Let's assume you have a harddisk with a single partition using NTFS as the filesystem. Now you would like to resize the partition so you can install Linux to it. Run:
ntfsresize --no-action --size 20000M /dev/hda1
to check wheter it works. If you do not notice any errors you can drop the '--no-action'-option and resize the partition. For more details take a look at the ntfsresize-homepage.
Backup the MBR via:
dd if=/dev/hda of=hda.mbr bs=512 count=1
and restore it via:
dd if=hda.mbr of=/dev/hda bs=512 count=1
Caution: the MBR contains the partition table (the first four primary entries). If you changed the partition since creating the backup-file you will probably lose your partitions.
If you do not want to restore the partition table you should use with 'bs=448' instead. This will write only the first 448 bytes of the MBR leaving the last 64 bytes intact (4 partition table entries * 16 bytes/entry).
zcat /mnt/Backup/hda1.dd.gz | dd of=/dev/hdb1
You might want to use a specific blocksize to improve performance. Specify it via 'bs=...k', values from 4k up to 1024k might fit your needs.
dd if=/dev/hda of=/dev/hdb
Notice: this includes of course the bootsector too! More detailed information is available in the Hard-Disk-Upgrade HowTo.
TODO: backup via network (netcat/scp/...)
tar -cf - directory | ssh user@remote tar -xf - -C /dest/dir dd if=image | ssh fileserver "cd /tmp; dd of=image"
vom client zum server: dd if=/dev/hda1 | ssh fileserver 'cat > image'
vom server zum client: ssh client 'dd if=/dev/hda' > image
-> unbedingt Blocksize anpassen wegen Performance!
http://lists.suse.com/archive/suse-linux/2004-May/2786.html
Komplettes Partitions Backup (Image):
mount /dev/hda1 / -o remount,rw; dd if=/dev/zero of=/delme1 bs=4048; rm /delme1; mount /dev/hda1 / -o remount,ro;
Lokal:
dd if=/dev/hda1 bs=4048 | bzip2 > /mountpoint/image_hda1.bz;
Netzwerk:
ssh host -c blowfish 'dd if=/dev/hda1 bs=4048 | bzip2' | dd of=/image_hda1.bz
Entfernten Rechner mit tar sichern:
ssh root@otherhost -c blowfish 'tar -f - -p -P -c --exclude=/tmp --exclude=/var/cache /' | dd of=/daten/backup.tar
Remote backup via rsync: rsync --delete -avze ssh /home/mika/ mika@mari:/Backup/
grml-system klonen: rsync -avzp --rsh="ssh -l root -p 66" /Grml/grml_uncompressed remote:/Grml/
Mount your root partition with the dev-flag:
mount -o dev /mnt/hda1
Then adjust /mnt/hda1/etc/lilo.conf. Now execute lilo in the chroot:
chroot /mnt/hda1 lilo
TODO: grub-install
TODO: ntfsresize, parted, ntfsclone
You can change the password of a Linux system via chrooting into:
mount /dev/hda1 # mount rootpartition, make sure it is mounted read-writeable!
chroot /mnt/hda1
passwd root
or via using /bin/sh instead of the init-system:
linux init=/bin/sh # boot with bootparam init
mount -o remount,rw / # mount root partition read-writeable
/usr/bin/passwd # now set the password
mount -n -o remount,ro / # remount / read-only
/sbin/init 6 # reboot
If you don't have /usr/bin/passwd available you could change /etc/passwd. Just remove the 'x' in the line containing information about user root, just change:
root:x:0:0:root:/root:/bin/zsh
to something like:
root::0:0:root:/root:/bin/zsh
or you could even remove the hash in /etc/shadow, change:
root:foooobaaaarrrr.:11808:0:10000::::
into something like this:
root::11808:0:10000:::
You have a system which does not boot anymore because there have been problems at the last upgrade? Just mount the root-partition and chroot into it:
mount /mnt/hda1
chroot /mnt/hda1
Now you can run commands within your 'damaged system'. Notice: 'chroot /mnt/hda1 /bin/bash' might be required if /mnt/hda1 does not contain a zsh because chroot invokes $SHELL.
Let's assume you want to check for virus on your hard disc. Mount the partition and run clamscan:
mount /mnt/hda1 # mount the partition you want to scan
clamscan -r /mnt/hda1
TODO: freshclam
Use chkrootkit to scan for rootkits.
mount /mnt/hda1 # assuming that hda1 contains your root-partition, adjust it!
chkrootkit -r /mnt/hda1
If you don't want to run integrity checkers like tripwire/aide on your systems you could create md5sums of the binaries:
mount /mnt/hdaX # assuming that hda1 contains your root-partition, adjust it!
find /mnt/hda1/bin /mnt/hda1/usr/bin /mnt/hda1/sbin /mnt/hda1/usr/sbin -type f -print0 | xargs -0 md5sum > /tmp/md5sum.clean
sort /tmp/md5sum.clean > /tmp/md5sum.clean.sorted
In case of a possible infection you could run the command again (adjusting 'clean' to e.g. 'check') and compare the two md5sum-files (preferably the sorted ones) via the diff-command.
Interactive tools:
Performance Tools: System CPU.
vmstat (Virtual Memory Statistics)
top
procinfo (Display Info from the /proc File System)
gnome-system-monitor
mpstat (Multiprocessor Stat)
sar (System Activity Reporter)
oprofile
Performance Tools: System Memory.
vmstat (Virtual Memory Statistics)
top
procinfo
gnome-system-monitor
free
slabtop
sar
/proc/meminfo
Performance Tools: Process-Specific CPU.
time
strace
ltrace
ps (Process Status)
ld.so (Dynamic Loader)
gprof
oprofile
Performance Tools: Process-Specific Memory.
ps
/proc/\<PID\>
memprof
valgrind (cachegrind)
kcachegrind
oprofile
ipcs
Performance Tools: Disk I/O.
vmstat
dstat
iostat
sar
lsof (List Open Files)
Performance Tools: Network.
mii-tool (Media-Independent Interface Tool)
ethtool
ifconfig (Interface Configure)
ip
sar
gkrellm
iptraf
netstat
etherape
Utility Tools: Performance Tool Helpers.
bash/zsh
tee
script
watch
ldd
objdump
GNU Debugger (gdb)
gcc (GNU Compiler Collection)
Schedutils: CPU related stuff
schedtool
chrt
taskset