Yadda ake Mai da Deleted File a Linux

Shin wannan ya taɓa faruwa da ku? Kun gane cewa kun yi kuskuren share fayil - ko dai ta hanyar maɓallin Del, ko amfani da rm a cikin layin umarni.

A cikin shari'ar farko, koyaushe kuna iya zuwa Sharar, bincika fayil ɗin, sannan ku mayar da shi zuwa ainihin inda yake. Amma batun shari'a ta biyu fa? Kamar yadda na tabbata tabbas kun sani, layin umarni na Linux baya aika fayilolin da aka cire a ko'ina - yana cire su. Bum. Sun tafi.

A cikin wannan labarin za mu raba wani tip wanda zai iya taimakawa don hana wannan daga faruwa da ku, da kuma kayan aiki da za ku yi la'akari da yin amfani da su idan a kowane lokaci ba ku da isasshen kuɗi don yin hakan.

Ƙirƙirar laƙabi zuwa 'rm-i'

Maɓallin -i, lokacin amfani da rm (da sauran kayan aikin sarrafa fayil kamar cp ko mv) yana haifar da saurin bayyana kafin cire fayil.

Hakanan ya shafi kwafi, motsawa, ko sake suna fayil a wurin da akwai wanda yake da suna iri ɗaya.

Wannan faɗakarwa yana ba ku dama ta biyu don yin la'akari idan da gaske kuna son cire fayil ɗin - idan kun tabbatar da saurin, zai ɓace. A wannan yanayin, yi hakuri amma wannan tip ba zai kare ku daga rashin kulawar ku ba.

Don maye gurbin rm tare da laƙabi zuwa rm -i, yi:

alias rm='rm -i'

Umarnin alias zai tabbatar da cewa rm yanzu an lakafta shi:

Koyaya, wannan zai šauki a lokacin zaman mai amfani na yanzu a cikin harsashi na yanzu. Don yin canjin dindindin, dole ne ka adana shi zuwa ~/.bashrc (wasu rabawa na iya amfani da ~/.profile maimakon) kamar yadda aka nuna a ƙasa:

Domin canje-canje a cikin ~/.bashrc (ko ~/.profile) su yi aiki nan da nan, samo fayil ɗin daga harsashi na yanzu:

. ~/.bashrc

Kayan aikin forensics - Na farko

Da fatan za ku yi hankali da fayilolinku kuma kawai kuna buƙatar amfani da wannan kayan aiki yayin dawo da fayil ɗin da ya ɓace daga diski na waje ko kebul na USB.

Koyaya, idan kun gane cewa kun cire fayil ɗin da gangan a cikin tsarin ku kuma zaku firgita - kar a yi. Bari mu yi la'akari da farko, kayan aikin bincike wanda aka tsara don irin wannan yanayin.

Don shigar da farko a CentOS/RHEL 7, kuna buƙatar kunna Repoforge da farko:

# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm
# yum install foremost

Ganin cewa a cikin Debian da abubuwan haɓaka, kawai yi

# aptitude install foremost

Da zarar an gama shigarwa, bari mu ci gaba da gwaji mai sauƙi. Za mu fara da cire fayil ɗin hoto mai suna nosdos.jpg daga cikin /boot/images directory:

# cd images
# rm nosdos.jpg

Don dawo da shi, yi amfani da gaba kamar haka (zaku buƙaci fara gano ɓangaren da ke ƙasa - /dev/sda1 shine inda /boot ke zaune a wannan yanayin):

# foremost -t jpg -i /dev/sda1 -o /home/gacanepa/rescued

inda/gida/gacanepa/ceto shine kundin adireshi akan faifai daban - ku tuna cewa dawo da fayiloli akan wannan tuƙi inda aka cire waɗanda aka cire ba hanya mai hikima ba ce.

Idan, yayin farfadowa, kun mamaye sassan faifai iri ɗaya inda fayilolin da aka cire suke a da, maiyuwa ba zai yiwu a dawo da komai ba. Bugu da ƙari, yana da mahimmanci don dakatar da duk ayyukanku kafin yin farfadowa.

Bayan an gama aiwatarwa na farko, fayil ɗin da aka dawo dashi (idan maidowa zai yiwu) za'a samu a cikin /home/gacanepa/ceto/jpg directory.

A cikin wannan labarin mun yi bayanin yadda ake guje wa cire fayil ɗin da gangan da kuma yadda ake ƙoƙarin dawo da shi idan irin wannan abin da ba a so ya faru. Ka yi gargaɗi, duk da haka, cewa na gaba na iya ɗaukar ɗan lokaci kaɗan don gudu dangane da girman ɓangaren.

Kamar koyaushe, kada ku yi shakka a sanar da mu idan kuna da tambayoyi ko sharhi. Jin kyauta don sauke mana bayanin kula ta amfani da fom ɗin da ke ƙasa.