-enable:

echo 1 > /proc/sys/kernel/sysrq

On newer kernels (exact version unknown), it is possible to have a more fine-grained control.[9] On these machines, the number written to /proc/sys/kernel/sysrq can be zero, one, or a number greater than one which is a bitmap indicating which features to allow.

Possible values are:

  • 0 - disable sysrq
  • 1 - enable sysrq completely
  • >1 - bitmask of enabled sysrq functions:
    • 2 - control of console logging level
    • 4 - control of keyboard (SAK, unraw)
    • 8 - debugging dumps of processes etc.
    • 16 - sync command
    • 32 - remount read-only
    • 64 - signalling of processes (term, kill, oom-kill)
    • 128 - reboot/poweroff
    • 256 - nicing of all RT tasks

See also

References

  • Tony Lawrence (April 13, 2005). "General notes on magic sysrq". A.P. Lawrence website.
  • Tom Gall (April 1, 2000). "Magic sys request". Linux. IBM Developer Works. Archived from the original on May 27, 2007.