On Wed, 25.02.15 18:05, Ali AlipourR (alipoor90(a)gmail.com) wrote:
>> Why sysrq is limited to only "sync" command on
official fedora kernel?
>
> The kernel itself isn't limited. It's just set that way in
> /usr/lib/sysctl.d/50-default.conf which is provided by systemd. You
> can edit that file, create your own in /etc/sysctrl.d/, or (as root)
> set it to whatever you would like via /proc/sys/kernel/sysrq.
Of course it can be changed at runtime, but I mean why official fedora
kernel shouldn't be configured to allow all (or at least a wider
subset) of sysrq commands by default?
We generally default "secure". The thing is that with sysrq you can
kill arbitrary processes if you have acecss to the console, and other
things, and that's just too security sensitive.
This way official fedora live CDs are unsuitable for system recovery
tasks; you have to change sysrq value every time you use live CDs or
build your own live CD.
I figure for livecds it would be fine to override this.
Lennart
--
Lennart Poettering, Red Hat