因此,我花了很长时间尝试修复一个systemd可以解除内核锁定的简单服务。经过大量研究和谷歌搜索后,我找不到问题的答案。
我想要的是在运行现有服务之前运行的脚本nbfc.service。我尝试通过创建一个在nbfc.service调用之前调用此脚本的新服务来实现这一点。我的服务文件如下所示/etc/systemd/system/lift-kernel-lockdown.service:
[Unit]
Description=Disable kernel lockdown feature
Before=nbfc.service
[Service]
ExecStart=/opt/lift_kernel_lockdown.sh
Type=oneshot
[Install]
WantedBy=multi-user.target
我编写的脚本如下所示 /opt/lift_kernel_lockdown.sh:
#!/bin/bash -ex
DEFAULT_SYSRQ=$(sysctl -n kernel.sysrq)
sysctl -w kernel.sysrq=1
echo x > /proc/sysrq-trigger
sysctl -w kernel.sysrq=${DEFAULT_SYSRQ}
当我运行以下命令时:
systemctl start lift-kernel-lockdown.service
我得到以下输出:
Job for lift-kernel-lockdown.service failed because the control process exited with error code.
See "systemctl status lift-kernel-lockdown.service" and "journalctl -xe" for details.
此后,我运行以下命令:
systemctl status lift-kernel-lockdown.service
我得到以下输出:
lift-kernel-lockdown.service - Disable kernel lockdown feature
Loaded: loaded (/etc/systemd/system/lift-kernel-lockdown.service; disabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Sat 2019-04-06 23:48:03 CEST; 2min 34s ago
Process: 5459 ExecStart=/opt/lift_kernel_lockdown.sh (code=exited, status=203/EXEC)
Main PID: 5459 (code=exited, status=203/EXEC)
apr 06 23:48:03 davetop systemd[1]: Starting Disable kernel lockdown feature...
apr 06 23:48:03 davetop systemd[5459]: lift-kernel-lockdown.service: Failed to execute command: Permission denied
apr 06 23:48:03 davetop systemd[5459]: lift-kernel-lockdown.service: Failed at step EXEC spawning /opt/lift_kernel_lockdown.sh: Permission denied
apr 06 23:48:03 davetop systemd[1]: lift-kernel-lockdown.service: Main process exited, code=exited, status=203/EXEC
apr 06 23:48:03 davetop systemd[1]: lift-kernel-lockdown.service: Failed with result 'exit-code'.
apr 06 23:48:03 davetop systemd[1]: Failed to start Disable kernel lockdown feature.
当我运行命令时:
journalctl -xe
我得到输出:
wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
_init/<@resource:///org/gnome/shell/ui/keyboard.js:503:13
apr 06 23:48:03 davetop gnome-shell[1495]: JS ERROR: TypeError: this._currentWindow is null
_setCurrentRect@resource:///org/gnome/shell/ui/keyboard.js:536:13
wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
_init/<@resource:///org/gnome/shell/ui/keyboard.js:503:13
apr 06 23:48:03 davetop gnome-shell[1495]: JS ERROR: TypeError: this._currentWindow is null
_setCurrentRect@resource:///org/gnome/shell/ui/keyboard.js:536:13
wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
_init/<@resource:///org/gnome/shell/ui/keyboard.js:503:13
apr 06 23:48:03 davetop polkitd(authority=local)[876]: Operator of unix-session:2 successfully authenticated as unix-user:david to gain TEMPORARY authorization for action org.freedesktop.systemd1.manage-u
apr 06 23:48:03 davetop systemd[1]: Starting Disable kernel lockdown feature...
-- Subject: Unit lift-kernel-lockdown.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit lift-kernel-lockdown.service has begun starting up.
apr 06 23:48:03 davetop systemd[5459]: lift-kernel-lockdown.service: Failed to execute command: Permission denied
apr 06 23:48:03 davetop systemd[5459]: lift-kernel-lockdown.service: Failed at step EXEC spawning /opt/lift_kernel_lockdown.sh: Permission denied
-- Subject: Process /opt/lift_kernel_lockdown.sh could not be executed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- The process /opt/lift_kernel_lockdown.sh could not be executed and failed.
--
-- The error number returned by this process is 13.
apr 06 23:48:03 davetop gnome-shell[1495]: JS ERROR: Exception in callback for signal: activate: Error: Error invoking IBus.set_global_engine_async: Expected function for callback argument callback, got u
setEngine@resource:///org/gnome/shell/misc/ibusManager.js:207:9
wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
activateInputSource@resource:///org/gnome/shell/ui/status/keyboard.js:490:13
wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
_emit@resource:///org/gnome/gjs/modules/signals.js:128:27
activate@resource:///org/gnome/shell/ui/status/keyboard.js:65:9
wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
_inputSourcesChanged@resource:///org/gnome/shell/ui/status/keyboard.js:620:13
wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
reload@resource:///org/gnome/shell/ui/status/keyboard.js:369:9
wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
_ibusSetContentType@resource:///org/gnome/shell/ui/status/keyboard.js:691:9
wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
_emit@resource:///org/gnome/gjs/modules/signals.js:128:27
_setContentType@resource:///org/gnome/shell/misc/ibusManager.js:183:9
wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
apr 06 23:48:03 davetop systemd[1]: lift-kernel-lockdown.service: Main process exited, code=exited, status=203/EXEC
apr 06 23:48:03 davetop systemd[1]: lift-kernel-lockdown.service: Failed with result 'exit-code'.
apr 06 23:48:03 davetop systemd[1]: Failed to start Disable kernel lockdown feature.
-- Subject: Unit lift-kernel-lockdown.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit lift-kernel-lockdown.service has failed.
--
-- The result is RESULT.
apr 06 23:48:03 davetop polkitd(authority=local)[876]: Unregistered Authentication Agent for unix-process:5450:312328 (system bus name :1.439, object path /org/freedesktop/PolicyKit1/AuthenticationAgent,
lines 2683-2736/2736 (END)
我真的不知道下一步该怎么做或者如何解决它,我真的很感谢有这方面知识的人提供的帮助。
答案1
/proc/sysrq-trigger由于限制,写入将无法进行。请按下所连接键盘上的 Alt-Sysrq-x。