您好,登录后才能下订单哦!
密码登录
登录注册
点击 登录注册 即表示同意《亿速云用户服务条款》
元信息>>>>>>>inode
数据>>>>>>>>>block
一个文件必须占用一个inode,但至少占用一个block
对于磁盘而言,物理层面一个单元的表示形式是扇区
逻辑层面一个单元的表示形式是单元格
删除文件删的是inode,而不是block,当一个新文件的重新写入磁盘,覆盖到被删除文件的block时,才意味着文件的实际删除,所以当误删文件时,第一件事就是不要再在磁盘写入文件,通过数据恢复有可能找回到误删文件
inode包含文件的元信息
linux系统文件时间戳的三个主要的时间属性
[root@localhost ~]# cd /opt
[root@localhost opt]# ls
rh
[root@localhost opt]# touch abc.txt
[root@localhost opt]# vim abc.txt
[root@localhost opt]# ls -i '查看元信息'
35889299 abc.txt 1420654 rh
[root@localhost opt]# stat abc.txt ''查看文件详细元信息
文件:"abc.txt"
大小:13 块:8 IO 块:4096 普通文件
设备:fd00h/64768d Inode:35889299 硬链接:1
权限:(0644/-rw-r--r--) Uid:( 0/ root) Gid:( 0/ root)
环境:unconfined_u:object_r:usr_t:s0
最近访问:2019-11-16 17:57:53.373111661 +0800
最近更改:2019-11-16 17:57:53.373111661 +0800
最近改动:2019-11-16 17:57:53.375111659 +0800
创建时间:-
[root@localhost opt]# df -i '查看挂载点元信息'
文件系统 Inode 已用(I) 可用(I) 已用(I)% 挂载点
/dev/mapper/centos-root 10485760 125297 10360463 2% /
devtmpfs 250006 386 249620 1% /dev
tmpfs 253986 1 253985 1% /dev/shm
tmpfs 253986 620 253366 1% /run
tmpfs 253986 16 253970 1% /sys/fs/cgroup
/dev/sda1 3145728 328 3145400 1% /boot
/dev/mapper/centos-home 5242880 286 5242594 1% /home
tmpfs 253986 9 253977 1% /run/user/42
tmpfs 253986 16 253970 1% /run/user/0
/dev/sr0 0 0 0 - /run/media/root/CentOS 7 x86_64
tmpfs 253986 16 253970 1% /run/user/1000
//192.168.254.10/linuxs 0 0 0 - /aaa
innode 从一定意义上可以代表有多少个文件
全盘恢复数据原理:即在inode不在的情况下,去直接扫描block信息
permission denied 权限拒绝之意
| 软连接(符号链接) | 硬链接 | |
|---|---|---|
| 删除原始文件后 | 失效 | 仍旧可用 |
| 适用范围 | 适用于文件或目录 | 只可用于文件 |
| 保存位置 | 与原始文件可以位于不同的文件系统中 | 必须与原始文件在同一个文件系统(xfs系统,或者ext4等)中,如一个Linux分区内 |
extundelete软件包只能在centos-6或者centos-5使用,因为centos-6的默认文件系统类型是ext4,centos-5的默认文件类型是ext3
xfsdump --help
xfsdump——帮助
xfsdump: version 3.1.4 (dump format 3.0)
xfsdump:版本3.1.4(转储格式3.0)
xfsdump: usage: xfsdump [ -a (dump DMF dualstate files as offline) ]
xfsdump:用法:xfsdump[-(转储DMF双状态文件为离线)]
[ -b <blocksize> ]
[-b <块大小>]
[ -c <media change alert program> ]
[-c <媒体变更警报程序>]
[ -d <dump media file size> ]
[-d <转储媒体文件大小>]
[ -e (allow files to be excluded) ]
[-e(允许文件被排除)]
[ -f <destination> ...
[-f <目的>…]
]
]
[ -h (help) ]
[-h(帮助)]
[ -l <level> ]
[-l <level>]
[ -m (force usage of minimal rmt) ]
[-m(最低rmt的武力使用)]
[ -o (overwrite tape) ]
[-o(覆写带)]
[ -p <seconds between progress reports> ]
[-p < >进度报告之间的秒数]
[ -q <use QIC tape settings> ]
[-q <使用QIC磁带设置>]
[ -s <subtree> ...
[-s <子树>…]
]
]
[ -t <file> (use file mtime for dump time ]
[-t <文件>(使用文件mtime作为转储时间)]
[ -v <verbosity {silent, verbose, trace}> ]
[-v <verbosity {silent, verbose, trace}>]
[ -z <maximum file size> ]
[-z <最大文件大小>]
[ -A (don't dump extended file attributes) ]
[-(不要转储扩展文件属性)]
[ -B <base dump session id> ]
[-B <基本转储会话id>]
[ -D (skip unchanged directories) ]
[-D(跳过未更改的目录)]
[ -E (pre-erase media) ]
[-E(预删除媒体)]
[ -F (don't prompt) ]
[-F(不要提示)]
[ -I (display dump inventory) ]
[-I(显示转储库存)]
[ -J (inhibit inventory update) ]
[-J(禁止存货更新)]
[ -K (generate format 2 dump) ]
[-K(生成格式2转储)]
[ -L <session label> ]
[-L <会话标签>]
[ -M <media label> ...
[-M <媒体标签>…]
]
]
[ -O <options file> ]
[-O <选项文件>]
[ -R (resume) ]
[-R(简历)]
[ -T (don't timeout dialogs) ]
[-T(不要超时对话框)]
[ -Y <I/O buffer ring length> ]
[-Y <I/O缓冲环长度>]
[ - (stdout) ]
[-(标准版)]
[ <source (mntpnt|device)> ]
[<源(mntpnt|设备)>]内核及系统日志(服务日志,放在/var/log)
用户日志
程序日志
[root@localhost opt]# cd /var/log '切换到日志文件目录'
[root@localhost log]# ls
anaconda dmesg messages speech-dispatcher wpa_supplicant.log
audit dmesg.old ntpstats spooler wtmp
boot.log firewalld pluto sssd Xorg.0.log
boot.log-20191115 gdm ppp sudo Xorg.0.log.old
boot.log-20191116 glusterfs qemu-ga tallylog Xorg.1.log
btmp grubby_prune_debug rhsm tuned Xorg.1.log.old
chrony lastlog sa vmware-vgauthsvc.log.0 Xorg.2.log
cron libvirt samba vmware-vmsvc.log Xorg.9.log
cups maillog secure vmware-vmusr.log yum.log
[root@localhost log]# rpm -q httpd '查看程序是否安装'
未安装软件包 httpd
[root@localhost log]# yum install httpd -y
已安装:
httpd.x86_64 0:2.4.6-90.el7.centos
作为依赖被安装:
apr.x86_64 0:1.4.8-5.el7 apr-util.x86_64 0:1.5.2-6.el7 httpd-tools.x86_64 0:2.4.6-90.el7.centos
mailcap.noarch 0:2.1.41-2.el7
完毕!
[root@localhost log]# ls
anaconda dmesg.old ntpstats sssd Xorg.0.log.old
audit firewalld pluto sudo Xorg.1.log
boot.log gdm ppp tallylog Xorg.1.log.old
boot.log-20191115 glusterfs qemu-ga tuned Xorg.2.log
boot.log-20191116 grubby_prune_debug rhsm vmware-vgauthsvc.log.0 Xorg.9.log
btmp 'httpd' sa vmware-vmsvc.log yum.log
chrony lastlog samba vmware-vmusr.log
cron libvirt secure wpa_supplicant.log
cups maillog speech-dispatcher wtmp
dmesg messages spooler Xorg.0.log
[root@localhost log]# cd httpd/
[root@localhost httpd]# ls '此时httpd没有日志文件'
[root@localhost httpd]#
[root@localhost httpd]# systemctl start httpd.service '开启httpd'
[root@localhost httpd]# ls
access_log error_log '出现日志文件'
[root@localhost httpd]#
[root@localhost httpd]# cat access_log '查看访问日志'
[root@localhost httpd]#
[root@localhost httpd]# cat error_log '查看错误日志'
[Sat Nov 16 20:43:17.040961 2019] [core:notice] [pid 14701] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sat Nov 16 20:43:17.041673 2019] [suexec:notice] [pid 14701] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
[Sat Nov 16 20:43:17.049635 2019] [lbmethod_heartbeat:notice] [pid 14701] AH02282: No slotmem from mod_heartmonitor
[Sat Nov 16 20:43:17.071383 2019] [mpm_prefork:notice] [pid 14701] AH00163: Apache/2.4.6 (CentOS) configured -- resuming normal operations
[Sat Nov 16 20:43:17.071420 2019] [core:notice] [pid 14701] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[root@localhost httpd]# systemctl stop firewalld.service '关闭防火墙'
[root@localhost httpd]# setenforce 0
[root@localhost httpd]#
[root@localhost httpd]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.139.153 netmask 255.255.255.0 broadcast 192.168.139.255
inet6 fe80::413b:c9ad:e0e:1afc prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:d6:c0:8a txqueuelen 1000 (Ethernet)
RX packets 291080 bytes 77990464 (74.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 327629 bytes 19778549 (18.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost httpd]# cat access_log '再次查看访问日志,有记录了'
192.168.139.1 - - [16/Nov/2019:20:49:35 +0800] "GET / HTTP/1.1" 403 4897 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36"
192.168.139.1 - - [16/Nov/2019:20:49:35 +0800] "GET /noindex/css/bootstrap.min.css HTTP/1.1" 200 19341 "http://192.168.139.153/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36"
192.168.139.1 - - [16/Nov/2019:20:49:35 +0800] "GET /noindex/css/open-sans.css HTTP/1.1" 200 5081 "http://192.168.139.153/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36"
192.168.139.1 - - [16/Nov/2019:20:49:35 +0800] "GET /images/apache_pb.gif HTTP/1.1" 200 2326 "http://192.168.139.153/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36"
192.168.139.1 - - [16/Nov/2019:20:49:35 +0800] "GET /images/poweredby.png HTTP/1.1" 200 3956 "http://192.168.139.153/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36"
192.168.139.1 - - [16/Nov/2019:20:49:35 +0800] "GET /noindex/css/fonts/Bold/OpenSans-Bold.woff HTTP/1.1" 404 239 "http://192.168.139.153/noindex/css/open-sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36"
192.168.139.1 - - [16/Nov/2019:20:49:35 +0800] "GET /noindex/css/fonts/Light/OpenSans-Light.woff HTTP/1.1" 404 241 "http://192.168.139.153/noindex/css/open-sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36"
192.168.139.1 - - [16/Nov/2019:20:49:35 +0800] "GET /favicon.ico HTTP/1.1" 404 209 "http://192.168.139.153/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36"
192.168.139.1 - - [16/Nov/2019:20:49:35 +0800] "GET /noindex/css/fonts/Light/OpenSans-Light.ttf HTTP/1.1" 404 240 "http://192.168.139.153/noindex/css/open-sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36"
192.168.139.1 - - [16/Nov/2019:20:49:35 +0800] "GET /noindex/css/fonts/Bold/OpenSans-Bold.ttf HTTP/1.1" 404 238 "http://192.168.139.153/noindex/css/open-sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36"
::1 - - [16/Nov/2019:20:49:43 +0800] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.6 (CentOS) (internal dummy connection)"
::1 - - [16/Nov/2019:20:49:44 +0800] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.6 (CentOS) (internal dummy connection)"
| 级别 | 严重程度 | 解释 |
|---|---|---|
| 0 | EMERG(紧急) | 会导致主机系统不可用的情况(基本上已经没得救了,开机都开不了,服务器瘫痪这样的严重程度) |
| 1 | ALERT(警告) | 必须马上采取措施解决的问题(兵临城下,需要立刻解决的) |
| 2 | CRIT(严重) | 比较严重的情况(严重的错误,比如需要重新安装服务) |
| 3 | ERR(错误) | 运行出现错误(一般级别都设置在这个位置) |
| 4 | WARNING(提醒) | 可能会影响系统功能的事件(勤快的都设置在这) |
| 5 | NOTICE(注意) | 不会影响系统但值得注意 |
| 6 | INFO(信息) | 一般信息 |
| 7 | DEBUG(调试) | 程序或系统调试信息等(做测试使用这个级别) |
如果文件未予指定,则使用/var/run/utmp,/var/log/wtmp 是通用的相关文件。
-a, --all 等于-b -d --login -p -r -t -T -u 选项的组合
-b, --boot 上次系统启动时间
-d, --dead 显示已死的进程
-H, --heading 输出头部的标题列
-l,--login 显示系统登录进程
--lookup 尝试通过 DNS 查验主机名
-m 只面对和标准输入有直接交互的主机和用户
-p, --process 显示由 init 进程衍生的活动进程
-q, --count 列出所有已登录用户的登录名与用户数量
-r, --runlevel 显示当前的运行级别
-s, --short 只显示名称、线路和时间(默认)
-T, -w, --mesg 用+,- 或 ? 标注用户消息状态
-u, --users 列出已登录的用户
--message 等于-T
--writable 等于-T
--help 显示此帮助信息并退出
--version 显示版本信息并退出
w: 显示已经登录的用户以及他们在做什么
last:显示最近登录的用户列表
[root@localhost httpd]# last
root pts/0 :0 Sat Nov 16 17:57 still logged in
gsy :1 :1 Fri Nov 15 09:45 still logged in
root pts/0 :0 Fri Nov 15 09:30 - 17:56 (1+08:26)
root :0 :0 Fri Nov 15 09:29 still logged in
reboot system boot 3.10.0-693.el7.x Fri Nov 15 09:20 - 20:58 (1+11:38)
root pts/0 :0 Fri Nov 15 08:50 - 09:19 (00:28)
root :0 :0 Fri Nov 15 08:50 - down (00:29)
reboot system boot 3.10.0-693.el7.x Fri Nov 15 08:49 - 09:19 (00:29)
root pts/0 :0 Fri Nov 15 08:32 - 08:47 (00:14)
root :0 :0 Fri Nov 15 08:32 - crash (00:16)
reboot system boot 3.10.0-693.el7.x Fri Nov 15 08:31 - 09:19 (00:47)
reboot system boot 3.10.0-693.el7.x Thu Nov 14 20:18 - 08:24 (12:06)
root pts/0 :0 Thu Nov 14 19:46 - 20:17 (00:31)
root :0 :0 Thu Nov 14 19:46 - down (00:31)
reboot system boot 3.10.0-693.el7.x Thu Nov 14 19:45 - 20:17 (00:32)
root pts/1 :1 Thu Nov 14 19:11 - 19:42 (00:31)
root :1 :1 Thu Nov 14 19:10 - crash (00:34)
gsy pts/1 :0 Thu Nov 14 17:33 - 17:33 (00:00)
gsy pts/0 :0 Thu Nov 14 17:26 - 19:42 (02:15)
gsy pts/0 :0 Fri Nov 1 08:58 - 08:59 (00:00)
gsy pts/0 :0 Wed Oct 23 13:46 - 13:46 (00:00)
gsy :0 :0 Wed Oct 23 13:44 - crash (22+06:00)
reboot system boot 3.10.0-693.el7.x Wed Oct 23 13:42 - 20:17 (22+06:35)
wtmp begins Wed Oct 23 13:42:11 2019
日志文件的作用:可以用来判断服务器是否故障、用于备份的作用
小结:
新加一块测试盘
[root@localhost ~]# init 6 '关机重启'
[root@localhost ~]# fdisk /dev/sdb '给磁盘分区'
[root@localhost ~]# mkfs.xfs /dev/sdb1 '格式化磁盘'
meta-data=/dev/sdb1 isize=512 agcount=4, agsize=1310656 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0, sparse=0
data = bsize=4096 blocks=5242624, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@localhost ~]# mkdir /ceshi '创建测试挂载点'
[root@localhost ~]# vim /etc/fstab '编辑挂载点配置文件'
/dev/mapper/centos-swap swap swap defaults 0 0
/dev/sdb1 /ceshi xfs defaults 0 0
:wq
[root@localhost ~]# mount -a '重新挂载'
[root@localhost ~]# df -Th '查看'
文件系统 类型 容量 已用 可用 已用% 挂载点
/dev/mapper/centos-root xfs 20G 4.5G 16G 23% /
devtmpfs devtmpfs 977M 0 977M 0% /dev
tmpfs tmpfs 993M 0 993M 0% /dev/shm
tmpfs tmpfs 993M 9.0M 984M 1% /run
tmpfs tmpfs 993M 0 993M 0% /sys/fs/cgroup
/dev/sda1 xfs 6.0G 161M 5.9G 3% /boot
/dev/mapper/centos-home xfs 10G 57M 10G 1% /home
tmpfs tmpfs 199M 4.0K 199M 1% /run/user/42
tmpfs tmpfs 199M 20K 199M 1% /run/user/0
/dev/sr0 iso9660 4.3G 4.3G 0 100% /run/media/root/CentOS 7 x86_64
/dev/sdb1 xfs 20G 33M 20G 1% /ceshi '已挂载上'
[root@localhost ~]# cd /ceshi '切换到测试挂载点'
[root@localhost ceshi]# cp /etc/passwd /etc/shadow ./ '复制账号文件到/ceshi下'
[root@localhost ceshi]# ls
passwd shadow
[root@localhost ceshi]# mkdir test '创建一个test目录'
[root@localhost ceshi]# mv sh* test '把shadow移动到test内'
[root@localhost ceshi]# ls
passwd test
[root@localhost ceshi]# ls test
shadow
[root@localhost ceshi]# xfsdump -f /opt/xfs_dump /ceshi '备份文件到/opt/下,名为xfs_dump'
xfsdump: using file dump (drive_simple) strategy
xfsdump: version 3.1.4 (dump format 3.0) - type ^C for status and control
============================= dump label dialog ==============================
please enter label for this dump session (timeout in 300 sec)
-> xfs_dump
session label entered: "xfs_dump" '输入会话标签为xfs_dump'
--------------------------------- end dialog ---------------------------------
xfsdump: level 0 dump of localhost.localdomain:/ceshi
xfsdump: dump date: Sat Nov 16 21:50:26 2019
xfsdump: session id: c175a633-fd65-433f-ac2e-a1a18ae5f686
xfsdump: session label: "xfs_dump"
xfsdump: ino map phase 1: constructing initial dump list
xfsdump: ino map phase 2: skipping (no pruning necessary)
xfsdump: ino map phase 3: skipping (only one dump stream)
xfsdump: ino map construction complete
xfsdump: estimated dump size: 29952 bytes
xfsdump: /var/lib/xfsdump/inventory created
============================= media label dialog =============================
please enter label for media in drive 0 (timeout in 300 sec)
-> /ceshi
media label entered: "/ceshi" '输入媒体标签'
--------------------------------- end dialog ---------------------------------
xfsdump: creating dump session media file 0 (media 0, file 0)
xfsdump: dumping ino map
xfsdump: dumping directories
xfsdump: dumping non-directory files
xfsdump: ending media file
xfsdump: media file size 27128 bytes
xfsdump: dump size (non-dir files) : 4160 bytes
xfsdump: dump complete: 62 seconds elapsed
xfsdump: Dump Summary:
xfsdump: stream 0 /opt/xfs_dump OK (success)
xfsdump: Dump Status: SUCCESS '反馈成功'
[root@localhost ceshi]# ls /opt/
abc.txt rh xfs_dump '备份文件已做好'
[root@localhost ceshi]# rm -fr * '删掉源文件'
[root@localhost ceshi]# ls
[root@localhost ceshi]# xfsrestore -f /opt/xfs_dump /ceshi '把在/opt/下面的备份文件xfs_dump还原'
xfsrestore: using file dump (drive_simple) strategy
xfsrestore: version 3.1.4 (dump format 3.0) - type ^C for status and control
xfsrestore: searching media for dump
xfsrestore: examining media file 0
xfsrestore: dump description:
xfsrestore: hostname: localhost.localdomain
xfsrestore: mount point: /ceshi
xfsrestore: volume: /dev/sdb1
xfsrestore: session time: Sat Nov 16 21:50:26 2019
xfsrestore: level: 0
xfsrestore: session label: "xfs_dump"
xfsrestore: media label: "/ceshi"
xfsrestore: file system id: 30939ae0-e0df-4561-b8bc-fc4ebe99c7f2
xfsrestore: session id: c175a633-fd65-433f-ac2e-a1a18ae5f686
xfsrestore: media id: c4244361-30d3-4df5-9197-e6712eb8d8bd
xfsrestore: using online session inventory
xfsrestore: searching media for directory dump
xfsrestore: reading directories
xfsrestore: 2 directories and 3 entries processed
xfsrestore: directory post-processing
xfsrestore: restoring non-directory files
xfsrestore: restore complete: 0 seconds elapsed
xfsrestore: Restore Summary:
xfsrestore: stream 0 /opt/xfs_dump OK (success)
xfsrestore: Restore Status: SUCCESS '反馈成功'
[root@localhost ceshi]# ls
passwd test '查看发现存在'
[root@localhost ceshi]#
依旧是创建一块新磁盘,重新启动
[root@gsy ~]# df -Th '查看yum私有仓库是否挂载'
Filesystem Type Size Used Avail Use% Mounted on
/dev/sda2 ext4 20G 3.2G 16G 18% /
tmpfs tmpfs 996M 224K 996M 1% /dev/shm
/dev/sda1 ext4 5.8G 168M 5.4G 3% /boot
/dev/sda3 ext4 9.7G 150M 9.0G 2% /home
/dev/sr0 iso9660 3.6G 3.6G 0 100% /media/RHEL_6.5 x86_64 Disc 1
//192.168.254.10/linuxs cifs 455G 90G 366G 20% /linuxs
/dev/sr0 iso9660 3.6G 3.6G 0 100% /yumcangku
[root@gsy Packages]# rpm -ivh e2fsprogs-libs-1.41.12-18.el6.x86_64.rpm '安装环境包'
warning: e2fsprogs-libs-1.41.12-18.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing... ########################################### [100%]
package e2fsprogs-libs-1.41.12-18.el6.x86_64 is already installed
[root@gsy Packages]# rpm -ivh libcom_err-devel-1.41.12-18.el6.x86_64.rpm
warning: libcom_err-devel-1.41.12-18.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing... ########################################### [100%]
package libcom_err-devel-1.41.12-18.el6.x86_64 is already installed
[root@gsy Packages]# rpm -ivh e2fsprogs-devel-1.41.12-18.el6.x86_64.rpm
warning: e2fsprogs-devel-1.41.12-18.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing... ########################################### [100%]
package e2fsprogs-devel-1.41.12-18.el6.x86_64 is already installed
[root@gsy Packages]# mkdir /linuxs '创建挂载点'
[root@gsy Packages]# mount //192.168.254.10/linuxs /linuxs
'源地址是我的共享文件夹,想知道如何配置共享文件夹可以去看我的博客,我会在评论中附上对应博客地址'
[root@gsy Packages]# cd /linuxs
[root@gsy linuxs]# ls
apr-1.4.6.tar.gz extundelete-0.2.4.tar.bz2 john-1.8.0.tar.gz
apr-util-1.4.1.tar.gz httpd-2.4.2.tar.gz
[root@gsy linuxs]# tar xjvf extundelete-0.2.4.tar.bz2 -C /mnt '解压extundelete'
[root@gsy linuxs]# cd /mnt
[root@gsy mnt]# ls
extundelete-0.2.4
[root@gsy mnt]# cd extundelete-0.2.4/ '切换到解压包内'
[root@gsy extundelete-0.2.4]# ls
acinclude.m4 config.h config.status depcomp Makefile missing stamp-h2
aclocal.m4 config.h.in configure install-sh Makefile.am README
autogen.sh config.log configure.ac LICENSE Makefile.in src
[root@gsy extundelete-0.2.4]# yum install gcc gcc-c++ -y '安装手工编译安装工具'
[root@gsy extundelete-0.2.4]# ./configure '配置'
Configuring extundelete 0.2.4
Writing generated files to disk
[root@gsy extundelete-0.2.4]# make
make -s all-recursive
Making all in src
[root@gsy extundelete-0.2.4]# make install '编译'
Making install in src
/usr/bin/install -c extundelete '/usr/local/bin'
[root@gsy extundelete-0.2.4]# fdisk /dev/sdb '创建磁盘分区,默认即可'
[root@gsy extundelete-0.2.4]# mkfs -t ext4 /dev/sdb1 '格式化,磁盘格式为ext4'
mke2fs 1.41.12 (17-May-2010)
文件系统标签=
操作系统:Linux
块大小=4096 (log=2)
分块大小=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
1310720 inodes, 5241198 blocks
262059 blocks (5.00%) reserved for the super user
第一个数据块=0
Maximum filesystem blocks=4294967296
160 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000
正在写入inode表: 完成
Creating journal (32768 blocks): 完成
Writing superblocks and filesystem accounting information: 完成
This filesystem will be automatically checked every 29 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
[root@gsy extundelete-0.2.4]# mkdir /data '创建磁盘挂载点'
[root@gsy extundelete-0.2.4]# mount /dev/sdb1 /data
[root@gsy extundelete-0.2.4]# df -Th
Filesystem Type Size Used Avail Use% Mounted on
/dev/sda2 ext4 20G 3.2G 16G 18% /
tmpfs tmpfs 996M 224K 996M 1% /dev/shm
/dev/sda1 ext4 5.8G 168M 5.4G 3% /boot
/dev/sda3 ext4 9.7G 150M 9.0G 2% /home
/dev/sr0 iso9660 3.6G 3.6G 0 100% /media/RHEL_6.5 x86_64 Disc 1
//192.168.254.10/linuxs cifs 455G 90G 366G 20% /linuxs
/dev/sr0 iso9660 3.6G 3.6G 0 100% /yumcangku
/dev/sdb1 ext4 20G 172M 19G 1% /data
[root@gsy extundelete-0.2.4]# cd /data
[root@gsy data]# ls
lost+found
[root@gsy data]# echo a>a
[root@gsy data]# echo a>b '创建测试文件'
[root@gsy data]# echo c>c
[root@gsy data]# ls
a b c lost+found
[root@gsy data]# rm -rf b '删掉一个'
[root@gsy data]# ls
a c lost+found
[root@gsy data]# cd ../
[root@gsy /]# umount /data '先取消挂载,不要再再里面写东西,以免覆盖'
[root@gsy /]# extundelete /dev/sdb1 --restore-all '全盘恢复'
NOTICE: Extended attributes are not restored.
Loading filesystem metadata ... 160 groups loaded.
Loading journal descriptors ... 29 descriptors loaded.
Searching for recoverable inodes in directory / ...
0 recoverable inodes found.
Looking through the directory structure for deleted files ...
0 recoverable inodes still lost.
No files were undeleted. ''没有恢复成功
[root@gsy /]# cd
[root@gsy ~]# mount /dev/sdb1 /data '再次挂载'
[root@gsy ~]# ls
anaconda-ks.cfg install.log.syslog 模板 图片 下载 桌面
install.log 公共的 视频 文档 音乐
[root@gsy ~]# ls /data
a c lost+found
[root@gsy ~]# rm -rf /data/a /data/c '再次删除测试'
[root@gsy ~]# ls /data
lost+found
[root@gsy ~]# umount /data
[root@gsy ~]# extundelete /dev/sdb1 --restore-all
NOTICE: Extended attributes are not restored.
Loading filesystem metadata ... 160 groups loaded.
Loading journal descriptors ... 30 descriptors loaded.
Searching for recoverable inodes in directory / ...
2 recoverable inodes found. '这次有反应了'
Looking through the directory structure for deleted files ...
0 recoverable inodes still lost.
[root@gsy ~]# ls '查看家目录'
anaconda-ks.cfg install.log.syslog 公共的 视频 文档 音乐
install.log RECOVERED_FILES 模板 图片 下载 桌面
[root@gsy ~]# ls RECOVERED_FILES/ '切换到恢复文件目录中'
a c
[root@gsy ~]# cd RECOVERED_FILES/
[root@gsy RECOVERED_FILES]# cp a c /mnt '把文件拷贝到/mnt'
[root@gsy RECOVERED_FILES]# ls /mnt
a c extundelete-0.2.4 '成功,回复数据也是有几率,不是百分百成功的'
[root@gsy RECOVERED_FILES]#
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。