使用ext3grep恢復ext3上刪除的文件zz

原創 火箭 2020-02-23 05:52

自己找了軟件做了一次實戰操作,基本可以保證穩定恢復。
測試環境
[root@localhost ~]# uname -a
Linux localhost.localdomain 2.6.18-8.el5 #1 SMP Fri Jan 26 14:15:21 EST 2007 i686 i686 i386 GNU/Linux

碧軒附註:其實什麼版本的系統無所謂 !

所需的相關庫
[root@localhost ~]# rpm -qa |grep e2fsprogs
e2fsprogs-libs-1.39-8.el5
e2fsprogs-1.39-8.el5
e2fsprogs-devel-1.39-8.el5

碧軒附註:必須要有e2fsprogs-libs,不然在後面ext3grep的安裝會有問題。

分區情況:
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
6.2G 1.8G 4.2G 30% /
/dev/sda1 99M 11M 83M 12% /boot
/dev/mapper/VolGroup00-LogVol02
1008M 34M 924M 4% /data
tmpfs 125M 0 125M 0% /dev/shm
需要軟件

http://code.google.com/p/ext3grep/downloads/list

先下載軟件
[root@localhost ~]# cd /root/src/
[root@localhost src]# wget http://ext3grep.googlecode.com/files/ext3grep-0.6.0.tar.gz src
[root@localhost src]# ls
ext3grep-0.6.0.tar.gz
[root@localhost src]# tar xfvz ext3grep-0.6.0.tar.gz
[root@localhost ext3grep-0.6.0]# ./configure
[root@localhost ext3grep-0.6.0]# make install
[root@localhost ext3grep-0.6.0]# ext3grep
Running ext3grep version 0.6.0

編譯然後測試可以使用了,一切做好了以後開始我們的恢復過程。
我的目錄是/data分區,我先格式化了分區,我放一個文件在根目錄下和一個子目錄下的文件。
/dev/mapper/VolGroup00-LogVol02 1008M 34M 924M 4% /data

碧軒附註:

其實這裏用什麼分居無所謂,你也可以模擬一個出來:

PLAIN TEXT
SHELL:
  1. mkdir /bixuan/
  2. cd /bixuan/
  3. dd if=/dev/zero of=disk10 count=2048000
  4. mkfs.ext3 disk10
  5. mkdir -p /dfs/a
  6. mount -o loop /bixuan/disk10 /dfs/a

拷貝點文件過去
[root@localhost ~]# ]# cp /bin/ls /data/
[root@localhost ~]# ]# cp -rf /bin /data/
[root@localhost ~]# ]# ls -la /data/
total 136
drwxr-xr-x 4 root root 4096 Apr 21 17:37 .
drwxr-xr-x 25 root root 4096 Apr 21 17:11 ..
drwxr-xr-x 2 root root 4096 Apr 21 17:37 bin
drwx—— 2 root root 16384 Apr 21 17:15 lost+found
-rwxr-xr-x 1 root root 93560 Apr 21 17:37 ls

[root@localhost ~]#
一個子目錄一個可執行文件
現在刪除ls文件和bin下面的zcat
[root@localhost ~]# rm /data/ls
rm: remove regular file `/data/ls’? y
[root@localhost ~]# rm /data/bin/zcat
rm: remove regular file `/data/bin/zcat’? y
[root@localhost ~]# ls -la /data/ls /data/bin/zcat
ls: /data/ls: No such file or directory
ls: /data/bin/zcat: No such file or directory
文件沒有了然後我們來恢復

首先umount掉分區
[root@localhost ~]# umount /dev/mapper/VolGroup00-LogVol02
[root@localhost ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
6.2G 1.8G 4.2G 30% /
/dev/sda1 99M 11M 83M 12% /boot
tmpfs 125M 0 125M 0% /dev/shm
確認卸載,然後使用ext3grep來恢復。

[root@localhost ~]# ext3grep/dev/mapper/VolGroup00-LogVol02 --ls --inode 2
這裏會創建掃描分區

碧軒附註:注意這裏的--inode 2ext3grep.jpg

[root@localhost ~]# ext3grep /dev/mapper/VolGroup00-LogVol02 --ls --inode 2
[root@localhost ~]# ext3grep /dev/mapper/VolGroup00-LogVol02 --restore-file ls
Running ext3grep version 0.6.0
WARNING: I don’t know what EXT3_FEATURE_COMPAT_EXT_ATTR is.
Number of groups: 8
Minimum / maximum journal block: 585 / 8787
Loading journal descriptors… sorting… done
Number of descriptors in journal: 58; min / max sequence numbers: 2 / 5
Loading VolGroup00-LogVol02.ext3grep.stage2… done
Restoring ls

[root@localhost ~]# ext3grep /dev/mapper/VolGroup00-LogVol02 --restore-file bin/ls
Running ext3grep version 0.6.0
WARNING: I don’t know what EXT3_FEATURE_COMPAT_EXT_ATTR is.
Number of groups: 8
Minimum / maximum journal block: 585 / 8787
Loading journal descriptors… sorting… done
Number of descriptors in journal: 58; min / max sequence numbers: 2 / 5
Loading VolGroup00-LogVol02.ext3grep.stage2… done
Restoring bin/ls

[root@localhost ~]# ls -la RESTORED_FILES/
total 124
drwxr-xr-x 3 root root 4096 Apr 21 18:01 .
drwxr-x— 5 root root 4096 Apr 21 17:55 ..
-rwxr-xr-x 1 root root 93560 Apr 21 17:48 ls
[root@localhost ~]# ext3grep /dev/mapper/VolGroup00-LogVol02 --restore-file bin/zcat
Running ext3grep version 0.6.0
WARNING: I don’t know what EXT3_FEATURE_COMPAT_EXT_ATTR is.
Number of groups: 8
Minimum / maximum journal block: 585 / 8787
Loading journal descriptors… sorting… done
Number of descriptors in journal: 58; min / max sequence numbers: 2 / 5
Loading VolGroup00-LogVol02.ext3grep.stage2… done
Restoring bin/zcat

[root@localhost ~]# ls -la RESTORED_FILES/bin/
total 188
drwxr-xr-x 2 root root 4096 Apr 21 18:01 .
drwxr-xr-x 3 root root 4096 Apr 21 18:01 ..
-rwxr-xr-x 1 root root 62136 Apr 21 17:48 zcat
看看都恢復在RESTORED_FILES目錄下,大小也一樣

碧軒附註:這個RESTORED_FILES目錄是執行ext3grep的當前目錄下!

參考資料
http://www.xs4all.nl/~carlo17/howto/undelete_ext3.html

From: http://huaidan.org/archives/1913.html

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

curl 上傳文件

curl -F "[email protected]" -F "puid=181174000" -X POST "http://pan-yz.chaoxing.com/upload"    curl -F "file=@WeChat_20221

原創 2024-04-07 13:07:15

讀取設置密碼保護的excel文件,有沒有更好的辦法?

大家好,我是Python進階者。 一、前言 前幾天在Python最強王者交流羣【wen】問了一個Python處理Excel加密文件讀取問題。問題如下: 請教:讀取設置了密碼保護的exlce文件,df = pd.read_excel(file

原創 2024-03-18 22:16:03

OpenAI 將在 2027 年實現人類水平的 AGI ?完整 PDF 流出……

“OpenAI 將在 2027 年實現人類水平的 AGI” “OpenAI  從 2022 年 8 月就在訓練 125 萬億參數的多模態模型,但由於推理成本過高而被取消” …… 這是最近硅谷乃至整個科技圈都在討論的熱門話題,內容均

Zilliz 2024-03-08 21:31:41

Mysql主從複製筆記

    寫這個筆記其目的還是記錄下自己之前做的細節,原以爲弄過的東西會深深的印入腦海無需囉裏囉嗦的記錄,今天回憶的時候發現我已經不記得是從何入手了想想就覺得可怕還是老老實實把以前的備份實操記錄下來把。     主從複製常見的用途:數據分佈,

原創 2024-02-24 10:01:02

大文件上傳原理及實現方案

一、什麼是大文件 一般,我們傳送大文件是指傳送大於100M的文件,而普通文件是指小於100M,常見的是20M、30M和50M,兩者主要的區別在於文件大小上,還有傳送速度上。 一般普通“郵件附件”只能發20M、30M,50M的文件,而幾百M的

原創 2024-02-06 00:22:03

優酷鴻蒙開發實踐 | 鴻蒙卡片開發

{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image"

阿里巴巴移动技术 2021-10-22 15:33:55

數據庫測試的基礎要素

{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"typ

Jonathan Allen 2021-10-22 15:33:55

一年40萬次實驗,字節跳動A/B測試平臺是怎麼煉出來的?

{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"typ

Tina 2021-09-26 15:43:52

走過二十年的軟件測試業

{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"blockq

Tim Bray 2021-08-06 17:03:57

爲了生存重寫軟件!面對“缺芯”,特斯拉很慌

{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragr

Tina 2021-08-02 14:58:59

谷歌開發團隊犯低級錯誤?因一個字符拼寫Bug,Chromebook用戶被鎖在系統之外

{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragr

Kent Duke 2021-07-25 16:38:56

10年磨一劍,雲測試頭部玩家如何爲數萬家客戶落地AI自動化測試

{"type":"doc","content":[{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null

施尧 2021-07-25 10:04:06

怎樣在企業裏推廣TDD等技術實踐?

{"type":"doc","content":[{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"爲什麼TDD很重要"

Emily Bache 2021-07-20 10:03:55

從Kratos設計看Go微服務工程實踐

{"type":"doc","content":[{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null

腾讯云中间件 2021-07-16 15:33:59

從10次宕機事件中,我學到5個重要的經驗

{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"typ

Tom Kleinpeter 2021-07-13 11:13:50