系统遭恶意软件攻击,应急清理时误删/usr/trim/目录,导致WebUI完全无法访问。

accountsrv.service loaded active running Accountsrv Service
ai_manager.service loaded active running AI Manager
auditd.service loaded active running Security Auditing Service
auto_thumbnailer.service loaded active running Auto Thumbnailer Service
avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack
avahi.service loaded active running trim avahi service
backup_service.service loaded active running Basic Backup Service(V0.1.0)
cloud_storage_dav.service loaded active running Trim Cloud Storage Dav
containerd.service loaded active running containerd container runtime
cron.service loaded active running Regular background program processing daemon
dbus.service loaded active running D-Bus System Message Bus
dlcenter.service loaded active running trim download center Service
docker.service loaded active running trim docker service
dockermgr.service loaded active running trim docker management service
dsmgr.service loaded active running trim docker stream service
eventlogger_service.service loaded active running event logger service
filestor_service.service loaded active running trim file storage service(RPC API)
finder_service.service loaded active running trim file finder service
getty@tty1.service loaded active running Getty on tty1
imagesrv.service loaded active running Imagesrv Service
iscsimgr_service.service loaded active running iscsi protocol service
libvirtd.service loaded active running Virtualization daemon
mdmonitor.service loaded active running MD array monitor
mediasrv.service loaded active running Mediasrv Service
minidlna.service loaded active running minidlnad
ModemManager.service loaded active running Modem Manager
multiple-downloads.service loaded active running Multiple Downloads Service
network_service.service loaded active running trim network service
NetworkManager.service loaded active running Network Manager
nfs-blkmap.service loaded active running pNFS block layout mapping daemon
nmbd.service loaded active running Samba NetBIOS nameserver (nmbd)
ovs-vswitchd.service loaded active running Open vSwitch Forwarding Unit
ovsdb-server.service loaded active running Open vSwitch Database Unit
polkit.service loaded active running Authorization Manager
postgresql@15-main.service loaded active running PostgreSQL Cluster 15-main
resmon_service.service loaded active running trim resmon service
rpc_broker.service loaded active running trim rpc broker service
rpcbind.service loaded active running RPC bind portmap service
rsyslog.service loaded active running System Logging Service
security_service.service loaded active running trim security service
share_service.service loaded active running share protocol service
smartmontools.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon
smbd.service loaded active running Samba SMB/CIFS daemon (smbd)
smbftpd.service loaded active running smbftpd
ssh.service loaded active running OpenBSD Secure Shell server
sync_server.service loaded active running sync server service
sysdiag.service loaded active running trim sysdiag service
sysinfo_service.service loaded active running trim system info(RPC API)
sysrestore.service loaded active running system restore service
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running User Login Management
systemd-machined.service loaded active running Virtual Machine and Container Registration Service
systemd-timesyncd.service loaded active running Network Time Synchronization
systemd-udevd.service loaded active running Rule-based Manager for Device Events and Files
targetclid.service loaded active running Targetcli daemon
trim_app_center.service loaded active running trim app center service
trim_diskpowerd.service loaded active running trim diskpowerd
trim_file_monitor.service loaded active running trim file monitor service
trim_http_cgi.service loaded active running trim http cgi service
trim_license.service loaded active running Trim License
trim_main.service loaded active running trim main service
trim_sac.service loaded active running Trim System Apps Control
trim_sharelink.service loaded active running trim share link service
trim_tfa.service loaded active running Trim TFA Service
trim_trashbind.service loaded active running trim trash service
trim_upload.service loaded active running trim upload service
upnp.service loaded active running trim avahi service
upower.service loaded active running Daemon for power management
user@1000.service loaded active running User Manager for UID 1000
usersrv.service loaded active running trim user service(RPC API)
webdav.service loaded active running WebDAV Service
winbind.service loaded active running Samba Winbind Daemon
wpa_supplicant.service loaded active running WPA supplicant
wsdd2.service loaded active running WSD/LLMNR Discovery/Name Service Daemon

或许，可以虚拟机装一个同版本的系统下载该目录上传试试

被恶意软件攻击了，怎么着也得重装一下吧。不然总感觉系统已经不干净了。

可以尝试通过 liveupdate再安装一次 trim.

执行下面的操作前确保你数据备份好了，不保证能行也无法保证对系统不会造成更多的伤害

因为liveupdate也在 /usr/trim下，先下载一个

https://download.liveupdate.fnnas.com/x86_64/liveupdate.self/liveupdate.1.0.12.deb

通过 dpkg -i进行安装，然后删掉之前的trim包 apt remove trim,再使用 /usr/trim/bin/liveupdate -u进行“更新”

鉴于你是被恶意程序感染，我建议还是查清楚具体是那个docker，删除掉并重新安装系统，这个恶意程序专门为fnos设计，比如会把木马留到 /sbin/gots，会加一个所谓"AutoStart Service",会通过 /etc/rc.d/rc.local把自己拉起来等等，远控可能还会下发更多的恶意行为，删掉恶意docker然后彻底重装系统稳妥点。