JP Vossen on 17 Jun 2008 11:48:43 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] PLUG West meeting notes 2008.06.16 - JP's Bash Presentation

 > Date: Tue, 17 Jun 2008 13:13:17 -0400
 > From: TuskenTower <>

We also talked about bad capacitors (see the PLUG ML archive for more), 
and the badcaps forum at:

> The NTFS dirty flag came up while JP was talking about a problem with
> wubi ( Wubi for those who don't know 
> allows you to install Ubuntu to a file within your winDOwS file
> system and use the DOS boot loader to boot Linux. This gets around 
> partitioning your disk and gives a seamless way to treat your Ubuntu 
> install as an application that you can remove from winDOwS land.
 > So, when the dirty flag is set (you can accomplish this by forcefully
 > shutting down winDOwS while it is booting up), booting into Linux will
 > not work.  In fact it fails silently, dropping the user into an
 > initramfs prompt.  Booting into Ubuntu recovery mode yields a slightly
 > less cryptic error.

Here's the Ubuntu bug I filed:

They are certainly going to make the error message more clear, but it is 
*not* clear to me that they will fix the lack of any kind if message if 
not booting in recovery (i.e., verbose) mode. :-/

 > The dirty flag came up again in another
 > discussion where a (old) knoppix distro could see a disk and
 > partitions, but refused to mount the partitions.

I've stopped using Knoppix because all my burned copies are old and I 
always have a current Ubuntu LiveCD.  Using an Ubuntu 8.04 (Hardy) 
LiveCD, I recently recovered data from a Windows server.  Since Windows 
had crashed, the NTFS "dirty" bit was set, so it wouldn't mount 
normally.  But I forced it manually like this:
     mount -t ntfs-3g /dev/sda5 /mnt/sda5 -o force

To mount 3 partitions like that, in an automated, bash way, you can use 
something like this.  Note: remove the two 'echo's after verifying the 
line does what you expect:
$  for part in /dev/sda{1,5,6}; do echo sudo mkdir ${part/dev/mnt}; echo 
sudo mount -t ntfs-3g $part ${part/dev/mnt} -o force; done
sudo mkdir /mnt/sda1
sudo mount -t ntfs-3g /dev/sda1 /mnt/sda1 -o force
sudo mkdir /mnt/sda5
sudo mount -t ntfs-3g /dev/sda5 /mnt/sda5 -o force
sudo mkdir /mnt/sda6
sudo mount -t ntfs-3g /dev/sda6 /mnt/sda6 -o force

Note the newer "ntfs-3g" rather than the old "ntfs" that (old) Knoppix 
would use.  And note the recommended method it to natively boot Windows 
and chkdsk it, but in this case I would get a STOP: 0x0000007B 
blue-screen so "-o force" got around the problem.

Related, we talked about recovery/forensic tools, specifically 
'foremost' and 'dd*' tools.  The specific use-case was using a Linux 
LiveCD (was old Knoppix) to recover Windows data.  Not all of these 
tools apply for that, this is a super-set list of everything I know about:

* Advanced File Recovery using Foremost
* Foremost is a console program to recover files based on their headers, 
footers, and internal data structures.
* Recovering deleted files using unrm and lazarus
* Recovers/copies data from one file or block device to another
* (Older) Recovers/copies data from one file or block device to another
* Obsolete: The Coroner's Toolkit (computer forensics)
* Successor to TCT
* When files disappear, Magic Rescue saves the day
* Magic Rescue scans a block device for file types it knows how to 
recover and calls an external program to extract them
* TestDisk is a partition table and MBR recovery tool
* TestDisk is a partition table and MBR recovery tool
* PhotoRec is file data recovery software designed to recover lost files
* PhotoRec is file data recovery software designed to recover lost files
* dcfldd is an enhanced version of GNU dd with features useful for 
forensics and security
* dcfldd is an enhanced version of dd developed by the U.S. Department 
of Defense Computer Forensics Lab.

 > JP's presentation was well received and covered a lot of things about
 > BASH that are useful to know.  If you're curious, go out and download
 > his book.  :)

I hope there's something for everyone in the book, but it is a 
*cookbook* not an introduction to bash.  For that, get Cameron's 
_Learning the bash Shell_.  If you are comfortable with scripting of any 
kind and just want to know how to do 'foo,' or if you learn best by 
example then the Cookbook is for you.

You can get the slides, which are hopefully pretty stand-alone (see also 
the slide notes) here:

You can get the examples from the book (since some slides were truncated 
and/or to avoid re-typing):

O'Reilly site:

Bash reference documentation:

Other great material:
* Carl's (odp) slides from Ubuntu Live 2007:
	01 bash: from beginner to power user
		40 slides, not stand-alone
	02 Tips and Tricks: avoiding common goofs in bash scripts
		19 slides, reasonably stand-alone
	03 bash: some odd but useful features
		22 slides, not stand-alone
	04 bash vs. dash
		19 slides, reasonably stand-alone

JP Vossen, CISSP            |:::======|        jp{at}jpsdomain{dot}org
My Account, My Opinions     |=========|
"Microsoft Tax" = the additional hardware & yearly fees for the add-on
software required to protect Windows from its own poorly designed and
implemented self, while the overhead incidentally flattens Moore's Law.
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --