Slashdot Mirror
System Recovery with Knoppix
An anonymous reader writes "This article shows how to access a non-booting Linux system with a Knoppix CD, get read-write permissions on configuration files, create and manage partitions and filesystems, and copy files to various storage media and over the network. You can use Knoppix for hardware and system configuration detection and for creating and managing partitions and filesystems. You can do it all from Knoppix's excellent graphical utilities, or from the command line."
What if the Linux that you can't boot already is Knoppix? Can you swap this recovery CD with your regular Knoppix CD during the boot process?
Just two days ago I just had to use Knoppix to recover my system after a failed attempt to upgrade the kernel. Very good to have as a recovery tool.
Knoppix, the hot new kid on the block
New? Wow, I'm glad I don't live in that neighborhood.
Is that IBM has done this, right off their own website and helping the system admins, techies and anyone else interested in learning how to fix your defunct or otherwise broken system.
This one's been around for a while. It's a useful resource, but some of the more specialised distros are easier to use for rescue disks.
http://www.frozentech.com/content/livecd.php has a good list of them.
"I've got more toys than Teruhisa Kitahara."
Well, apart from the "Duh- What else are you gonna use it for?" line, I suppose its nice to RE-distribute the info to those 3 or 4 around here that haven't heard of knoppix...And also nice that IBM is running the piece. That kinda lends some pointy-haired massive corporate legitimacy to the tool...
But maybe I'm mistaken...Okay, then--- Quick Poll- Who HAS NOT heard of and tried a Knoppix disk?
Sig currently under construction. Mind the gap....
OMG! We slashdotted IBM!
[would have been funnier if it were true]
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
You can also use the gentoo live CD (you can even get an experimental one for reiser4) at www.gentoo.org.
k s/linux/library/l-knopx.html?ca=dgr-lnxw01-obg-Sys Recover
There are also lots of speecialised ones. generally, the only time a linux box wont boot though is just a lilo or grub problem...
By the way, the coralised link is: http://www-106.ibm.com.nyud.net:8090/developerwor
I think NTFS is probably read-only so you can't fix it directly. But in case you weren't smart enough to keep backups around, you can use Knoppix to backup your files over the network. I did the same thing for a friend who couldn't boot up her XP installation anymore after Norton Antivirus "cleaned" a bit too much (even safe mode didn't work). But I ended up copying the data to an external firewire disk 'cause the network (which Knoppix didn't have any problems to detect) was too slow.
Go Linux/Knoppix!
Ricardo.
Without a floppy drive in them.
Comment removed based on user account deletion
Tbe Knoppix Distro has been helpful at this point - and I'm glad that I kept it around, because I needed to get these people's email transferred without much hassle
db
Cig:
ôô
(Mini Usual Stuff)
It's been a long time since I've needed anything else. I used to carry a Trinux CD, but now it's Knoppix.
I use the compact flash card because it fits in both my camera and my PDA.
sigs, as if you care.
No, I'm not a weenie who needs things spoon fed to them, I've been using Linux since long before it was cool or chic, starting with Slack back in '96, then RedHat, then Mandrake. After Win2k came out I moved back to using Windows for most of my day-to-day desktop needs (now mostly Win XP), but recently I've installed MEPIS on my laptop and I find it quite enjoyable to use. The things that stand out to me are 1) fabulous hardware compatibility, including out of the box support for almost every component of my Dell Inspiron 8500 laptop, with NVidia GeForce4 Go graphics and so on (I did have to make a quick manual edit to XF86Config-4 to get widescreen support, and my Microsoft MN-720 802.11b card took about half an hour of screwing around to get running, but ndiswrapper was already there, I just had to find the right driver version and run it.
Okay, that's all the ranting I can do for now. Did I mention that MEPIS makes a great recovery CD? That's how I first discovered it. Give it a try, funny name aside.
Is this news?
The article was written a year ago, and even then it was not news (I have used Knoppix for this purpose longer than that)
"You can't install it to your hard drive."
Yes, you can: knx-hdinstall.
sigs, as if you care.
captive-ntfs 1.14 works just fine for me w/Knoppix 3.4 (though 1.15 w/Knoppix 3.6 failed to mount my NTFS partitions, that is another story altogether) ... so, you can actually read/write to NTFS from Knoppix if you manually configure captive and mount the NTFS partition(s) yourself.
Comment removed based on user account deletion
I don't say K/Gnoppix is no good, because it's just great, imho the best live linux version for jumpstarting linux illiterates (other people check this. And I don't argue you can do lots of things with it. But for accessing and managing filesystems in general... well, access my xfs partitions with a knoppix please. or better not, keep away :)
If one wants to have rescue stuff ready, ones prepares good rescue stuff. E.g. an usb drive with a mini distro with >2 kernel versions helluvalot compiled modules, all possible filesystem support, disk fscking tools (for all supported filesystems) and you don't relly need much more.
A general purpose 2.4.x-based live distro for the masses jsut doesn't always qualify for such uses.
You know the drill, use the right tool for the job.
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
how safe is it to be able to access anything just by putting a disk in the drive
Well, on my machines (i.e. which I use, @home or @work) only booting from the main hdd is allowed, everythig else is disabled, bios pass'ed. If I want to boot from something else, I enable it. One would need many minutes long work to open the cases and reset the bioses especially if they don't know the specific mobo.
Not a very good protection by any means, but it stops giggling coworkers from being jerks on my machine.
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
A friend brought me his machine to upgrade.
/home (hdb)....
/home from hda to hdb then reformat hda and partition it up in a useful way.
/home data from hda to hdb.
/home is on hdb1.
/home on the new 120g drive and asked me if I wanted to change the permissions and ownership over. I said yes.
/home directory instead of the 10gigs he had before.
A Frys cheapo Linux special, originally it came with a 30g, 128m ram and Thiz Linux. I Thized the disc straight into the trash and installed Suse 9.0 on it for him when he first got it.
Well, as time went on he realized that his system needed upgrading. So I sent him to the store and he brought back another 128m ram, a 120g drive and Suse 9.1 Pro.
The plan was to have the old doggy 30g as his boot/OS/work drive (hda) and his new 120g as
Well, booting up 9.1 does not come up and say
"Hey, I see you have data on your drive already and a new blank drive. Would you like to move it around in anyway before we procede?"
No, Suse just suggests that you wipe everything out and start over. Even if you tell it you want to do an upgrade, it has NO PROVISION what-so-ever to allow you to format the new drive then move your old
Ok, so in light of this, I took Damn Small Linux 0.8.2
and booted up. Opened a root terminal, fdisked hdb, formated it for ext3 then moved all of his old
It copied EVERYTHING. Hidden files, configurations, email, cookies, bookmarks, music, photos, the whole works.
When it was done I booted into Suse 9.1 pro, did a NEW INSTALLATION and wiped hda clean, installed the OS on it and told it that
I created the same user and password as the old system so Suse looked at the
The install proceded normally to completion.
When it was finished and I rebooted the system, it was identical to the way it was brought to me except that he now has a 120g
Damn Small Linux is the very best tool a tech can carry with him. I keep a copies on biz cards in all of my tool boxes and in each of my vehicles.
I don't leave home without it.
I also carry standard Knoppix in case I run into a case where I need k3b on the ailing machine.
I have several other versions of Knoppix I keep handy for various network jobs, like knoppix-std
and a few other network related Knoppix knock offs..
If you can't loop-mount it, dd it back to an other disk, then use your favourite Windows NTFS tool, if there is any.
As a computer networking student I'm absolutely AMAZED this hasn't gotten more attention then it has.
Under your MS stuff (I know, I know, but in industry it really is a necessary evil) you should definitely have a Windows Boot CD. And I don't mean a DOS floppy! Its basically a live, say Windows XP disk with preinstalled software (virus scan, adware removers, registry editors, complete networking setup). It really has all the tools you commonly use when fixing the obligatory windows box and probably a few you've never even known you'd need.
I highly recommend you build one, and if the directions sound a little complicated, just take your time and reread them, there's about 3 step and none of the are actually complicated.
The worst thing you can do is boot a infected PC from an infected hard drive, not to mention the trouble accessing NTFS with FULL read-write.
Quack, quack.
I'm dying to figure this part out...
Someone set us up the bomb, so shine we are!
Toms Root Boot was always enough for me.
1 floppy.
TRB, Lepton and other floppy distributions I've tried (for real use, not just recovery situations) have all been exceptionally high quality. The guys who put them together really know what they're doing. Any idiot can stick half a gig of programs on a CD, it takes smarts to get them onto 1 o 2 floppies.
FP.
Also FatPhil on SoylentNews, id 863
Of course you could have done this with SuSE as well, but you should not have tried two things (upgrade and drive reassignment) in one go. /home to it, or first add the new drive and move /home, then re-install from scratch on the old drive.
You could have upgraded from 9.0 to 9.1 first and then add the new drive and move
Actually, the gripe is a legitimate one, although very poorly presented. I'm a regular on the Knoppin forums at www.knoppix.net and I constantly see people posting problems with things (mostly simple networking) that worked fine under Knoppix when running from the CD but stopped working as soon as Knoppix was installed to hard disk. Most of the time this seems to be simple permission issues or something that for some reason I don't understand needs to be added to a configuration file. But it's been going on for years and the install scripts never seem to get around to addressing it and making the premissioins right. See for yourself by scanning this forum.
I just write it off to the arogance that almost all Linux geeks seem to have for newcomers who don't know the cryptic commands to change permissions or all the magic places startup configuration stuff is stored. The geeks who master Knoppix must come across the same problems, but just know where to go to twiddle the right bits to make everything right. That they don't "bother" to go back and make the HD install scripts do this seems strange.
I'm an American. I love this country and the freedoms that we used to have.
Last I heard write was still experiencing random failures, not that it matters for data recovery.
But I'd recommend using this to work on/repair Windows computers. You get read/write (its really just Windows, so..) and a lot of crap can be repaired with a virus/adware scan (or two). If your comfortable enough with Windows there really isn't much you can't recover from once you can read the disk (sort of a complete hardware failure).
As a side note, it also reads ext2 and 3. Handy for working on your friends dual-boot systems too.
Personally, I carry on of these and either Knoppix or an older Gentoo live disk.
Quack, quack.
The article is dated October 23, 2003. Nearly a year old!
/. readers know about Knoppix already.
There must be newer versions of almost everything mentioned in the article, and probably better ways of doing most of the tasks...
And most
Knoppix is a great livecd, but a horrible installer. It's less trouble to just install straight Debian.
You're right, I wouldn't steal a car. But if it were possible, I sure as hell would download one!
There are scripts right in Knoppix that let you do a HD install; but that doesn't mean everything is going to work as you would expect. I've been a regular at www.knoppix.net for a couple of years, and I'm always seeing problems that just shouldn't happen with HD installs. Simple things like permissions being set wrong on the install and networking that worked from to CD no longer working after the HD install. In fact, if you look at the specialized forums, you will see that there are nearly twice as many posts in the HD install forumthan even the hardware forum , and nearly three times as many posts as in the networking forum (yet many of the posts in the networking forun are about network access stopping after a HD install). So you can install to HD, just don't expect it to work even as well as it did from CD after you do!
I'm an American. I love this country and the freedoms that we used to have.
I think you could have added the new disk to the old running system, fdisk and format it using yast or commandline tools, move your home there, and then re-install the system on the 30GB disk. / /home, format it) /dev/sdb1 is now mounted as /home) /home.orig/* /home /home.orig
/home is /dev/sdb1.
I would have done:
- login as root
- cd
- mv home home.orig
- mkdir home
- yast
(add the disk, say it will be
- df
(make sure the
- mv
- rmdir
home is now on the new disk.
reboot system from CD, install 9.1 on 30GB and during partition selection tell it that
that should do it.
Luckily I haven't had to use Knoppix to recover any crashed systems...
However I did use it to tweak the device settings on my install of FreeBSD. Knoppix has always detected anything I threw at it, while FreeBSD isn't quite up to the same level (but getting better). So, I gave Knoppix a whirl and got enough driver info for the noname videocard that shipped in the used computer I was setting up as a server.
Rock on Knoppix!
Where is ntfsclone in the latest KNOPPIX? I tried version 3.4 I think it was - couldn't find it anywhere, so had to revert to 3.3. There was an ntfsprogs package but it didn't seem to include all the tools. That's all I use KNOPPIX for - making an image of my Win2K partition.
Tom's Root Boot" is the only Linux boot CD needed to fix a Linux system. Although I use Knoppix occasionally to test hardware.
They wouldn't even have to open the case if they know some BIOS override passwords.
Without physical security you have no security at all. I don't even need a boot disk to root your linux box. When the box hits the LILO or Grub protion I can interupt the boot and add "single" to boot options of the kernel. The machine will now start in single user mode (which does not require the root password). I can now make a back of shadow password file, change the root password, and telinit(8) to whatever level your distro uses for network connectivity. I can then upload your "sensitive" files to box I own. To civer my tracks I can remove my presence from all of your logs (or if I was smart, just restore backed up version of logs), restore the shadow password file, touch(1) all of the files back to their original mtimes, and voila.
I had a fault on my home system, so I tried to knoppix my wife around. I did not recover from the attempt no matter what utilities I tried. I tried to reiser, I tried to fsck her. I even tried mem86 check her and remind her of all the good times we had. In the end, she rebooted me no matter how many times I tried to replug her.
Knoppix not good for everything.
Yep, this is bad. Baaaddd joke if you can call it that.
Oh, by the way, this is nothing but flaimbait.
Burn karma, burn.
I think you underestimate just how much I just dont care.
http://rescuecd.pld-linux.org/
"Long run is a misleading guide to current affairs. In the long run we are all dead." (John Maynard Keynes)
First of all, there are a couple of basic steps people can take to ensure their systems are rescuable and secure regardless of any patches they have applied.
Following above steps is usually enough to prevent rescue situations because the root filesystem is vital, so protecting it is the first line of defense, but if the worse comes to worst and you ever get into trouble, you must learn with the problem. If the kernel loads and init doesn't, it may be a libc problem. Try booting with init=/bin/sh, remount your filesystems read-write, examine the problem, umount them (or remount them read-write, when unmount is not possible), sync, reboot and watch the changes. If the kernel does not load, you may need a
captive-ntfs needs a captive user and group to work properly. Manually adding them allows it to work correctly again on 3.6. I even made a personal remaster of Knoppix with fix and the XP drivers captive-install-acquire already done. That last is handy because I have had NICS that XP didn't recognize and it gets the driver install files on the disk.
Wow - Solaris has been doing this for years - SunOS even used to do it off tape.
Ever hear of "boot [cdrom|net|root-mirror] -s"? Come up in single user off alternate media, mount your root disk and proceed to fix as necessary.
Even DOS was able to do this - it was called a boot floppy.
Just because something puts a new wrapper on the process and because its based of Linux doesnt make it incredible.
however if you read the FAQ on the new version of knoppix, they explicitly stateWhich is all well and good; if you speak/read German. Otherwise you get a bunch of errors in German that you can't decipher.
Instead, I installed slackware.
In the future, I would want to not be isolated from my friends in the Space Station.
Knoppix can do that and a whole lot more.
Knoppix Hacks
Virus scanning, emergency router, write to NTFS, even fire up a mythtv box.
Everything on my drive is 128 bit AES encrypted on the fly when I use it - you and your knoppix CD can take your best shot. It's not the fault of the Knoppix people that your data is insecure enough to be read by anyone with a boot disk.
No GNU has been Hurd during the making of this comment.
Just one minor modification to this. You should probably use tar or cpio instead of mv. For example:
/home.orig
/home; tar xf - )
/home.
cd
tar cf - . | ( cd
The reason? The mv command will not keep any hard links when mv'd across filesystems; tar will. Unless of course, you are absolutely 100% sure you have no hard linked files in
And whatever you do, *don't* use cp; otherwise both your hard and sym-links will go bye-bye too.
F U NE X N M? Son: "Dad... How do you spell 'hourly'?" Dad: "0 * * * *"
I have been using a scaled down version of a Linux recovery CD at work. I use it at least once a week to backup data from a non booting XP/W2K computer. Even if the person only needs Favorites and My/ Documents, it provides a method for recovery that my Microsoft stacked IT department did not have before.
;)). I picked this one because it was the easiest and quickest to use for what I need, at around 25MB is was relatively small also.
It is not as robust as Knoppix but simple, quick and to the point.
Boot with CD, start the network through an included script, manually mount the Win partition, manually mount the network share, run MC and copy off what you need. I know that does not sound exciting and sexy but if you know the commands and what you need to mount and where, it is a faster process then booting up Knoppix and using the GUI.
I believe the iso I am using is from here. I am not completely sure as I've been using the same thing for over a year now and at the time, I downloaded several different recovery iso's to test them out (kind of makes my entire post useless if I can not reference what ISO I actually use
Bad boys rape our young girls but Violet gives willingly.
Hey, IBM, that was only a demonstration of our power.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Wow... We slashdotted IBM! But to the point: I wonder what is your experience. What is better for system recovery? Standard Knoppix which is a general purpose desktop system meant to be an impressive demonstration tool but lacking many security programs, or some specialised versions like Knoppix STD or Local Area Security which have more tools but are kind of "script kiddie friendly" and look very unprofessional with their Martix themes, leet-speak, "proving no localhost is safe" slogans etc. making them look more like intrusion than recovery tools? Or maybe Morphix is the answer thanks to its ease of customisation and apt-getting new packages on the fly? Do you have any Real World(TM) experience?
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
That depends on what version you use and what kernel you install and what hardware you have. Some laptops, such as my Thinkpad T600, have notoriously buggy BIOS. Both ACPI and APM in newer kernels work well using Sarge. The same packages, of course, are available for Mepis and Mepis is easier with new hardware. The upshot is that you can install the last stable release of Mepis, knock out everything but Sarge from /etc/apt/sources.list, and get a nifty version of Sarge that has Spam Assassin for Kmail, MANY funky hardware drivers and MANY working commercial goodies like flash and real player configured and working. Mepis, especially the release candidates, does a very good job configuring newer hardware and can be used to test and repair X configurations.
The only downside to Mepis is that it instals freaking EVERYTHING. I don't need Apache and MySQL on my laptop, so I'd have to spend some time removing those and other packages. Also, I hate flash and prefer that my browser ignore it 99% of the time. That too takes some time. For an older laptop, Sarge works better for me. Mostly, hardware support is a kernel function and newer kernels do it better. The kernels available in Sarge are generally good enough and the install works.
Friends don't help friends install M$ junk.
You have to make it yourself. That remaster has files that are copyright MS on it. You'll need a fairly beefy machine to do it in less than geological time. A machine that is at least 1GHz and 512MB(+ 1GB swap) of memory gets tolerable. I use a 2.4Ghz PIV with a GB of RAM. That will spit an iso out in about 7 minutes. You will also need at least 3GB of disk space to hold the uncompressed distro and the iso you will make from it. Follow the instructions here.
Knoppix IS Debian so you'll need some Debian knowledge to update the package database and to add and remove files. You will be doing most of the work in a chroot so you DON'T need a Debian machine to make a remaster. You can even boot from a KNOPPIX cd and create it that way.
Once you've created your Knoppix development environment according to the instructions, you do these things to enable captive.
1. Create a captive user.
2. Create a captive group.
3. captive-install-acquire
Cheers!