How to use Magic System Request Keys in Ubuntu Linux
The magic SysRq keys are key combinations within the Linux kernel that allows the user to perform various low level commands regardless of the system’s state, except during kernel panics or freezes. It is often used to recover from X-Server freezes, or to reboot a computer without corrupting the filesystem.
Restarting Ubuntu safely when it is frozen
If anyone faces a freeze with Ubuntu where you cannot do anything, then this will certainly be helpful if you want to reboot the OS as cleanly as possible without damaging their HDD’s or losing their data.
In case of a freeze where you cannot do anything, simply press Alt+PrintScreen +R+E+I+S+U+B, keep in mind that the underlined keys must be kept pressed through the rest of the sequence AND that you will need to keep holding the sequence keys for a small period of time before going to the next one so that their actions can be carried out properly (For example, hold the R key for about 1-2 seconds before moving on to S). If the sequence does not work at first, then increase the time period between each sequence key press and try again.
If anyone requires a good way of remembering the sequence R+E+I+S+U+B, just remember «Reboot Even If System Utterly Broken».
Raw (take control of keyboard back from X), tErminate (kill -15 programs, allowing them to terminate gracefully), kIll (kill -9 unterminated programs), Sync (flush data to disk), Unmount (remount everything read-only), reBoot.
NOTE:- This keystroke does not work in the event of a kernel freeze as the keystroke sequence depends on the kernel in order to unmount and make the required steps before the restart.
Safely shutting down Ubuntu when it is frozen
The key sequence to achieve this does not differ from the one used to restart Ubuntu safely except for the last key. So here it is as follows:-
Alt+PrintScreen +R+S+E+I+U+O, keep in mind that as in the previous sequence, the underlined keys must be kept pressed through the rest of the sequence AND that you will need to keep holding the sequence keys for a small period of time before going to the next one so that their actions can be carried out properly.
If someone requires a good description on what each keystroke here does, there is not much of a difference from the last one, except(Once again),the final key:-
Raw (take control of keyboard back from X), tErminate (kill -15 programs, allowing them to terminate gracefully), kIll (kill -9 unterminated programs), Sync (flush data to disk), Unmount (remount everything read-only), shutdown.
NOTE:- This keystroke does not work in the event of a kernel freeze as the keystroke sequence depends on the kernel in order to unmount and make the required steps before the shutdown.
Brief descriptions about the keys you can use in magic SysRq sequences
0 — 9 — sets the console log level, controlling which kernel messages will be printed to your console so that you don’t get flooded.
B — restarts the system without making steps to ensure that the conditions are good for a safe reboot, using this key alone is like doing a cold reboot.
E — sends SIGTERM to all processes except init. This means that an attempt is done to end the current processes except init, safely, e.g. saving a document.
F — call oom_kill(Out Of Memory Killer), which will kill a process that is consuming all available memory.
H — displays help about the SysRq keys on a terminal though in actuality you can use any key except for the ones specified, to display help.
I — sends SIGKILL to all processes except init. This means that all the processes except for init are killed, any data in processes that are killed will be lost.
K — kills all processes on the current terminal. It is a bad idea to do this on a console where X is running as the GUI will stop and you can’t see what you type, so you will need to switch to a tty after doing the magic SysRq.
L — sends SIGKILL to all processes, including init. This means that every process including init will be killed, using this key will render your system non-functional and no further magicSysRq keys can be used. So in this case you will have to cold reboot it.
M — dumps memory info to your console.
O — shuts down the system via ACPI or in older systems, APM. As in key «B», using this key alone is like a cold reboot(Or in this case, a cold shutdown).
P — dumps the current registers and flags to your console.
Q — dumps all timers info to your console.
R — takes keyboard and mouse control from the X server. This can be useful if the X-Server crashed, you can change to a console and kill the X-Server or check the error log.
NOTE:- The documentation refers to this key’s task as «Turns off keyboard raw mode and sets it to XLATE», but we suppose it’s safe enough to assume that it takes back control from X.
S — writes all data from the disc cache to the hard-discs, it is a sync and is necessary to reduce the chances of data corruption.
T — dumps a list of current tasks and info to your console.
U — remounts all mounted filesystems read-only. After using this key, you can reboot the system with Alt+SysRq+B without harming the system.
W — dumps uninterruptable (blocked) state tasks.
Controlling the use of SysRq keys
There are some ways of controlling the use of SysRq keys(i.e. what can be used, enabling or disabling them completely), two ways of doing this are:-
1) Configuring the SysRq keys during kernel compilation itself.
There isn’t much here since you can only disable SysRq keys and not actually control or define what you can and can’t use. The option you are looking for is:-
2) Using proc sysrq trigger calls.
This is much more flexible than changing the configuration of the kernel but this has one downside with security which is explained after(since it is very minor). You use the echo command to achieve this for ease but you could also use any normal text editor to achieve this. Now the command is(you will need root permissions):-
echo * > /proc/sys/kernel/sysrqwhere «*» is a number, which can be any one of these:-
0 — disable sysrq keys completely
1 — enable all functions of sysrq
2 — enable control of console logging level
4 — enable control of keyboard (SAK, unraw)
8 — enable debugging dumps of processes etc.
32 — enable remount read-only
64 — enable signalling of processes (term, kill, oom-kill)
128 — allow reboot/poweroff
256 — allow nicing of all RT tasks(control the nice level(priority) of Real Time tasks)
So you can define what SysRq keys can be used, and also define whether they are all on or off.
Now for the «downside». For example you disable SysRq keys when you want to stop people(local) from doing key presses and then shutting down or messing up the PC during an important task. Now with configuring the kernel, you can stop SysRq keys from being used at all from the beginning of the boot process right uptil the end, with calling the proc sysrq triggers however, your option only takes place when it is executed(i.e. after the system has booted up) so there is a certain area of vulnerability with calling the triggers whereas there is no such thing in configuring the kernel, some people are that desperate to secure their systems to care about a few seconds, however do not blame me for it.
Something about the magicSysRq keys is that they can be used in any sequence and in any way to achieve the required objective, for example you can just press Alt+SysRq+B to do something like a cold reboot.
JPvRiel / SysRq magic keys.md
Sometimes part of the issue is that X/Wayland display servers have crashed due to bad graphics drivers and keyboard input isn’t processed anymore, whereby changing to another console, e.g. ctrl + alt + F1 doesn’t work. Since the default disables keyboard control, alt + sysrq + r , can’t help salvage the situation. Hence the suggestion to at least enable system request raw keyboard control when trying to recover a system.
Ubuntu doesn’t enable control of keyboard by default
Ubuntu 16.04 LTS default value:
cat /proc/sys/kernel/sysrq 176
Bit | Bit value | Decimal | Function | Default | Wanted |
---|---|---|---|---|---|
0000 0000 | 0 | disable sysrq completely | |||
1 | 0000 0001 | 1 | enable all functions of sysrq | ||
2 | 0000 0010 | 2 | enable control of console logging level | y | |
3 | 0000 0100 | 4 | enable control of keyboard (SAK, unraw) | y | |
4 | 0000 1000 | 8 | enable debugging dumps of processes etc. | ||
5 | 0001 0000 | 16 | enable sync command | y | |
6 | 0010 0000 | 32 | enable remount read-only | y | |
7 | 0100 0000 | 64 | enable signalling of processes (term, kill, oom-kill) | y | |
8 | 1000 0000 | 128 | allow reboot/poweroff | y | |
9 | 0001 0000 0000 | 256 | allow nicing of all RT tasks |
176 default decoded = 1011 0000 = 128 + 32 + 16. Notice 3rd bit (decimal 4) isn’t included.
The default was set via /etc/sysctl.d/10-magic-sysrq.conf
Note, some functions like being able to dump memory to a console ( m sysrq key) could expose sensitive data, so it’s a low-risk local access issue.
Validate sysrq key is operational
Swith to a console, login and try invoke sysreq help via alt + sysrq 8 and then alt + sysrq + h . Something like SysRq: HELP should emit to the console if it’s working.
Run showkey -k while attempting the sysreq.
Remove gnome alt + printscreen shortcut
Gnome shell uses this shorcut to take a screenshot of the currently active window and save it to a PNG file in pictures. Rather remap or disble this shortcut to avoid conflicts with SysRq, given alt + printscreen is the
Override and enable keyboard control ( r sysrq key)
I chose to have some extra features enabled:
sudo bash -c "echo 'kernel.sysrq = 246' > /etc/sysctl.d/98-magic-sysrq-cust.conf"
246 = 11110110 which added keyboard control, signalling and debugging dumps.
The sysrq key is typically mapped to the print-screen key and alt + sysrq (print-screen) should invoke it. One alt + sysrq is pressed in combination, they can be released before pressing the system command key that follows.
When pressing the r e i s u b keys, take a fair time to pause between the e and i to allow all processes time to gracefully exit where possible:
- r : Turns off keyboard raw mode and sets it to XLATE.
- e : Send a SIGTERM to all processes, except for init.
- i : Send a SIGKILL to all processes, except for init.
- s : Will attempt to sync all mounted filesystems.
- u : Will attempt to remount all mounted filesystems read-only.
- b : Will immediately reboot the system without syncing or unmounting your disks.
«Reboot Even If System Utterly Broken» («BUSIER» backwards).
Recovery alternatives to the full r e i u s b sequence
If after requesting raw access via r doesn’t seem to allow switching consoles, as per kernel docs, k might help:
useful when you want to exit a program that will not let you switch consoles. (For example, X or a svgalib program.)
Secure Access Key (SAK) Kills all programs on the current virtual console.
Another key to try if X/Wayland/GPU drivers have caused a non-responsive is v :
Forcefully restores framebuffer console.
In some cases a full reboot via r e i s u b might be unnecessary if alt + sysrq and r allows switching and logging into another console (e.g. ctrl + alt + F1 ). Commands can be run to kill and restart display managers or use systemd to try reboot instead of sending SIGTERM to every process at once.
Sets the console log level, controlling which kernel messages will be printed to your console. ( 0 , for example would make it so that only emergency messages like PANICs or OOPSes would make it to your console.)
alt + sysrq and 8 was recommend because many distros boot in quiet mode not showing kernel console output.