Hello I’m looking for a vps to check my untrusted machine network activity. Because I suspect to have a spyware I want try to redirect all my traffic to the vps so that I can check it. But I want a really safe vps, for example something that monitor the vps filesystem and/or memory (from the point of view of the hypervisor then from outside the vps) and tell me if anything of suspicious is installed or loaded in the memory. A friend told me that many years ago vmware had a tecnology called vsafe. Anyone know if exist anything like that ? (I don’t ask about any provider because I don’t want make spam). Please I’m not looking for a network intrusion detection because the danger come from my own machine.
Tag: filesystem
Host filesystem manipulation from docker vs. virtual machine
When reading about docker, I found a part of the documentation describing the attack surface of the docker daemon. From what I was able to understand, part of the argument is that it is possible to share (basically arbitrary) parts of the host filesystem with the container, which can then be manipulated by a privileged user in the container. This seems to be used as an argument against granting unprivileged users direct access to the docker daemon (see also this Security SE answer).
Would the same be possible from a virtual machine, e.g. in VirtualBox, which on the host is run as an unprivileged user?
A quick test where I was trying to read /etc/sudoers
on a Linux Host from a Linux guest running in VirtualBox did produce a permission error, but I would not consider myself an expert in that regard in any way nor was the testing very exhaustive.
Can Citrix Workspace access host filesystem?
I’m doing freelancing for multiple clients and one asked me to work on their computer using Citrix Workspace. Can it access my computer’s local file system (even on metadata level, like filenames)? Should I store other client’s files offline while working for this particular one?
Formartting SD Card – Corrupted FAT32 Filesystem
I have a corrupted SD Card whose filesystem is FAT32. I tried the following stuff but i am still able to see the contents in the SD card. I can neither add new files nor can i delete any files from the SD card. The contents seem to be locked within this SD card, similar to being locked in prison.
The things i have tried:
dd if=/dev/zero of=/dev/sdc
It took around 5-6 hours to finish this, but i could still see the contents. dos
-
sudo dosfsck -w -r -l -a -v -t /dev/sdc
The verbose log said that dirty bit was identified and autocorrection of the corrupted bit has also taken place. But to no avail.
- I tried clearing and formatting the partition using parted and gparted as well, but the result was unchanged.
Can someone explain this? Why did dd
not work? Is there any other option other than buying a new SD Card?
Does copying files from EXT4 filesystem to NTFS lose permissions?
I recently attempted to back up my /home/user directory while removing ecryptfs from my system. I didn’t have enough space on my Ubuntu EXT4 SSD so, not thinking, I used
sudo cp -rp /home/user /media/user/HDD
to copy it to my NTFS HDD before removing it. Obviously when I copied it back the permissions had been overwritten from what it used to be. My question: is there any way to recover these permissions etc…(i.e. does the -p
flag preserve them in some other way on a NTFS system), or were they lost as soon as I copied them over?
Additionally, is it just the UNIX permissions that NTFS systems don’t handle well, or is there anything else I should be worried about?
Raid filesystem check or mount failed (after probable physical shock)
I work on a computer where the operating system is installed on an SSD but data storage is on a RAID system. Recently I have been unable to mount the raid system when booting, while the operating system loads fine. I suspect technicians hit the server while it was running, due to scratches on the case but I am not sure.
When I boot the computer I get the error message The drive for /home is not ready or present
(the same message for /Data
and /Backup
. I entered the recovery shell and ran fsck -A
as suggested in the post here, but I get the message that /
was busy.
I then booted into recovery mode and ran fsck -A
, but I get the message that
fsck.ext4: Unable to resolve 'UUID=334eef34-16c4-45ec-9cc9-5f40e9f8207d' fsck.ext4: Unable to resolve 'UUID=19bf1002-fa4b-4462-9ea6-807d5b0f312b' fsck.ext4: Unable to resolve 'UUID=0f556fa7-b061-4c22-b84b-97e2e3f1b545'
At ubuntuforums I found the suggestion to edit /etc/fstab
but I am out of my depth here as I do not really understand what I am messing with.
running blkid
returns
/dev/sda1: UUID="7c05724f-61bd-4d70-b908-f6c83c4365b8" TYPE="ext4" /dev/sda5: UUID="51978b9f-747b-4f41-8b2b-42f3da3347e6" TYPE="swap" /dev/sdb1: UUID="65325870-b912-f8b1-af82-ab0c8bb94dbb" UUID_SUB="13151e15-3890-90d5-d910-8ab781fc713f" LABEL="CBMRubuntu:0" TYPE="linux_raid_member" /dev/sdc1: UUID="65325870-b912-f8b1-af82-ab0c8bb94dbb" UUID_SUB="05322b31-8961-f57d-143b-877123c61d7c" LABEL="CBMRubuntu:0" TYPE="linux_raid_member" /dev/sdd1: UUID="65325870-b912-f8b1-af82-ab0c8bb94dbb" UUID_SUB="85430436-4dfc-96ff-083c-0734a76ff8b6" LABEL="CBMRubuntu:0" TYPE="linux_raid_member" /dev/sde1: UUID="65325870-b912-f8b1-af82-ab0c8bb94dbb" UUID_SUB="05feb9dd-9c4f-bc2f-50e7-c4422419268a" LABEL="CBMRubuntu:0" TYPE="linux_raid_member" /dev/sdf1: UUID="65325870-b912-f8b1-af82-ab0c8bb94dbb" UUID_SUB="3ef48a37-14b5-1fc8-1eed-48eca24f0043" LABEL="CBMRubuntu:0" TYPE="linux_raid_member" /dev/sdg1: UUID="65325870-b912-f8b1-af82-ab0c8bb94dbb" UUID_SUB="5960eff8-d60b-c206-90b9-c448723f9ef3" LABEL="CBMRubuntu:0" TYPE="linux_raid_member"
and running cat /etc/fstab
prints
# /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # <file system> <mount point> <type> <options> <dump> <pass> # / was on /dev/sda1 during installation UUID=7c05724f-61bd-4d70-b908-f6c83c4365b8 / ext4 errors=remount-ro 0 1 # /Backup was on /dev/md0p2 during installation UUID=334eef34-16c4-45ec-9cc9-5f40e9f8207d /Backup ext4 defaults 0 2 # /Data was on /dev/md0p1 during installation UUID=19bf1002-fa4b-4462-9ea6-807d5b0f312b /Data ext4 defaults 0 2 # /home was on /dev/md0p3 during installation UUID=0f556fa7-b061-4c22-b84b-97e2e3f1b545 /home ext4 defaults 0 2 # swap was on /dev/sda5 during installation UUID=51978b9f-747b-4f41-8b2b-42f3da3347e6 none swap sw 0 0
I noticed that the missing UUIDs are the same as the ones in /etc/fstab/
but does not match the ones in blkid
. Is there some way to figure out which UUIDs goes where and restore the file system?
The vast majority is backed up so the damage is not great, but there are a few things that would be nice to restore.
I work on a server with Ubuntu 14.04.5 LTS, if that makes a difference.
X11 Server Won’t Start – Write-Protected Filesystem
I recently installed Ubuntu Mate 19.04 on my MacBook Pro (x86_64 arch). After my system went into hibernation, the root filesystem (ext4 mounted on /) became corrupted. Initially, startup would drop to a BusyBox shell. If I remember correctly, I was able to run fsck
from BusyBox on the root filesystem. I was then able to boot up into the system, but the X11 server would not start so I was left in a command line shell. I checked the list of services & focused on the following:
# service --status-all ... [ + ] lightdm ... [ - ] x11-common
Restarting the lightdm service (service lightdm restart
) did nothing. Trying to start the x11-common service (service x11-common start
) reported, if I remember the error correctly, that /lib/systemd/system/x11-common.service
was “shadowed” (Edit: I looked up the correct term, it was “masked”). Looking up the error, I found reports that it meant that /lib/systemd/system/x11-common.service
was a symbolic link to /dev/null
. This turned out to be the case. The resolution that was given was to delete /lib/systemd/system/x11-common.service
. Trying to do so, I found that the filesystem still contained errors & couldn’t be mounted read-write. I eventually booted into a live CD/USB, ran fsck/e2fsck
on the filesystem then mounted the local disk partition in read-write & deleted the file. After rebooting, I found that it was still dropping me to the command line shell. Now starting the x11-common
service didn’t report any error, but still didn’t launch the X11 server. It appears that the x11-common
service is now running:
# service --status-all ... [ + ] lightdm ... [ + ] x11-common
But I still cannot get into the X11 graphics mode. No matter if I clean the filesystem via fsck
in a live CD/USB, I am always dropped to a terminal & the filesystem is marked write-protected. Trying to remount does not work:
# mount -o remount,rw / mount: /: cannot remount /dev/sda2 read-write, is write-protected
I cannot force unmount either:
# umount -f / # mount | grep sda /dev/sda2 on / type ext4 (ro,relatime,errors=remount-ro) /dev/sda1 on /boot/efi type vfat (rw,relatime,fmask=0077,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro)
Logging into my user account, I try to run xinit
but it fails:
$ sudo xinit (EE) Fatal server error: (EE) Could not create lock file in /tmp/.tX0-lock (EE) (EE) Please consult the The X.Org Foundation support at http://wiki.x.org for help. (EE) xinit: giving up xinit: unable to connect to X server: Connection refused xinit: server error
Obviously because the filesystem is read-only. startx
fails with the same error. Re-installing is an option, but if this continues to occur I would like to be able to fix it without doing a fresh re-install.
If anyone has some insight into my problem I would much appreciate it. Once I get this fixed, I will work on what caused the filesystem to be corrupted in the first place when the system went into hibernation.
The model number on my MacBook is A1226. It appears from this site, it is one of three possible systems with either a 2.2GHz, 2.4GHz, or 2.6GHz Core 2 Duo CPU built in 2007. This is an x86_64 system, not a PowerPC.
unknown filesystem error while trying “Insmod Normal”
I tried to uninstal Ubuntu 16.10 from my windows 7 and install 18.4. Deleted the volume but the partition was active. I restarted the system after which it is opening under “Grub rescue”. All commands are working except “Insmod Normal” and “Normal”. So my system is completely stuck. I am neither able to fix Ubuntu nor I am able to fix Ubuntu. Please help!!! Need an urgent fix.
read only root filesystem
so i just installed Ubuntu on my PC alongside windows.I created a new ext4 partition during installation and mounted it at the root(/). The issue that i have is that this partition only mounts as read only. Thanks.
Why does Ubuntu claim to run out of space (No Space Remaining on Filesystem) when there is actually 5GB free?
I thought this could be my ~7GB swap file, but, even after deleting it, I get the same behavior. Seems like an absurdly aggressive margin of safety!