m (Lff moved page Systemd early debug shell to Systemd early debug-shell: espouse "debug-shell" , eschew "debug shell") |
(/etc/grub.d/12_menu_auto_hide) |
||
(8 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
= | = enable debug-shell for Ctrl-Alt-F9 = | ||
In case of e.g. boot-time problems with '''systemd''', it is useful to have as root a debug-shell available. | In case of e.g. boot-time problems with '''systemd''', it is useful to have as root a debug-shell early available. | ||
'''CTRL+ALT+F9''' will immediately switch to the debug-shell ("bash") without prompting for the password, saving precious time. | '''CTRL+ALT+F9''' will immediately switch to the debug-shell ("bash") without prompting for the password, saving precious time. | ||
{{admon/warning|This debug-shell requires no authentication and provides root privileges to anyone who has '''physical access''' to the machine hitting '''CTRL+ALT+F9''' keys. Hence, turn | {{admon/warning|This debug-shell requires no authentication and provides root privileges to anyone who has '''physical access''' to the machine hitting '''CTRL+ALT+F9''' keys. Hence, turn it on only as needed and disable it afterwards.}} | ||
* Enable using <code>systemctl enable debug-shell</code> | * Enable using <code>systemctl enable debug-shell</code> | ||
Line 17: | Line 17: | ||
'''debug rescue emergency 1 ''' | '''debug rescue emergency 1 ''' | ||
or a combination of those for example. Those will limit the processes being launched by '''systemd'''. | or a combination of those for example. Those will limit the processes being launched by '''systemd'''. | ||
* To enable the debug-shell on a legacy-BIOS based PC with '''grub2''' for every boot henceforth, type in '''bash''': | |||
grubby --args=systemd.debug-shell --update-kernel=ALL | |||
and when done debugging, | |||
grubby --remove-args=systemd.debug-shell --update-kernel=ALL | |||
to disable it via [[GRUB_2]] for better security. | |||
* '''sudo grub2-editenv - unset menu_auto_hide''' will make the grub2 menu permanently visible via '''/etc/grub.d/12_menu_auto_hide''' if pressing the SHIFT or ESC key during boot for visibility once is not enough. | |||
{{admon/warning|Use | {{admon/warning|Use the debug-shell only while actually debugging!|Do not forget to disable '''debug-shell.service''' after you've finished debugging your boot problems. Leaving the root debug-shell always available would be a security risk since anybody in presence could just press '''Ctrl+Alt+F9''' to obtain root privilege.}} |
Latest revision as of 08:47, 4 June 2021
enable debug-shell for Ctrl-Alt-F9
In case of e.g. boot-time problems with systemd, it is useful to have as root a debug-shell early available. CTRL+ALT+F9 will immediately switch to the debug-shell ("bash") without prompting for the password, saving precious time.
- Enable using
systemctl enable debug-shell
- Next time after booting, you will be able to switch to tty9 by pressing the 3 key combo CTRL+ALT+F9 and have a bash debug-shell available from an early stage in the booting process.
Use the debug-shell e.g. for checking the status of services, reading logs, looking for stuck jobs with systemctl list-jobs
, htop , killall etc..
- When done, disable with
systemctl disable debug-shell
to keep others from obtaining passwordless root access. - You may also want to consider alternative troubleshooting techniques available as kernel parameters. Edit e.g. GRUB2 vmlinuz line, adding
debug rescue emergency 1
or a combination of those for example. Those will limit the processes being launched by systemd.
- To enable the debug-shell on a legacy-BIOS based PC with grub2 for every boot henceforth, type in bash:
grubby --args=systemd.debug-shell --update-kernel=ALL
and when done debugging,
grubby --remove-args=systemd.debug-shell --update-kernel=ALL
to disable it via GRUB_2 for better security.
- sudo grub2-editenv - unset menu_auto_hide will make the grub2 menu permanently visible via /etc/grub.d/12_menu_auto_hide if pressing the SHIFT or ESC key during boot for visibility once is not enough.