Hi all,
I tried restoring an ntfs in a kvm virtual disk by "cp" and
"ntfs-3g.secaudit". In the ntfs, a Windows 2008 system was
installed and it can boot after the restoration.
So I think the restoration succeed but I have a suspence about this.
When I used "ntfs-3g.secaudit" with "-se" options for restoring
the audit data, it ouput "! No errors were found" but exited with 1.
My questions are:
A. There is a mismatch between the message and the exit status,
is this a bug of "ntfs-3g.secaudit"?
B. How can I do further confirmation of the completion of
the restoration by commands or tools that provided by Microsoft?
The Restore Operations I did were:
# I used ntfs-3g-2009.11.14 and an Redhat EL 5.4(x86-64)
# system as host OS and a Windows 2008 R2 (x86-64) system as guest OS.
1. Dump the kvm virtul disk by dd like this:
# dd if=/dev/VolGroup01/LvKvmWNS86401 of=LvKvmWNS86401.dd
* I used an LVM logical volume for the kvm virtual disk.
2. Mount a partition in the LVM logical volume
# mkdir -p mntLV
# losetup /dev/loop0 /dev/VolGroup01/LvKvmWNS86401
# kpartx -a /dev/loop0
# mount -t ntfs-3g /dev/mapper/loop0p2 mntLV
* By default installation, Windows 2008 makes 2 primary partitions
in the given disk and formats them as ntfs. The 1st one is used
as a boot partition by the term of Linux. The 2nd one is used as
a root partition. I tried restoring the root partition.
3. Delete all files in the root partition.
I used the following shell script for this purpose.
# Because simply use of "rm -fr *" in directory "mntLV" cannot
# delete all files.
=== Script Begin ===
#!/bin/bash
find mntLV | sort -r |
while read file; do
dir=${file%/*}
if cd "$dir" 2>/dev/null; then
if ! rm -fr "${file##*/}"; then
echo file "$file"
fi
else
echo NG dir "$dir"
fi
cd - 1>/dev/null 2>/dev/null
done
=== Script End ===
4. Mount the root partition in the backup image data
# mkdir -p mntDD
# losetup /dev/loop1 LvKvmWNS86401.dd
# kpartx -a /dev/loop1
# mount -t ntfs-3g /dev/mapper/loop1p2 mntDD
5. Copy files from the backup image data to the logical volume
# cd mntDD
# cp -a * ../mntLV
6. Unmount the partitions in the backup image data and the logical volume
# cd ..
# umount mntDD
# umount mntLV
* The target partitions must be unmounted to use "ntfs-3g.secaudit."
7. Backup audit data by "ntfs-3g.secaudit"
# ntfs-3g.secaudit -b /dev/mapper/loop1p2 > sec.data
8. Restore audit data by "ntfs-3g.secaudit"
# ntfs-3g.secaudit -se /dev/mapper/loop0p2 sec.data
The execution of this command producted many messages of its progress
and eventually it output the following messages
! No errors were found
75186 ACLs have been applied
* But the command exited with 1.
9. Boot the restored Windows 2008 system
The Windows 2008 system seems to start normaly.
Sincerely Yours.
--
Kazuhiro Takenaka
Open Source Business Unit
NTT DATA INTELLILINK CORPORATION
email: Kazuhiro Takenaka <[email protected]>
URL: http://www.intellilink.co.jp/
------------------------------------------------------------------------------
Return on Information:
Google Enterprise Search pays you back
Get the facts.
http://p.sf.net/sfu/google-dev2dev
_______________________________________________
ntfs-3g-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ntfs-3g-devel
