Subscribe

Escape from 'systemshell'

I have a perfstat collection which is tying up my regular SSH/telnet console.

 

I'm attempting to connect via the SP, but when I connected to the 'system console'  none of the regular commands were working, and I noticed the shell was suffixed with '%'.  Turns out I was logged into the system shell and one of my colleagues had left it logged in.

 

I exited from that, and to verify that the system shell was the cause of my unrecognised command problem, I up-arrowed until I saw the 'systemshell' command, I then stupidly pressed enter which brought me to the 'systemshell' login prompt.

 

My colleague is unavailable, we do not have the diag user password, I cannot reset the password as the regular console session is in use and will be for the forseeable future.  How can I escape the login prompt?

Re: Escape from 'systemshell'

Try pressing Ctrl-D.

Re: Escape from 'systemshell'

I've tried every escape character I can think of.  Ctrl D logs me out of the ONTAP console and puts me back on the SP, when I log back into ONTP, I see the login prompt for the systemshell.

Re: Escape from 'systemshell'

Then try to use batch mode ssh to reset password:

 

ssh filer "priv set advanced; useradmin diaguser password"

Re: Escape from 'systemshell'

As Aborzenkov suggested, reset paaword though batch or interactive SSH session, get successful login to systemshell, and exit again.

https://kb.netapp.com/support/index?page=content&id=1014503

After your colleague come back reset password again as before.

Re: Escape from 'systemshell'

I'll give it a try, thanks.

Re: Escape from 'systemshell'

[ Edited ]

 

 

 

Re: Escape from 'systemshell'

[ Edited ]
 
If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Re: Escape from 'systemshell'

He cannot enter systemshell because he does not know password ...

Re: Escape from 'systemshell'

I had this issue and was just successful in releasing the systemshell session.  

 

I logged into the system via the sp and then did a "system console" to get access to the system.  Unlocking and setting the password to diag user via the advanced privileged commands were done so that I could access the systemshell.

 

Here is a copy of my log, I will explain what I did under the output:


fas01*> systemshell

Data ONTAP/amd64 (fas01) (pts/1)

login: diag
Password:
Last login: Wed Jul 19 16:01:25 from localhost


WARNING:  The system shell provides access to low-level
diagnostic tools that can cause irreparable damage to
the system if not used properly.  Use this environment
only when directed to do so by support personnel.

fas01% ps -ef
  PID  TT  STAT      TIME COMMAND
83586   1  S      0:00.01 USER=diag LOGNAME=diag HOME=/var/home/diag SHELL=/bin
83591   1  R+     0:00.00 USER=diag LOGNAME=diag HOME=/var/home/diag SHELL=/bin
fas01% sudo ps -ef
  PID  TT  STAT      TIME COMMAND
 3474 rlm  Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
 3472 con  Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
 3473 sp.  Ss+    0:20.00 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0  Is+    0:00.01 TERM=xterm login
83585   1  Ss     0:00.01 TERM=xterm login [pam] (login)
83592   1  R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% sudo ps -ef
  PID  TT  STAT      TIME COMMAND
 3474 rlm  Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
 3472 con  Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
 3473 sp.  Ss+    0:20.09 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0  Is+    0:00.01 TERM=xterm login
83585   1  Is     0:00.01 TERM=xterm login [pam] (login)
83593   1  R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% exit
logout
fas01*> systemshell

Data ONTAP/amd64 (fas01) (pts/1)

login: diag
Password:

Last login: Wed Jul 19 17:04:03 from localhost


WARNING:  The system shell provides access to low-level
diagnostic tools that can cause irreparable damage to
the system if not used properly.  Use this environment
only when directed to do so by support personnel.

fas01% sudo ps -ef
  PID  TT  STAT      TIME COMMAND
 3474 rlm  Is+    0:00.00 TERM=vt100 login /dev/console (ontaplogin)
 3472 con  Is+    0:00.01 TERM=vt100 login /dev/cuacons.auth (ontaplogin)
 3473 sp.  Ss+    0:20.33 TERM=vt100 login /dev/cuasp.auth (ontaplogin)
82943   0  Is+    0:00.01 TERM=xterm login
83602   1  Ss     0:00.01 TERM=xterm login [pam] (login)
83608   1  R+     0:00.00 HOME=/var/home/diag MAIL=/var/mail/diag PATH=/sbin:/b
fas01% sudo kill -9 82943
fas01%


I logged into the system shell and ran a "ps -ef" and was only able to see current session.

Next I ran a "sudo ps -ef" to see all processes running.

I ran the "sudo ps -ef" a couple times to see if any changes presented itself and what stayed.

The TT column showed "rlm", "con", and "sp."  I felt that it would not be any of these sessions.  So I ignored them.

I was interested in PID 82943 and 83585.  At this point I logged out of the systemshell and logged back in.

Again seeing that PID 82943 was still there, I attempted to kill the process.

Killing the process was unsuccessful as myself (obviously), so I performed the "sudo kill -9 82943".

I then attempted to log in via SSH to the system and was successful for the first time in hours.


I hope this helps someone else.