Sisyphus repositório
Última atualização: 1 outubro 2023 | SRPMs: 18631 | Visitas: 37776351
en ru br
ALT Linux repositórios
S:0.2-alt1

Group :: Ferramentas de Arquivo
RPM: forensic-scripts

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs e FR  Repocop 

forensic-scripts-0.1/000075500000000000000000000000001233416266400146545ustar00rootroot00000000000000forensic-scripts-0.1/lvm2-forensic000075500000000000000000000113731233416266400172750ustar00rootroot00000000000000#!/bin/bash

# 06/05/2014, author: Maxim Suhanov

#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 2 of the License, or
#    (at your option) any later version.

#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.

#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.

list_volumes()
{
	blkid -o device | grep -vE '^/dev/loop([[:digit:]]+|/.*)$'
}

list_loops()
{
	blkid -o device | grep -E '^/dev/loop([[:digit:]]+|/.*)$'
}

get_type()
{
	blkid -o value -s TYPE "$1"
}

lo_setup()
{
	loopinfo=`losetup -j "$1"`
	if [ -z "$loopinfo" ]; then
		losetup -r -f "$1" 2> /dev/null # Do not remove "-r"!
		if [ $? != 0 ]; then
			echo "Cannot setup loop device! $1 will be ignored..."
		fi
	else
		echo "$1 is already on loop device!"
	fi
}

lvm_config='
config {
    checks = 1
    abort_on_errors = 0
    profile_dir = "/etc/lvm/profile"
}
devices {
    dir = "/dev"
    scan = [ "/dev" ]
    obtain_device_list_from_udev = 1
    preferred_names = [ ]
    filter = [ "a/^/dev/loop/", "r/.*/" ] # Use loop devices only!
    cache_dir = "/run/lvm"
    cache_file_prefix = ""
    write_cache_state = 1
    sysfs_scan = 1
    multipath_component_detection = 1
    md_component_detection = 1
    md_chunk_alignment = 1
    data_alignment_detection = 1
    data_alignment = 0
    data_alignment_offset_detection = 1
    ignore_suspended_devices = 0
    ignore_lvm_mirrors = 1
    disable_after_error_count = 0
    require_restorefile_with_uuid = 1
    pv_min_size = 2048
    issue_discards = 0
}
allocation {
    maximise_cling = 1
    mirror_logs_require_separate_pvs = 0
    thin_pool_metadata_require_separate_pvs = 0
}
log {
    verbose = 0
    silent = 0
    syslog = 1
    overwrite = 0
    level = 0
    indent = 1
    command_names = 0
    prefix = "  "
    debug_classes = [ "memory", "devices", "activation", "allocation",
		      "lvmetad", "metadata", "cache", "locking" ]
}
backup {
    backup = 1
    backup_dir = "/etc/lvm/backup"
    archive = 1
    archive_dir = "/etc/lvm/archive"
    retain_min = 10
    retain_days = 30
}
shell {
    history_size = 100
}
global {
    umask = 077
    test = 0
    units = "h"
    si_unit_consistency = 1
    activation = 1
    proc = "/proc"
    locking_type = 1
    wait_for_locks = 1
    fallback_to_clustered_locking = 1
    fallback_to_local_locking = 1
    locking_dir = "/run/lock/lvm"
    prioritise_write_locks = 1
    abort_on_internal_errors = 0
    detect_internal_vg_cache_corruption = 0
    metadata_read_only = 0
    mirror_segtype_default = "raid1"
    raid10_segtype_default = "raid10"
    use_lvmetad = 0
}
activation {
    checks = 0
    udev_sync = 1
    udev_rules = 1
    verify_udev_operations = 0
    retry_deactivation = 1
    missing_stripe_filler = "error"
    use_linear_target = 1
    reserved_stack = 64
    reserved_memory = 8192
    process_priority = -18
    raid_region_size = 512
    readahead = "auto"
    raid_fault_policy = "warn"
    mirror_log_fault_policy = "allocate"
    mirror_image_fault_policy = "remove"
    snapshot_autoextend_threshold = 100
    snapshot_autoextend_percent = 20
    thin_pool_autoextend_threshold = 100
    thin_pool_autoextend_percent = 20
    use_mlockall = 0
    monitoring = 0
    polling_interval = 15
}
dmeventd {
    mirror_library = "libdevmapper-event-lvm2mirror.so"
    snapshot_library = "libdevmapper-event-lvm2snapshot.so"
    thin_library = "libdevmapper-event-lvm2thin.so"
}
'

activate_lvm()
{
	for volume in `list_volumes`; do
		volume_type=`get_type "$volume"`
		if [ `echo "$volume_type" | grep '^LVM2_member$'` ]; then
			lo_setup "$volume"
		fi
	done

	echo "Running 'vgscan'..."; vgscan --config "$lvm_config"
	echo "Running 'vgchange -a y'..."; vgchange --config "$lvm_config" -a y
	echo "Running 'lvdisplay'..."; lvdisplay --config "$lvm_config"
	echo "Running 'vgdisplay'..."; vgdisplay --config "$lvm_config"
	echo "Running 'pvdisplay'..."; pvdisplay --config "$lvm_config"
	echo "Note:"
	echo "	Execute '$0 stop' to deactivate LVM!"
}

deactivate_lvm()
{
	echo "Running 'vgchange -a n'..."; vgchange --config "$lvm_config" -a n
	echo "Deleting loop devices..."
	for volume in `list_loops`; do
		volume_type=`get_type "$volume"`
		if [ `echo "$volume_type" | grep '^LVM2_member$'` ]; then
			losetup -d "$volume"
		fi
	done
}

if [ -z "$1" ] || [ "$1" == 'start' ]; then
	activate_lvm
elif [ "$1" == 'stop' ]; then
	deactivate_lvm
else
	echo "Usage: $0 [start|stop]" >&2
	exit 1
fi
forensic-scripts-0.1/mount-forensic000075500000000000000000000034601233416266400175550ustar00rootroot00000000000000#!/bin/sh

# 19/04/2014, author: Maxim Suhanov

# Changes:
# 05/05/2014: don't call the /sbin/mount.<filesystem> helper.
# 06/05/2014: handle jfs too

#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 2 of the License, or
#    (at your option) any later version.

#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.

#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.

list_volumes()
{
	imgdev="$(findmnt -o SOURCE -n /image | head -n 1)"
	blkid -o device | grep -vE "^(/dev/loop([[:digit:]]+|/.*)|$imgdev)$"
}

get_fstype()
{
	blkid -o value -s TYPE "$1"
}

get_mountopts()
{
	opts='ro,loop,noexec' # Do not remove "loop"!
	case "$1" in
		ntfs) opts="$opts,nls=utf8";;
		vfat) opts="$opts,utf8";;
		jfs)  opts="$opts,iocharset=utf8";;
	esac
	echo "$opts"
}

get_mountpoint()
{
	mountpoint="/mnt/$(basename "$1")/"
	echo "$mountpoint"
	mkdir "$mountpoint" 2> /dev/null
}

mount_forensic()
{
	for volume in `list_volumes`; do
		volume_fs="$(get_fstype "$volume")"
		case "$volume_fs" in
		swap|*_member|crypto_*|"")
			continue;;
		esac
		opts="$(get_mountopts "$volume_fs")"
		mountpoint="$(get_mountpoint "$volume")"
		[ -n "$mountpoint" ] || continue
		mountpoint -q "$mountpoint" && continue
		# we don't expect any spaces in a devname but...
		cmd="mount -i -t $volume_fs -o $opts"
		echo "Executing: $cmd \"$volume\" \"$mountpoint\""
		$cmd "$volume" "$mountpoint"
	done
}


mount_forensic
forensic-scripts-0.1/raid-forensic000075500000000000000000000036501233416266400173330ustar00rootroot00000000000000#!/bin/bash

# 06/05/2014, author: Maxim Suhanov

#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation, either version 2 of the License, or
#    (at your option) any later version.

#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.

#    You should have received a copy of the GNU General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.

config='/etc/mdadm-ro.conf'

list_volumes()
{
	blkid -o device | grep -vE '^/dev/loop([[:digit:]]+|/.*)$'
}

list_loops()
{
	blkid -o device | grep -E '^/dev/loop([[:digit:]]+|/.*)$'
}

get_type()
{
	blkid -o value -s TYPE "$1"
}

lo_setup()
{
	loopinfo=`losetup -j "$1"`
	if [ -z "$loopinfo" ]; then
		losetup -r -f "$1" 2> /dev/null # Do not remove "-r"!
		if [ $? != 0 ]; then
			echo "Cannot setup loop device! $1 will be ignored..."
		fi
	else
		echo "$1 is already on loop device!"
	fi
}

activate_raid()
{
	for volume in `list_volumes`; do
		volume_type=`get_type "$volume"`
		if [ `echo "$volume_type" | grep '^linux_raid'` ]; then
			lo_setup "$volume"
		fi
	done

	echo "Running 'mdadm -As'..."; mdadm -As --config="$config"
	echo "Note:"
	echo "	Execute '$0 stop' to stop RAID!"
}

deactivate_raid()
{
	echo "Running 'mdadm --stop --scan'..."
	mdadm --stop --scan --config="$config"
	echo "Deleting loop devices..."
	for volume in `list_loops`; do
		volume_type=`get_type "$volume"`
		if [ `echo "$volume_type" | grep '^linux_raid'` ]; then
			losetup -d "$volume"
		fi
	done
}

if [ -z "$1" ] || [ "$1" == 'start' ]; then
	activate_raid
elif [ "$1" == 'stop' ]; then
	deactivate_raid
else
	echo "Usage: $0 [start|stop]" >&2
	exit 1
fi
 
projeto & código: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
mantenedor atual: Michael Shigorin
mantenedor da tradução: Fernando Martini aka fmartini © 2009