分类: LINUX
2009-07-21 16:43:38
| [root@max max]# dd if=/dev/zero of=a1 bs=1024k count=100 [root@max max]# losetup /dev/loop1 a1 [root@max max]# mkfs.ext3 /dev/loop1 [root@max max]# mount /dev/loop1 /mnt/max/ [root@max max]# df -hT 文件系统 类型 容量 已用 可用 已用% 挂载点 /dev/sda1 ext3 19G 17G 1.1G 95% / tmpfs tmpfs 251M 0 251M 0% /dev/shm /dev/sda3 ext3 23G 21G 1.2G 95% /mnt/hda1 /dev/sda4 ext3 31G 27G 2.4G 92% /mnt/hda5 /dev/loop1 ext3 97M 5.6M 87M 7% /mnt/max |
| [root@max max]# cd /mnt/max/ [root@max max]# ls 1de15ef8-4478-4b97-80ca-5bd5d69ff760.pdf Cluster_Suite_Overview.pdf iscsi.txt ora.txt systat.txt 20090703.txt Configuration_Example_-_NFS_Over_GFS.pdf lfs-stall.txt osb.txt tao-dba.txt Asianux3_Security_Datasheet.pdf device-mapper-udev-crs-asm rh4.pdf lfs.txt rac.txt tape.txt Asianux3_Security_Manual.pdf error.txt logmner.txt rfef.txt tech-ora.txt Asianux3_Security_TechPaper.pdf GFS2_ISCSI-v1.pdf lost+found security.txt temp.txt beau-name.txt gfs2_test.txt need-ora.txt sucess.txt 翟鸿燊精彩语录.txt Cluster_Administration.pdf hist.txt oracle-start-shut.txt sysctl.txt [root@max max]# |
| [root@max max]# rpm -qa | grep e2fsprogs e2fsprogs-libs-1.39-10.1.1AXS3 e2fsprogs-1.39-10.1.1AXS3 e2fsprogs-devel-1.39-10.1.1AXS3 [root@max max]# |
| [root@max max]# rm device-mapper-udev-crs-asm\ rh4.pdf rm:是否删除 一般文件 “device-mapper-udev-crs-asm rh4.pdf”? y [root@max max]# rm 1de15ef8-4478-4b97-80ca-5bd5d69ff760.pdf rm:是否删除 一般文件 “1de15ef8-4478-4b97-80ca-5bd5d69ff760.pdf”? y [root@max max]# rm 翟鸿燊精彩语录.txt rm:是否删除 一般文件 “翟鸿燊精彩语录.txt”? y [root@max max]# rm GFS2_ISCSI-v1.pdf rm:是否删除 一般文件 “GFS2_ISCSI-v1.pdf”? y [root@max max]# |
| [root@max ~]# ext3grep /dev/loop1 --ls --inode 2 Running ext3grep version 0.10.1 Number of groups: 13 Loading group metadata... done Minimum / maximum journal block: 522 / 4636 Loading journal descriptors... sorting... done The oldest inode block that is still in the journal, appears to be from 1248164639 = Tue Jul 21 16:23:59 2009 Number of descriptors in journal: 122; min / max sequence numbers: 2 / 10 Inode is Allocated Finding all blocks that might be directories. D: block containing directory start, d: block containing more directory entries. Each plus represents a directory start that references the same inode as a directory start that we found previously. Searching group 0: DD++++++ Searching group 1: Searching group 2: Searching group 3: Searching group 4: Searching group 5: Searching group 6: Searching group 7: Searching group 8: Searching group 9: Searching group 10: Searching group 11: Searching group 12: Writing analysis so far to 'loop1.ext3grep.stage1'. Delete that file if you want to do this stage again. Result of stage one: 2 inodes are referenced by one or more directory blocks, 2 of those inodes are still allocated. 1 inodes are referenced by more than one directory block, 1 of those inodes is still allocated. 0 blocks contain an extended directory. Result of stage two: 2 of those inodes could be resolved because they are still allocated. All directory inodes are accounted for! Writing analysis so far to 'loop1.ext3grep.stage2'. Delete that file if you want to do this stage again. The first block of the directory is 508. Inode 2 is directory "". Directory block 508: .-- File type in dir_entry (r=regular file, d=directory, l=symlink) | .-- D: Deleted ; R: Reallocated Indx Next | Inode | Deletion time Mode File name ==========+==========+----------------data-from-inode------+-----------+========= 0 1 d 2 drwxr-xr-x . 1 2 d 2 drwxr-xr-x .. 2 4 d 11 drwx------ lost+found 3 4 r 12 D 1248164950 Tue Jul 21 16:29:10 2009 rrw-r--r-- 1de15ef8-4478-4b97-80ca-5bd5d69ff760.pdf 4 5 r 13 rrw-r--r-- Asianux3_Security_Datasheet.pdf 5 6 r 14 rrw-r--r-- Asianux3_Security_Manual.pdf 6 7 r 15 rrw-r--r-- Asianux3_Security_TechPaper.pdf 7 8 r 16 rrw-r--r-- Cluster_Administration.pdf 8 9 r 17 rrw-r--r-- Cluster_Suite_Overview.pdf 9 12 r 18 rrwxr-xr-x Configuration_Example_-_NFS_Over_GFS.pdf 10 11 r 19 D 1248164945 Tue Jul 21 16:29:05 2009 rrw-r--r-- device-mapper-udev-crs-asm rh4.pdf 11 12 r 20 D 1248164962 Tue Jul 21 16:29:22 2009 rrw-r--r-- GFS2_ISCSI-v1.pdf 12 13 r 21 rrw-r--r-- 20090703.txt 13 14 r 22 rrwxr-xr-x beau-name.txt 14 15 r 23 rrwxr-xr-x error.txt 15 16 r 24 rrw-r--r-- gfs2_test.txt 16 17 r 25 rrw------- hist.txt 17 18 r 26 rrwxr-xr-x iscsi.txt 18 19 r 27 rrwxr-xr-x lfs-stall.txt 19 20 r 28 rrwxr-xr-x lfs.txt 20 21 r 29 rrw-r--r-- logmner.txt 21 22 r 30 rrwxr-xr-x need-ora.txt 22 23 r 31 rrwxr-xr-x oracle-start-shut.txt 23 24 r 32 rrwxr-xr-x ora.txt 24 25 r 33 rrwxr-xr-x osb.txt 25 26 r 34 rrwxr-xr-x rac.txt 26 27 r 35 rrw-r--r-- rfef.txt 27 28 r 36 rrw-r--r-- security.txt 28 29 r 37 rrwxr-xr-x sucess.txt 29 30 r 38 rrw-r--r-- sysctl.txt 30 31 r 39 rrwxr-xr-x systat.txt 31 32 r 40 rrwxr-xr-x tao-dba.txt 32 33 r 41 rrwxr-xr-x tape.txt 33 34 r 42 rrwxr-xr-x tech-ora.txt 34 end r 43 rrwxr-xr-x temp.txt 35 end r 44 D 1248164955 Tue Jul 21 16:29:15 2009 rrw-r--r-- 翟鸿燊精彩语录.txt [root@max ~]# |
| [root@max jin]# ext3grep /dev/loop1 --restore-file 翟鸿燊精彩语录.txt Running ext3grep version 0.10.1 Number of groups: 13 Minimum / maximum journal block: 522 / 4636 Loading journal descriptors... sorting... done The oldest inode block that is still in the journal, appears to be from 1248164639 = Tue Jul 21 16:23:59 2009 Number of descriptors in journal: 122; min / max sequence numbers: 2 / 10 Writing output to directory RESTORED_FILES/ Finding all blocks that might be directories. D: block containing directory start, d: block containing more directory entries. Each plus represents a directory start that references the same inode as a directory start that we found previously. Searching group 0: DD++++++ Searching group 1: Searching group 2: Searching group 3: Searching group 4: Searching group 5: Searching group 6: Searching group 7: Searching group 8: Searching group 9: Searching group 10: Searching group 11: Searching group 12: Writing analysis so far to 'loop1.ext3grep.stage1'. Delete that file if you want to do this stage again. Result of stage one: 2 inodes are referenced by one or more directory blocks, 2 of those inodes are still allocated. 1 inodes are referenced by more than one directory block, 1 of those inodes is still allocated. 0 blocks contain an extended directory. Result of stage two: 2 of those inodes could be resolved because they are still allocated. All directory inodes are accounted for! Writing analysis so far to 'loop1.ext3grep.stage2'. Delete that file if you want to do this stage again. Restoring 翟鸿燊精彩语录.txt [root@max jin]# ext3grep /dev/loop1 --restore-file GFS2_ISCSI-v1.pdf Running ext3grep version 0.10.1 Number of groups: 13 Minimum / maximum journal block: 522 / 4636 Loading journal descriptors... sorting... done The oldest inode block that is still in the journal, appears to be from 1248164639 = Tue Jul 21 16:23:59 2009 Number of descriptors in journal: 122; min / max sequence numbers: 2 / 10 Loading loop1.ext3grep.stage2... done Restoring GFS2_ISCSI-v1.pdf [root@max jin]# ext3grep /dev/loop1 --restore-file 1de15ef8-4478-4b97-80ca-5bd5d69ff760.pdf Running ext3grep version 0.10.1 Number of groups: 13 Minimum / maximum journal block: 522 / 4636 Loading journal descriptors... sorting... done The oldest inode block that is still in the journal, appears to be from 1248164639 = Tue Jul 21 16:23:59 2009 Number of descriptors in journal: 122; min / max sequence numbers: 2 / 10 Loading loop1.ext3grep.stage2... done Restoring 1de15ef8-4478-4b97-80ca-5bd5d69ff760.pdf [root@max jin]# ext3grep /dev/loop1 --restore-file device-mapper-udev-crs-asm\ rh4.pdf Running ext3grep version 0.10.1 Number of groups: 13 Minimum / maximum journal block: 522 / 4636 Loading journal descriptors... sorting... done The oldest inode block that is still in the journal, appears to be from 1248164639 = Tue Jul 21 16:23:59 2009 Number of descriptors in journal: 122; min / max sequence numbers: 2 / 10 Loading loop1.ext3grep.stage2... done Restoring device-mapper-udev-crs-asm rh4.pdf [root@max jin]# |
| [root@max jin]# ls loop1.ext3grep.stage1 loop1.ext3grep.stage2 RESTORED_FILES [root@max jin]# pwd /tmp/jin [root@max jin]# ls RESTORED_FILES/ 1de15ef8-4478-4b97-80ca-5bd5d69ff760.pdf GFS2_ISCSI-v1.pdf device-mapper-udev-crs-asm rh4.pdf 翟鸿燊精彩语录.txt [root@max jin]# ls RESTORED_FILES/ 1de15ef8-4478-4b97-80ca-5bd5d69ff760.pdf device-mapper-udev-crs-asm rh4.pdf GFS2_ISCSI-v1.pdf 翟鸿燊精彩语录.txt [root@max jin]# |
| [root@max RESTORED_FILES]# tail -n 6 *.txt 你把<<道德经>>背下来,老子跟你一辈子。 你把<<孙子兵法>>背下来,武圣人跟你一辈子。 你把<<论语>>背下来,孔子曾子跟你一辈子。 你把<<心经>> <<金刚经>>背下来,佛菩萨跟你一辈子。 76、人才不一定有口才,有口才的一定是人才。 77、挣钱就是为了花,最傻的人,就是把钱存银行的人,银行就是把不爱花钱的人的钱拿来给爱花的人去花。" />[root@max RESTORED_FILES]# |
