I was working on my Debian machine few days ago when accidentally I pressed "rm -rf *" in a wrong directory(my main working directory). Well, I lost all the data. And after hunting net for hours, find out that there is no traditional method available for recovering files in ext3 file system.
In Ext2 file system, OS marks the blocks, inode and directory entry associated with the deleted file as unused. It did not use to delete the links, so that other files could still use them. And because of this, recovery of lost files were possible using certain tools like debufs, e2undel, recover, Midnight Commander etc. Giis-gET iT i sAY also claims to recover files from both ext2 and ext3 file system but I don't know it works or not.
In Ext3 file system, when the file is deleted, file size and block addresses in inodes are also deleted. Therefore, its not possible to find out where the file was originally located or more specifically it becomes difficult to track back the inode of the file using debugfs.
But, if you are lucky, file could still be there in your hard drive, though in chunks. Steps you must follow -
- Do not save any file in the same partition in which your deleted files were. This might result in overwriting of occupied blocks of deleted files.
- Mount another drive to the system(if not mounted) to save the dump.
- Find the Partition in which deleted files was there using `mount -t`
- If you know certain lines from the file, which are more or less unique to the file you deleted, then it might be useful. In my case, my Perl code began with "package rankSentences;", so I used that as the identifying text.
- Try the command =>
here,
- -a is for treating text file as if it is binary file.
- -A Number of lines of the dump that you want to extract after the "indentifyingText" (which was "package rankSentences" in my case.
- -B Number of lines before "identifyingText" you want to extract.
If you don't specify "identifyingText" this might result in dump.txt to be very large in size as it will start dumping the data of complete partition to that file.
And ya, be patient, it might take some time depending upon the size of your partition. After running that command you can look for chunks of your deleted file in dump.txt. And if you are lucky, you might find the complete file at one place. :)
--compiled from various sources on net.
4 comments:
rm -rf *??!! What were you thinking?
As I said, I had 10 shells opened. And I accidentally typed that on a wrong shell.
I just lost a file by type rm * instead of cp *. Your post saved my day.
Thanks!
I have spent most of my life in Kenya,tory burch East Africa I was intrigued to hear MBT shoes,tory burch shoes otherwise known as Masai Barefoot Technology.MBT shoes are most definitely not a fashion statement and can look a bit odd. tory burch outlet Invented in 1997 by Swiss Engineer Karl Mueller, Mbt's are seen as a highly performing aid to fitness. cheap tory burch MBT's are designed to be breathable, flexible and comfortable. tory burch boots The MBT shoes uniquely mbt designed sole, very similar to the 'tyre shoes' often worn by East African Tribal people, are said to mimic walking around barefoot in the sand.tory burch flip flops MBT shoes are slightly weighted and distribute weight evenly across the entire foot and as your body reacts to the weight and instability of the mbt shoe's sole design, muscles,tory burch handbag often those neglected, are made to work to correct this instability.tory burch handbags outlet Could there then be a better way to tone up when the only fitness aid you need is a pair of MBT shoes? tory burch heels MBT shoes can have a beneficial effect on the entire body and MBT shoes are said to enhance both training and massage effects on the body.tory burch flats Here are a few reasons why: All you need to do is start walking. Walking is probably one of the , most popular, tory burch flats cheap simplest, cheapest and enjoyable recreational activities one can find. Walking alone improves circulation, boosts your immunity, strengthens the performance of the lungs and heart, betters your mood, improves muscle tone and gets you out of the house.tory burch wallet Add a pair of Mbt shoes to the equation and many of the benefits are magnified and mbt schuhe muscles, not often used, start to be trained.
Post a Comment