Recover deleted files in Linux

Sometimes we want to recover deleted from in our Linux machine, so today in this article we will discuss about the same. To recover deleted files we will use Photorec recovery tool though there are many other applications/packages available that we will discuss later. In this article we will use Ubuntu as our OS.

Photorec searches for 80 different types of files and it is part of testdisk package.

Installation:

Package required: testdisk

alok@ranjan:~$ sudo apt-get install testdisk

If we want to recover any image file the we can use the below command:

sudo photorec imagefilename

We can directly recover files from any device as well. For that we can use photorec command without any argument, which will give the menu for available devices.

Then it will ask to select the appropriate disk/media. We can use arrow key to move the cursor and Enter to select the choice.

alok@ranjan:~$ sudo photorec PhotoRec 6.11, Data Recovery Utility, April 2009 Christophe GRENIER <grenier@cgsecurity.org> http://www.cgsecurity.org   PhotoRec is free software, and comes with ABSOLUTELY NO WARRANTY. Select a media (use Arrow keys, then press Enter): Disk /dev/sda - 214 GB / 200 GiB (RO) - VMware Virtual disk [Proceed ]    [  Quit  ] Note: Disk capacity must be correctly detected for a successful recovery. If a disk listed above has incorrect size, check HD jumper settings, BIOS detection, and install the latest OS patches and disk drivers.

System will ask for the partition table type used as below:

Christophe GRENIER <grenier@cgsecurity.org> http://www.cgsecurity.org PhotoRec 6.11, Data Recovery Utility, April 2009 Christophe GRENIER <grenier@cgsecurity.org> http://www.cgsecurity.org Disk /dev/sda - 214 GB / 200 GiB (RO) - VMware Virtual disk Please select the partition table type, press Enter when done. [Intel  ]  Intel/PC partition [EFI GPT]  EFI GPT partition map (Mac i386, some x86_64...) [Mac    ]  Apple partition map [None   ]  Non partitioned media [Sun    ]  Sun Solaris partition [XBox   ]  XBox partition [Return ]  Return to disk selection Note: Do NOT select 'None' for media with only a single partition. It's very rare for a drive to be 'Non-partitioned'.

I have selected Intel/PC partition as my partition type and press Enter to proceed. Then system will ask to select the partition name to recover files, if we want to search in whole disk we can select No Partition.

PhotoRec 6.11, Data Recovery Utility, April 2009 Christophe GRENIER <grenier@cgsecurity.org> http://www.cgsecurity.org Disk /dev/sda - 214 GB / 200 GiB (RO) - VMware Virtual disk      Partition                  Start        End    Size in sectors      No partition             0   0  1 26108  85 25  419430400 [Whole disk]  1 * Linux                    0  32 33 25044 159 11  402339840  2 E extended             25044 191 42 26108  52 56   17084418  5 L Linux Swap           25044 191 44 26108  52 56   17084416 [ Search ]  [Options ]  [File Opt]  [  Quit  ]                               Start file recovery

To recover lost files Photorec will ask for the filesystem type where files were stored as below:

PhotoRec 6.11, Data Recovery Utility, April 2009 Christophe GRENIER <grenier@cgsecurity.org> http://www.cgsecurity.org  2 E extended             25044 191 42 26108  52 56   17084418 To recover lost files, PhotoRec need to know the filesystem type where the file were stored: [ ext2/ext3 ]  ext2/ext3/ext4 filesystem [ Other     ]  FAT/NTFS/HFS+/ReiserFS/...

In our case we have selected the ext2/ext3 as the filesystem by using the arrow key and then press Enter. The Photorec will ask for the location were recovered files will be saved. By default it will save the recovered files in home directory after pressing Y key. If we want to save the recovered files in some other location or to external drive then we can use the arrow key to select .. and hit Enter key and select the desired drive. Once we will select the desired location we can hit Enter to proceed further. 

PhotoRec 6.11, Data Recovery Utility, April 2009 Christophe GRENIER <grenier@cgsecurity.org> http://www.cgsecurity.org Disk /dev/sda - 214 GB / 200 GiB (RO) - VMware Virtual disk      Partition                  Start        End    Size in sectors  2 E extended             25044 191 42 26108  52 56   17084418 Pass 1 - Reading sector    8279378/17084418, 120 files found Elapsed time 0h00m41s - Estimated time for achievement 0h00m43 txt: 98 recovered sqlite: 14 recovered elf: 8 recovered   Stop

After recovering files we can Quit the Photorec to close the application. Recovered files will be stored in recup_dir directory at given location.

 Thanks for reading the article. Keep visiting and let us know your feedback.

Read More

LAMP Server setup in CentOS 6

In this article we will discuss how to setup a LAMP (Linux OS, Apache web server, MySql database,

LAMP Server Setup

PHP) server in CentOS 6 with PhpMyAdmin for graphical administration of MySql.

1. Apache installation and configuration:

For creating a web-server we need to first install and configure Apache web-server. Following are the specification for apache web-server:

•        Packages required: httpd
•       Available in default CentOS repository: Yes
•        Additional module required: mod_ssl ( If you want a ssl enabled website)
•        Default location for apache configuration file:   /etc/httpd/conf/httpd.conf
• .      Default DocumentRoot: /var/www/html

Installation commands for httpd and mod_ssl:

root@alokranjan:~# yum install httpd -y root@alokranjan:~# yum install mod_ssl

  

After installation has done we need to start the httpd service and add this service at start-up.

root@alokranjan:~# service httpd start root@alokranjan:~# chkconfig httpd on

2. Mysql server installation and configuration:

For creating a database we will install and configure MySql. Following are the specification for MySql:

• Packages required: mysql-server 
• Available in default CentOS repository: Yes
• Any Specific module need to compile during mysql installation: phpmyadmin (for graphical interface)
• Available in default CentOS repository: Yes

root@alokranjan:~# yum install mysql-server -y

This command will installed the mysql-server, to create necessary directory structure and some   management system tables we need to execute mysql_install_db command.

root@alokranjan:~# mysql_install_db

To change default settings for Mysql, we need to execute mysql_secure_installation command. This will ask to change defaults values including changing root password which is very important as per security concerns.

root@alokranjan:~# mysql_secure_installation

If this will not successfully change the root password and will ask for old root password, we have to change the password by entering into the safe mode of mysql as below:

[root@alokranjan ~]# service mysqld stop Stopping mysqld:                                           [  OK  ] [root@alokranjan ~]# mysqld_safe --skip-grant-tables & [1] 8915 [root@alokranjan ~]# 131209 04:49:27 mysqld_safe Logging to '/var/log/mysqld.log'. 131209 04:49:27 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql mysql -u root Welcome to the MySQL monitor.  Commands end with ; or \g. Your MySQL connection id is 1 Server version: 5.1.71 Source distribution Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> use mysql; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> update user set password=PASSWORD("alokranjan") where User='root'; Query OK, 3 rows affected (0.01 sec) Rows matched: 3  Changed: 3  Warnings: 0 mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> quit Bye [root@alokranjan ~]# service mysqld stop 131209 04:50:55 mysqld_safe mysqld from pid file /var/run/mysqld/mysqld.pid ended Stopping mysqld:                                           [  OK  ] [1]+  Done                    mysqld_safe --skip-grant-tables [root@alokranjan ~]# service mysqld start Starting mysqld:                                           [  OK  ] [root@alokranjan ~]#

Again run the mysql_secure_installation command to reset the default values:

[root@alokranjan ~]# mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL       SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY! In order to log into MySQL to secure it, we'll need the current password for the root user.  If you've just installed MySQL, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MySQL root user without the proper authorization. You already have a root password set, so you can safely answer 'n'. Change the root password? [Y/n] n  ... skipping. By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them.  This is intended only for testing, and to make the installation go a bit smoother.  You should remove them before moving into a Production environment. Remove anonymous users? [Y/n] Y  ... Success! Normally, root should only be allowed to connect from 'localhost'.  This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] n  ... skipping. By default, MySQL comes with a database named 'test' that anyone can access.  This is also intended only for testing, and should be removed before moving into a production environment. Normally, root should only be allowed to connect from 'localhost'.  This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] Y ... Success! By default, MySQL comes with a database named 'test' that anyone can access.  This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] Y  - Dropping test database...  ... Success!  - Removing privileges on test database...  ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] Y  ... Success! Cleaning up... All done!  If you've completed all of the above steps, your MySQL installation should now be secure. Thanks for using MySQL!

After installation has done we need to start the mysqld service and add this service at startup.

[root@alokranjan ~]# service mysqld start [root@alokranjan ~]# chkconfig mysqld on

3. PHP installation and configuration:

 PHP is required for back-end programming. Following are the specification for PHP:

• Package required: php, php-mysql 
• Version: PHP5
• Dependencies for PHP package: php-cli , php-common and php-pdo.

Using the following yum command we can install the required php package:

[root@alokranjan ~]# yum install php php-mysql -y

4.PhpMyAdmin installation and configuration:

• Package required: phpmyadmin
• Dependencies: libmcrypt-2.5.8-9.el6.i686.rpm, php-gd-5.3.3-26.el6.i686.rpm, php-mbstring-5.3.3-26.el6.i686.rpm,php-mcrypt-5.3.3-1.el6.i686.rpm, php-php-gettext-1.0.11-3.el6.noarch.rpm, phpMyAdmin-3.5.8.2-1.el6.noarch.rpm
• Available in default CentOS repository: No
• External repository: EPEL
• Default configuration file location: /etc/httpd/conf.d/phpMyAdmin.conf, /etc/phpMyAdmin/config.inc.php

We need to first setup EPEL repository from where we can download and install the required packages for phpmyadmin.

[root@alokranjan ~]# wget http://epel.mirror.net.in/epel/6/i386/epel-release-6-8.noarch.rpm [root@alokranjan] rpm –ivh epel-release-6-8.noarch.rpm

Now we can install the phpmyadmin package from EPEL repository as below:

[root@alokranjan ~]# yum install phpmyadmin -y

ForceSSL and auth_type are important config options. SSL should be ON and auth_type http is better; http auth uses MySQL user/pass combinations to restrict access to user-specific databases.

We need to add the following in the configuration file (/etc/phpMyAdmin/config.inc.php) for ForceSSL:

$cfg['ForceSSL'] = true;

We need to change the loopback IP (127.0.0.1) in the following configuration file with the server’s IP:

/etc/httpd/conf.d/phpMyAdmin.conf

Now we are ready with phpmyadmin to be used and can be opened from any web-browser by providing https://<server-IP>/phpmyadmin

Where phpmyadmin is the Alias created for the /usr/share/phpmyadmin.

Below is the screenshot for phpmyadmin login page:

Fig1: phpmyadmin login page 

After providing correct details, it will show the below home page for phpmyadmin:

Fig2. Phpmyadmin home page

Mysql configuration can be changed from https://<serverip>/phpmyadmin/setup

Fig3. Phpmyadmin setup page

This phpMyAdmin panel can’t be accessed from outside. Below is the access denied error message from Apache. If anyone wants to access it from any remote machine then user needs to do tunneling by providing the credentials of the host machine, it makes the phpMyAdmin setup more secure.

Fig4. Forbidden page for phpmyadmin 

This Forbidden message will show the additional server information like: Server OS and Apache version. To disable showing this extra information from Apache server, we have to make the following changes in apache configuration file (/etc/httpd/conf/httpd.conf).

ServerSignature off



Thank you for reading our article, keep visiting and let us know in case any query or suggestion.

Read More

8 practical Linux top command examples

Top command tells us the dynamic real-time view of the running system. By default it refresh the details in 3 seconds. It includes the details like: uptime details, load average, CPU, memory and swap usages etc.

we can use different flags with top command to serve our purpose. In this article we will discuss top command with different flags and features with particle examples.

1. Top command:














This shows some basic details of the running system with PID, user, CPU and memory usages etc. Press q to quit the window.

Where,

PID:            Process ID of task.
USER:        The Effective user name of the task's owner
PR:              Priority of task.
NI:               The nice value of task.
VIRT:          The total amount of virtual memory used by the task.
RES:           The non-swapped physical memory a task has used.
SHR:           The amount of shared memory used by a task.
S:                 The status of the task which can be one of:

                    'D' = un-interruptible sleep
                    'R' = running
                    'S' = sleeping
                    'T' = traced or stopped
                    'Z' = zombie

%CPU:      CPU usages

%MEM:     Memory usages

TIME+:      CPU time

Command: Command line or program name

2. Details of individual CPU: 

If we have multi-core system and would like to see the details of individual CPU then we can press 1 during the running top command. When we see 'Cpu(s):' in the summary area, then all cpu information is gathered in a single line. Otherwise, each cpu  is  displayed  separately  as:  'Cpu0, Cpu1, ...'. 

3. Add additional fields to top output:

We can press f while top command is running to add additional fields ti top output. We just need to press the respective letter for adding new fields. Ex: To add swap into the top output we just need to press f while running top command then it will show the window as below:

Then we need to press p to add swap. Similarly we can add other additional fields as well.


4. Command line/Program name toggle:

we can see full path of running process by pressing c while top command is running. Thus, if top was displaying command lines, now that field will show program names after pressing c, and visa versa.

5. Sort top output:

We can sort the processes by any top column by pressing shift+o while top command is running. By default top command displays the processes sorted by CPU usages. After pressing shift+o while top command is running, it will show the screen like below:

We need to press the respective letter defined for different columns. Like: To sort by PID, we need to press a and then press enter.

5. Kill a task:

If we want to kill any task while running top command we can delete any task by pressing k. Then it will ask for PID of the process and the signal that we want to send to that particular process.

6. Display processes of a particular user:

we can filter the process by user as well. This can be done before and after executing the top command.

a.) At the time of running top command:
   top -u usename

b.) While top command is running: we can press u then it will ask for the username. Once we will provide the valid username and then press Enter, top command will only display the processes with provided user.

7. Save top command output to a file:

If we want to save the output of top command to some file then we can do this by the following way:

top -n 1 -b > file_name

where,
b: Starts top in 'Batch mode', which could be used for sending output from top to a file or to other program.
n: Specifies the maximum number of iterations.

8. Save current top command settings:

We can save the top command settings that we changed while top command is running by pressing shift+w. By default this will save settings to .toprc file in our home directory.

Thanks for reading our article. Please comment for any further query or suggestion.

Read More

Execute linux command without leaving any trace to history

If you want to execute some Linux command without leaving any trace to history file. You can execute the command as below:

Method 1:

syntax:

alok@alok:~$ history -d $((HISTCMD-1) && linux_command

Method 2:

By keeping some space at the beginning of the command we can avoid logging commands in history.

Note: This method is only applicable for Ubuntu OS.

Delete a particular command from history:

Now if you want to delete a particular entry from history then we can use the below command:

syantax:

alok@alok:~$ history -d $((HISTCMD-1)) && history -d line_number_of_command_in_history

Example:

Read More