[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20110621203720.GB16021@Chamillionaire.breakpoint.cc>
Date: Tue, 21 Jun 2011 22:37:20 +0200
From: Florian Westphal <fw@...len.de>
To: Randy Dunlap <rdunlap@...otime.net>
Cc: Prarit Bhargava <prarit@...hat.com>, netdev@...r.kernel.org,
davem@...emloft.net, agospoda@...hat.com, nhorman@...hat.com,
lwoodman@...hat.com
Subject: Re: [PATCH]: Add Network Sysrq Support
Randy Dunlap <rdunlap@...otime.net> wrote:
> > diff --git a/Documentation/networking/sysrq-ping.txt b/Documentation/networking/sysrq-ping.txt
> > new file mode 100644
> > index 0000000..efa8be3
> > --- /dev/null
> > +++ b/Documentation/networking/sysrq-ping.txt
> > @@ -0,0 +1,26 @@
> > +In some circumstances, a system can hang/lockup in such a way that the system
> > +is completely unresponsive to keyboard or console input but is still
> > +responsive to ping. The config option, CONFIG_SYSRQ_PING, builds
> > +net/ipv4/sysrq-ping.ko which allows a root user to configure the system for a
>
> or it can be built-in the kernel image... (i.e., not a loadable module)
>
> > +remote sysrq.
> > +
> > +To use this do:
> > +
> > +mount -t debugfs none /sys/kernel/debug/
> > +echo 1 > /proc/sys/kernel/sysrq
> > +echo <hex digit val> > /sys/kernel/debug/network_sysrq_magic
> > +echo 1 > /sys/kernel/debug/network_sysrq_enable
>
> so all of this (insecure) stuff has to be done before you suspect that
> you need it .. in case the local keyboard/console is dead.
There is an xt_SYSREQ module in xtables-addons package (i.e., a
netfilter target), it supports hashed passwords and has some sequence
number scheme to avoid replays.
I think it would make more sense to merge that upstream, simply because
it seems to be a bit more advanced...
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists