busctl 命令使用介绍
1. 背景
目前openUBMC组件基于D-Bus开发,所有的进程间公共资源在D-Bus中进行管理。对组件而言,使用预定义的资源树进行解耦,降低组件间依赖。busctl是systemd提供的一个D-Bus操作工具,可以用来帮助我们直接对每个组件的属性、方法进行操作,以此观察组件的业务功能是否正常。
相关资料:
- busctl中文手册:http://www.jinbuguo.com/systemd/busctl.html
- openUBMC通信机制(sdbus)
- D-Bus说明书:https://dbus.freedesktop.org/doc/dbus-specification.html
- dbus-python指导:https://dbus.freedesktop.org/doc/dbus-python/tutorial.html
- D-Bus入门指导:https://thebigdoc.readthedocs.io/en/latest/dbus/dbus.html
2. 概念介绍
- D-Bus:一种协议,实现了进程间通信的两种方式(RPC、发布/订阅),我们使用的是其中一种实现sdbus。
- 总线:一种应用于进程间通信的机制。一般有两个总线,分别为系统总线和会话总线,前者由系统与后台进程使用,后者由普通进程创建,用于进程间传递消息与远程调用。我们使用会话总线(busctl需要使用
--user参数)。 - 服务:每个进程提供的对象合集,标识一个D-Bus连接。
- 对象:看起来像一个Linux路径,每个对象路径提供不同的接口。
- 接口:通过接口挂载一组方法和属性。
- 方法:具体实现业务逻辑的方法,例如新建用户。
- 属性:标识一个属性值,可以设置为只读或者读写。
- 签名:对应方法和属性的参数类型。
3. 环境准备
busctl命令运行需要依赖环境的D-Bus运行,涉及两个环境变量需要设置:
# 在环境上执行如下命令
source /etc/profile
# 或者也可以只执行如下环境变量的预置
export $(cat /dev/shm/dbus/.dbus)
# 环境变量类似这样:
# DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-WaRKgV2RBe,guid=627192aff1f4bf50b871be0562272a36
# DBUS_SESSION_BUS_PID=1719D-Bus运行的情况可以使用ps命令查看。
4. 命令介绍
整体命令包括查询信息、设置属性、调用方法几类。根据相关签名,可以构造对应数据,涉及数组类型数据的,参数传递时,第一个参数是数组长度n,后续n个参数是对应的数组内容,其中byte数组对应的是对应的int数值。
4.1 查看服务提供的所有对象资源路径
busctl --user tree4.2 查看对象资源的方法和属性
busctl --user introspect bmc.kepler.iam /bmc/kepler/AccountService/Accounts/2
busctl --user introspect bmc.kepler.iam /bmc/kepler/SessionService/Sessions4.3 设置对象属性
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService/Accounts/3 bmc.kepler.AccountService.ManagerAccount UserName s test33334.4 获取对象属性
busctl --user get-property bmc.kepler.iam /bmc/kepler/AccountService/Accounts/2 bmc.kepler.AccountService.ManagerAccount UserName4.5 方法调用示例
# 新建账户
busctl --user call bmc.kepler.iam /bmc/kepler/AccountService/Accounts bmc.kepler.AccountService.ManagerAccounts New a{sv}ysayyay 3 Interface s Web UserName s Administrator ClientAddr s 127.0.0.1 7 test7 11 65 100 109 105 110 64 57 48 48 48 48 4 1 2
# 新建会话
busctl --user call bmc.kepler.iam /bmc/kepler/SessionService/Sessions bmc.kepler.SessionService.Sessions NewSession a{ss}sayyssy 0 Administrator 11 65 100 109 105 110 64 57 48 48 48 48 0 LocaliBMC 192.168.1.1 0
# 时区设置
busctl --user set-property bmc.kepler.bmc_time /bmc/kepler/Managers/1 bmc.kepler.Managers.Time TimeZoneName s -- "-11:59"
# 网络IP设置
busctl --user call bmc.kepler.bmc_network /bmc/kepler/bmc_network bmc.kepler.bmc_network SetIpMaskGateway sss <ip> 255.255.252.0 xx.xx.16.15. 签名类型
签名的参数对应GVariant定义,参考:https://www.freedesktop.org/software/gstreamer-sdk/data/docs/latest/glib/glib-GVariant.html#GVariant
新建账户
busctl --user call bmc.kepler.iam /bmc/kepler/AccountService/Accounts bmc.kepler.AccountService.ManagerAccounts New a{sv}ysayyay 3 Interface s Web UserName s Administrator ClientAddr s 127.0.0.1 7 test7 11 65 100 109 105 110 64 57 48 48 48 48 4 1 2
新建会话
busctl --user call bmc.kepler.iam /bmc/kepler/SessionService/Sessions bmc.kepler.SessionService.Sessions NewSession a{ss}sayyssy 0 Administrator 11 65 100 109 105 110 64 57 48 48 48 48 0 LocaliBMC 192.168.1.1 0
时区设置
busctl --user set-property bmc.kepler.bmc_time /bmc/kepler/Managers/1 bmc.kepler.Managers.Time TimeZoneName s -- "-11:59"
网络ip设置
busctl --user call bmc.kepler.bmc_network /bmc/kepler/bmc_network bmc.kepler.bmc_network SetIpMaskGateway sss <ip> 255.255.252.0 xx.xx.16.1签名类型
签名的参数对应gvariant定义https://www.freedesktop.org/software/gstreamer-sdk/data/docs/latest/glib/glib-GVariant.html#GVariant
typedef enum {
G_VARIANT_CLASS_BOOLEAN = 'b',
G_VARIANT_CLASS_BYTE = 'y',
G_VARIANT_CLASS_INT16 = 'n',
G_VARIANT_CLASS_UINT16 = 'q',
G_VARIANT_CLASS_INT32 = 'i',
G_VARIANT_CLASS_UINT32 = 'u',
G_VARIANT_CLASS_INT64 = 'x',
G_VARIANT_CLASS_UINT64 = 't',
G_VARIANT_CLASS_HANDLE = 'h',
G_VARIANT_CLASS_DOUBLE = 'd',
G_VARIANT_CLASS_STRING = 's',
G_VARIANT_CLASS_OBJECT_PATH = 'o',
G_VARIANT_CLASS_SIGNATURE = 'g',
G_VARIANT_CLASS_VARIANT = 'v',
G_VARIANT_CLASS_MAYBE = 'm',
G_VARIANT_CLASS_ARRAY = 'a',
G_VARIANT_CLASS_TUPLE = '(',
G_VARIANT_CLASS_DICT_ENTRY = '{'
} GVariantClass;GVariant类型的取值范围:
| 类型 | 说明 |
|---|---|
G_VARIANT_CLASS_BOOLEAN | The GVariant is a boolean. |
G_VARIANT_CLASS_BYTE | The GVariant is a byte. |
G_VARIANT_CLASS_INT16 | The GVariant is a signed 16 bit integer. |
G_VARIANT_CLASS_UINT16 | The GVariant is an unsigned 16 bit integer. |
G_VARIANT_CLASS_INT32 | The GVariant is a signed 32 bit integer. |
G_VARIANT_CLASS_UINT32 | The GVariant is an unsigned 32 bit integer. |
G_VARIANT_CLASS_INT64 | The GVariant is a signed 64 bit integer. |
G_VARIANT_CLASS_UINT64 | The GVariant is an unsigned 64 bit integer. |
G_VARIANT_CLASS_HANDLE | The GVariant is a file handle index. |
G_VARIANT_CLASS_DOUBLE | The GVariant is a double precision floating point value. |
G_VARIANT_CLASS_STRING | The GVariant is a normal string. |
G_VARIANT_CLASS_OBJECT_PATH | The GVariant is a D-Bus object path string. |
G_VARIANT_CLASS_SIGNATURE | The GVariant is a D-Bus signature string. |
G_VARIANT_CLASS_VARIANT | The GVariant is a variant. |
G_VARIANT_CLASS_MAYBE | The GVariant is a maybe-typed value. |
G_VARIANT_CLASS_ARRAY | The GVariant is an array. |
G_VARIANT_CLASS_TUPLE | The GVariant is a tuple. |
G_VARIANT_CLASS_DICT_ENTRY | The GVariant is a dictionary entry. |
6. 常用命令示例
6.1 Trust组件命令
查看证书服务资源信息
busctl --user introspect bmc.kepler.trust /bmc/kepler/CertificateService导入CA证书
busctl --user call bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService ImportCert a{ss}issu 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 0 URI /tmp/ca.crt 0
busctl --user call bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService ImportCert a{ss}issu 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 0 text ./redfish/test/integration/.test_temp_data/RootCA.crt 0查看CA证书
busctl --user introspect bmc.kepler.trust /bmc/kepler/Managers/1/Certificates/1
busctl --user get-property bmc.kepler.trust /bmc/kepler/Managers/1/Certificates/1 bmc.kepler.CertificateService.Certificate Subject查看SSL证书
busctl --user introspect bmc.kepler.trust /bmc/kepler/Managers/1/NetworkProtocol/HTTPS/Certificates/1
busctl --user get-property bmc.kepler.trust /bmc/kepler/Managers/1/NetworkProtocol/HTTPS/Certificates/1 bmc.kepler.CertificateService.Certificate Subject导入带私钥的SSL证书
busctl --user call bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService ImportCertWithKey a{ss}sss 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 URI /tmp/cert.p12 123456
busctl --user call bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService ImportCertWithKey a{ss}sss 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 URI "https://75.255.11.115:18082/openssl3/v5/server_chain.p12" 123456注意: 有时需要重设BMC时间,否则证书因时间不正确无法导入:
date -s "2023-05-30 00:00:00"开始生成CSR
busctl --user call bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService StartGenerateCSR a{ss}ssssss 0 CN '' '' '' '' HW检查生成CSR的状态
查看CSR任务即可:
busctl --user introspect bmc.kepler.trust /bmc/kepler/CertificateService/TaskService/Tasks/导入CSR签名的证书
busctl --user call bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService ImportCert a{ss}issu 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 1 /tmp/ssl.cert 0获取证书链信息
busctl --user call bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService GetCertChainInfo a{ss}iu 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 0 4导出证书私钥到FIFO管道
busctl --user call bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService ExportCertKeyByFIFO a{ss}i 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 1导入吊销列表
busctl --user call bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService ImportCRL a{ss}ssu 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 URI /tmp/test.crl 0删除吊销列表
busctl --user call bmc.kepler.trust /bmc/kepler/Managers/1/Certificates/1 bmc.kepler.CertificateService.Certificate DeleteCRL a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1加密套件相关
查看加密套件方法:
busctl --user introspect bmc.kepler.trust /bmc/kepler/Managers/1/Security/TlsConfig/CipherSuits查看具体某个加密套件属性:
busctl --user introspect bmc.kepler.trust /bmc/kepler/Managers/1/Security/TlsConfig/CipherSuits/2修改加密套件:
busctl --user call bmc.kepler.trust /bmc/kepler/Managers/1/Security/TlsConfig/CipherSuits bmc.kepler.Managers.Security.TlsConfig.CipherSuits SetSslCipherSuit a{ss}aiab 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 2 1 2 2 1 0获取证书路径
busctl --user call bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService GetCertPath a{ss}i 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 0设置SSL证书生成算法
busctl --user set-property bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService SSLCertAlgorithm y 1修改证书过期告警时间
busctl --user set-property bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService CertOverdueWarnDays u 89设置默认证书名称
busctl --user call bmc.kepler.trust /bmc/kepler/CertificateService bmc.kepler.CertificateService SetDefaultSSLCertSubject a{ss}sss 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 CN 'Huawei IT Product CA' Huawei查看用户ID为2的信息
busctl --user introspect bmc.kepler.iam /bmc/kepler/AccountService/Accounts/2查看会话基本属性信息
busctl --user introspect bmc.kepler.iam /bmc/kepler/SessionService查看账户基本属性信息
busctl --user introspect bmc.kepler.iam /bmc/kepler/AccountService设置用户ID为2的用户提示修改首次登录密码
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService/Accounts/2 bmc.kepler.AccountService.ManagerAccount FirstLoginPolicy y 1
busctl --user get-property bmc.kepler.iam /bmc/kepler/AccountService/Accounts/2 bmc.kepler.AccountService.ManagerAccount FirstLoginPolicy设置用户ID为2的用户强制修改首次登录密码
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService/Accounts/2 bmc.kepler.AccountService.ManagerAccount FirstLoginPolicy y 2关闭所有用户的首次登录提示(暂不适用)
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService bmc.kepler.AccountService.Security InitialPasswordPromptEnable b 0打开所有用户的首次登录提示(暂不适用)
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService bmc.kepler.AccountService.Security InitialPasswordPromptEnable b 1设置用户名
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService/Accounts/3 bmc.kepler.AccountService.ManagerAccount UserName s a设置锁定次数
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService bmc.kepler.AccountService.Security AccountLockoutThreshold i 4
busctl --user get-property bmc.kepler.iam /bmc/kepler/AccountService bmc.kepler.AccountService.Security AccountLockoutThreshold会话超时设置
busctl --user set-property bmc.kepler.iam /bmc/kepler/SessionService/GUI bmc.kepler.SessionService SessionTimeout u 300
busctl --user get-property bmc.kepler.iam /bmc/kepler/SessionService/GUI bmc.kepler.SessionService SessionTimeout设置逃生用户
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService bmc.kepler.AccountService.Security EmergencyLoginAccountId y 9查询会话列表
busctl --user tree bmc.kepler.iam其中,/bmc/kepler/SessionService/Sessions下面展示了所有的会话信息。
新建用户
busctl --user call bmc.kepler.iam /bmc/kepler/AccountService/Accounts bmc.kepler.AccountService.ManagerAccounts New a{ss}ysayyay 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 5 dzTJZkOsQL 14 65 56 100 50 109 105 110 64 104 119 49 50 35 36 4 7 64 8 16 4 1 128 2设置用户角色
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService/Accounts/7 bmc.kepler.AccountService.ManagerAccount RoleId y 4删除会话
busctl --user call bmc.kepler.iam /bmc/kepler/SessionService/Sessions/{id} bmc.kepler.SessionService.Session SessionDelete a{ss}y 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 0设置密码
busctl --user call bmc.kepler.iam /bmc/kepler/AccountService/Accounts/2 bmc.kepler.AccountService.ManagerAccount ChangePwd a{ss}ay 3 Interface Web UserName Administrator ClientAddr 127.0.0.1 xx xx xx xx xx xx xx xx xx xx xx xx设置LDAP的UserDomain
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService/LDAP/LDAPController/1 bmc.kepler.AccountService.LDAP.LDAPController UserDomain s "CN=test,DC=huawei,DC=com"
busctl --user introspect bmc.kepler.iam /bmc/kepler/AccountService/LDAP/LDAPController/1 bmc.kepler.AccountService.ManagerAccount RoleId y 4SNMP相关
设置长团体名使能(读写团体名使能RwCommunityEnabled):
busctl --user set-property bmc.kepler.iam /bmc/kepler/Managers/1/SnmpService/SnmpCommunity bmc.kepler.Managers.SnmpService.SnmpCommunity LongCommunityEnabled b false查询长团体名使能:
busctl --user get-property bmc.kepler.iam /bmc/kepler/Managers/1/SnmpService/SnmpCommunity bmc.kepler.Managers.SnmpService.SnmpCommunity LongCommunityEnabled获取团体名:
busctl --user call bmc.kepler.iam /bmc/kepler/Managers/1/SnmpService/SnmpCommunity bmc.kepler.Managers.SnmpService.SnmpCommunity GetSnmpCommunity a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1设置团体名:
busctl --user call bmc.kepler.iam /bmc/kepler/Managers/1/SnmpService/SnmpCommunity bmc.kepler.Managers.SnmpService.SnmpCommunity SetRoCommunity a{ss}s 3 Interface Busctl UserName Administrator ClientAddr 127.1.2.1 xxxxxx设置SNMP登录规则:
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService/Accounts/20 bmc.kepler.AccountService.ManagerAccount LoginRuleIds as 1 Rule2设置登录规则使能:
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService/Rules/2 bmc.kepler.AccountService.Rule Enabled b 1
busctl --user set-property bmc.kepler.iam /bmc/kepler/AccountService/Rules/2 bmc.kepler.AccountService.Rule IpRule s 12.12.12.12校验登录规则:
busctl --user call bmc.kepler.iam /bmc/kepler/AccountService/Authorization bmc.kepler.AccountService.Authorization LoginRuleCheck a{ss}s 3 Interface Busctl UserName Administrator ClientAddr 127.1.2.1 <snmp_community>6.3 其他组件命令
升级相关
获取升级状态:
busctl --user call bmc.kepler.firmware_mgmt /bmc/kepler/UpdateService bmc.kepler.UpdateService GetUpgradeStatus a{ss}u 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 1开始升级(最后一个参数是文件路径):
busctl --user call bmc.kepler.firmware_mgmt /bmc/kepler/UpdateService bmc.kepler.UpdateService StartUpgrade a{ss}is 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 1 /tmp/openUBMC.hpmAC重启:
busctl --user call bmc.kepler.fructrl /bmc/kepler/Systems/1/FruCtrl/FruCtrl_1_0_0004 bmc.kepler.Systems.FruCtrl PowerCtrl a{ss}ss 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 ACCycle Unknown强制复位BMC:
busctl --user call bmc.kepler.maca /bmc/kepler/MacaService bmc.kepler.SystemControl ForceReset a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1将串口切换到BMC:
系统默认会将串口切换到OS侧,升级后可通过以下命令将串口切换到BMC,一键设置,永久有效:
busctl --user call bmc.kepler.bmc_soc /bmc/kepler/Managers/1/SerialManagement/SerialManagement_1_00 bmc.kepler.Managers.SerialManagement SetConnectStatus a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1soctrl组件
导入伙伴根hash:
busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot ImportCustomCertificateHash a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1导出伙伴根hash:
# PKCS格式
busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot ExportCustomCertificateHash a{ss}i 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 0
# PSS格式
busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot ExportCustomCertificateHash a{ss}i 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 1禁用安全启动校验:
busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot DisableBootVerification a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1导出维修凭证:
busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot ExportRepairCredentials a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1导入维修凭据:
busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot ImportRepairCredentials a{ss}ay 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 0FileTransfer组件
下载文件:
busctl --user call bmc.kepler.file_transfer /bmc/kepler/Managers/1/FileTransfer bmc.kepler.Managers.FileTransfer StartTransfer a{ss}ssuuuu 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 https://127.0.0.1:8443/data/trust/cert/ca/7a31456c.0 file:///tmp/test.crt 100000 1000 10000 384查看FileTransfer服务资源:
busctl --user tree bmc.kepler.file_transfer
busctl --user introspect bmc.kepler.file_transfer /bmc/kepler/Managers/1/FileTransfer/Tasks/0禁用证书校验:
busctl --user set-property bmc.kepler.file_transfer /bmc/kepler/Managers/1/FileTransfer bmc.kepler.Managers.FileTransfer HttpsTransferCertVerification b falsemaca组件
设置日志级别:
busctl --user set-property bmc.kepler.maca /bmc/kepler/maca/MicroComponent bmc.kepler.MicroComponent.Debug DlogLevel s info升级
获取升级状态 busctl --user call bmc.kepler.firmware_mgmt /bmc/kepler/UpdateService bmc.kepler.UpdateService GetUpgradeStatus a{ss}u 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 1
开始升级,最后一个参数是文件路径 busctl --user call bmc.kepler.firmware_mgmt /bmc/kepler/UpdateService bmc.kepler.UpdateService StartUpgrade a{ss}is 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 1 /tmp/openUBMC.hpm
AC重启 busctl --user call bmc.kepler.fructrl /bmc/kepler/Systems/1/FruCtrl/FruCtrl_1_0_0004 bmc.kepler.Systems.FruCtrl PowerCtrl a{ss}ss 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 ACCycle Unknown
强制复位BMC busctl --user call bmc.kepler.maca /bmc/kepler/MacaService bmc.kepler.SystemControl ForceReset a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1
系统默认会将串口切换到OS侧,大家升级后可通过命令 busctl --user call bmc.kepler.bmc_soc /bmc/kepler/Managers/1/SerialManagement/SerialManagement_1_00 bmc.kepler.Managers.SerialManagement SetConnectStatus a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 将串口切换到BMC,一键设置,永久有效
soctrl
导入伙伴根hash busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot ImportCustomCertificateHash a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1
导出伙伴根hash busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot ExportCustomCertificateHash a{ss}i 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 0 -- pkcs busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot ExportCustomCertificateHash a{ss}i 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 1 -- pss
禁用安全启动校验 busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot DisableBootVerification a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1
导出维修凭证 busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot ExportRepairCredentials a{ss} 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1
导入维修凭据 busctl --user call bmc.kepler.soctrl /bmc/kepler/Managers/1/SOC/SecureCore bmc.kepler.Managers.SOC.SecureCore.SecureBoot ImportRepairCredentials a{ss}ay 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 0
FileTransfer
下载文件 busctl --user call bmc.kepler.file_transfer /bmc/kepler/Managers/1/FileTransfer bmc.kepler.Managers.FileTransfer StartTransfer a{ss}ssuuuu 3 Interface Busctl UserName Administrator ClientAddr 127.0.0.1 https://127.0.0.1:8443/data/trust/cert/ca/7a31456c.0 file:///tmp/test.crt 100000 1000 10000 384
busctl --user tree bmc.kepler.file_transfer
busctl --user introspect bmc.kepler.file_transfer /bmc/kepler/Managers/1/FileTransfer/Tasks/0
禁用证书校验 busctl --user set-property bmc.kepler.file_transfer /bmc/kepler/Managers/1/FileTransfer bmc.kepler.Managers.FileTransfer HttpsTransferCertVerification b false
maca
设置日志级别 busctl --user set-property bmc.kepler.maca /bmc/kepler/maca/MicroComponent bmc.kepler.MicroComponent.Debug DlogLevel s info