System Recovery with Knoppix

An anonymous reader writes "This article shows how to access a non-booting Linux system with a Knoppix CD, get read-write permissions on configuration files, create and manage partitions and filesystems, and copy files to various storage media and over the network. You can use Knoppix for hardware and system configuration detection and for creating and managing partitions and filesystems. You can do it all from Knoppix's excellent graphical utilities, or from the command line."

Yes, but....

What if the Linux that you can't boot already is Knoppix? Can you swap this recovery CD with your regular Knoppix CD during the boot process?

Re:Yes, but....

For those not in the know, "Knoppix is a GNU/Linux distribution that boots and runs completely from CD." (Source: www.knoppix.net [knoppix.net]).

So it is kind of hard for a Knoppix installation to become corrupt; worst case scenario is you just burn new copy of the Knoppix CD. :-) The parent comment is in fact funny (and quite so!), rather than insightful as it's currently moderated. ;-)

Re:Yes, but....

Umm... Knoppix can be installed on to the hard disk and many people actually do so because then they get a Debian-like OS on their hard-disk.

Knoppix itself ships with a hard-disk install script. See this page for more info - http://www.knoppix.net/docs/index.php/HdInstallHow To

Regards,
The Shaitan

So weird...

Just two days ago I just had to use Knoppix to recover my system after a failed attempt to upgrade the kernel. Very good to have as a recovery tool.

Re:So weird...

Does not compute. Why didn't you copy your new kernel as a different name in your /boot directory and add a new lilo.conf entry (if you are using lilo) and then run lilo? Even if you can't boot, most Linux installation cds allow command line boot parameters something like

:boot /dev/hda2 linuxtest (linuxtest being /boot/linuxtest)

On a side note, Linux install cds or apps like Knoppix are excellent tools if you are forced to administer a Windows server. It should be no suprise that a boot with the ntfs driver is vastly superior to the Windows Recovery Console. But suprisingly, the ntfs driver is robust enough that it can access hard drives that Windows will spit out saying a hardware error has occurred. Saved my ass twice already.

Re:So weird...

But suprisingly, the ntfs driver is robust enough that it can access hard drives that Windows will spit out saying a hardware error has occurred. Saved my ass twice already. Amen to that. It's the only reason I have any data left off of a hard drive that failed a few months ago. While the data was copied at a disgustingly slow pace to my USB flash drive, it was preserved, even when Windows refused to even boot off of the drive.

Re:So weird...

And I think you've hit upon one of the most interesting things about Knoppix: it's useful to Windows sysadmins. I work on a multi-platform network, and I've used this distro many times on both Windows and Linux machines. The NTFS driver works great, and recently helped me restore a DLL that a user had "accidentally deleted." Of course it's also a Samba client, so you can drag and drop their files from the damaged machine to the file server for safe keeping.

It's all shown me how good a job Microsoft could do if they actually cared. Knoppix really is better than Microsoft's own recovery console, and makes me wonder why (a) Windows doesn't simply restore missing DLLs on its own when they turn up missing (copies are in the i386 folder, and sometimes other places, so what the heck?), and (b) why there isn't a bootable Windows CD for recovery (maybe because it would be the most pirated CD ever?).

These experiences left me unsurprised when Google released a desktop search tool [google.com] that renders Longhorn's WinFS obsolete ... two years before the release of Longhorn. Is Bill asleep at the wheel?

Re:So weird...

"Why bother with using bloated tools that only get in the way when you can do the exact same thing with a boot floppy."

GUI != bloat. Web browser != bloat, especially during system recovery.

Come to think of it, why am I even wasting time spelling out the obvious reasons why Knoppix is an awesome recovery tool?

New Kid on the block?

Knoppix, the hot new kid on the block

New? Wow, I'm glad I don't live in that neighborhood.

So you can fix Linux....

But can it fix a bad NTFS partition?
I couldn't even get the windows XP Install CD to fix it... lots of tax records gone :(

Re:So you can fix Linux....

I think NTFS is probably read-only so you can't fix it directly. But in case you weren't smart enough to keep backups around, you can use Knoppix to backup your files over the network. I did the same thing for a friend who couldn't boot up her XP installation anymore after Norton Antivirus "cleaned" a bit too much (even safe mode didn't work). But I ended up copying the data to an external firewire disk 'cause the network (which Knoppix didn't have any problems to detect) was too slow.

Go Linux/Knoppix!

Ricardo.

Re:So you can fix Linux....

captive-ntfs 1.14 works just fine for me w/Knoppix 3.4 (though 1.15 w/Knoppix 3.6 failed to mount my NTFS partitions, that is another story altogether) ... so, you can actually read/write to NTFS from Knoppix if you manually configure captive and mount the NTFS partition(s) yourself.

Re:So you can fix Linux....

captive-ntfs needs a captive user and group to work properly. Manually adding them allows it to work correctly again on 3.6. I even made a personal remaster of Knoppix with fix and the XP drivers captive-install-acquire already done. That last is handy because I have had NICS that XP didn't recognize and it gets the driver install files on the disk.

You mean linux NTFS support...

Last I heard write was still experiencing random failures, not that it matters for data recovery.

But I'd recommend using this [windowsubcd.com] to work on/repair Windows computers. You get read/write (its really just Windows, so..) and a lot of crap can be repaired with a virus/adware scan (or two). If your comfortable enough with Windows there really isn't much you can't recover from once you can read the disk (sort of a complete hardware failure).

As a side note, it also reads ext2 and 3. Handy for working on your friends dual-boot systems too.

Personally, I carry on of these and either Knoppix or an older Gentoo live disk.

So do other distros

Don't most distributions provide a boot disk to give you the kind of access you need?

What I like...

Is that IBM has done this, right off their own website and helping the system admins, techies and anyone else interested in learning how to fix your defunct or otherwise broken system.

Oldie but a goodie

This one's been around for a while. It's a useful resource, but some of the more specialised distros are easier to use for rescue disks.
http://www.frozentech.com/content/livecd.php [frozentech.com] has a good list of them.

Re:Oldie but a goodie

Even better, go get this book:

http://www.oreilly.com/catalog/knoppixhks/

I know the author - he is what IMHO most would call an "uber hacker", when it comes to Linux in general.

Highly reccomended.

Soko

Re:Oldie but a goodie

FWIW, there's also a dedicated rescue distro based on Knoppix and Damn Small Linux - INSERT [inside-security.de].

"Really? I had no Idea!!!"

Well, apart from the "Duh- What else are you gonna use it for?" line, I suppose its nice to RE-distribute the info to those 3 or 4 around here that haven't heard of knoppix...And also nice that IBM is running the piece. That kinda lends some pointy-haired massive corporate legitimacy to the tool...
But maybe I'm mistaken...Okay, then--- Quick Poll- Who HAS NOT heard of and tried a Knoppix disk?

Re:"Really? I had no Idea!!!"

Yeah, I was thinking the same thing.

However, it is useful enough for Linux evangelism -- print it out and give it [along with the Knoppix CD itself] to people who want to try out Linux.

There are many other alternatives

You can also use the gentoo live CD (you can even get an experimental one for reiser4) at www.gentoo.org.

There are also lots of speecialised ones. generally, the only time a linux box wont boot though is just a lilo or grub problem...

By the way, the coralised link is: http://www-106.ibm.com.nyud.net:8090/developerwork s/linux/library/l-knopx.html?ca=dgr-lnxw01-obg-Sys Recover

Linux has come a long way ...

It is amazing to me that you can basically have the power of a full operating system all boot on a live cd.

I used a Suse live cd a while ago to fix grub on my desktop, so I am a beleiver in live cds. I have heard a lot about knoppix, so I think that it is about time I downloaded an iso, especially now that there are some good acticles on it.

It's always good to be prepared just in case you do something stupid, and in my case, there are an abundance of those situations.

Just used Knoppix...

...with Samba to copy shit off a dead-in-the-water winderz 98 box. Pest Patrol had found 3,212 nasties on the box in question. I retrieved enough data to not worry about a crash on a re-install of winderz 98. I'm thinkin' of puttin' them up to win2k, but WTF, they're not payin' that much. (they have an XP License, FWIW)

Tbe Knoppix Distro has been helpful at this point - and I'm glad that I kept it around, because I needed to get these people's email transferred without much hassle

Toolbox

In my bag, I always carry:

1. Knoppix
2. Windows Usual Stuff
   • MS service packs
   • Antivirus / Ad-aware
   • Putty, Ghostscript
   • Cygwin installer and scripts
3. Solaris patches / packages / scripts
4. 64MB compact flash card / USB reader
   (Mini Usual Stuff)
   • MS monthly patch of the week
   • Antivirus / Ad-aware
   • Putty
5. Leatherman and mini-nutdriver set

6. 1. It's been a long time since I've needed anything else. I used to carry a Trinux CD, but now it's Knoppix.

      I use the compact flash card because it fits in both my camera and my PDA.

One thing your missing..

As a computer networking student I'm absolutely AMAZED this hasn't gotten more attention then it has.

Under your MS stuff (I know, I know, but in industry it really is a necessary evil) you should definitely have a Windows Boot CD [windowsubcd.com]. And I don't mean a DOS floppy! Its basically a live, say Windows XP disk with preinstalled software (virus scan, adware removers, registry editors, complete networking setup). It really has all the tools you commonly use when fixing the obligatory windows box and probably a few you've never even known you'd need.

I highly recommend you build one, and if the directions sound a little complicated, just take your time and reread them, there's about 3 step and none of the are actually complicated.

The worst thing you can do is boot a infected PC from an infected hard drive, not to mention the trouble accessing NTFS with FULL read-write.

MEPIS rocks for this too...

Yes, I'm distro whoring here. Personally, I'd recommend MEPIS [mepis.org] over Knoppix. Knoppix is fine as a boot disk, but MEPIS is by far the easiest-to-use distro and most overall enjoyable to work with that I know of. MEPIS started as a bootable CD, but it's grown into a full-fledged Debian-based distribution now, and I'd say a good 80%-90% of MEPIS users now use it as their primary distribution, not just a rescue disk or "Linux test" distro.

No, I'm not a weenie who needs things spoon fed to them, I've been using Linux since long before it was cool or chic, starting with Slack back in '96, then RedHat, then Mandrake. After Win2k came out I moved back to using Windows for most of my day-to-day desktop needs (now mostly Win XP), but recently I've installed MEPIS on my laptop and I find it quite enjoyable to use. The things that stand out to me are 1) fabulous hardware compatibility, including out of the box support for almost every component of my Dell Inspiron 8500 laptop, with NVidia GeForce4 Go graphics and so on (I did have to make a quick manual edit to XF86Config-4 to get widescreen support, and my Microsoft MN-720 802.11b card took about half an hour of screwing around to get running, but ndiswrapper was already there, I just had to find the right driver version and run it.

Okay, that's all the ranting I can do for now. Did I mention that MEPIS makes a great recovery CD? That's how I first discovered it. Give it a try, funny name aside.

news?

Is this news?
The article was written a year ago, and even then it was not news (I have used Knoppix for this purpose longer than that)

"manage [...] filesystems" - or plain ranting

I don't say K/Gnoppix is no good, because it's just great, imho the best live linux version for jumpstarting linux illiterates (other people check this [livebsd.com]. And I don't argue you can do lots of things with it. But for accessing and managing filesystems in general... well, access my xfs partitions with a knoppix please. or better not, keep away :)

If one wants to have rescue stuff ready, ones prepares good rescue stuff. E.g. an usb drive with a mini distro with >2 kernel versions helluvalot compiled modules, all possible filesystem support, disk fscking tools (for all supported filesystems) and you don't relly need much more.

A general purpose 2.4.x-based live distro for the masses jsut doesn't always qualify for such uses.

You know the drill, use the right tool for the job.

I just used Damn Small Linux to overhual a Susebox

A friend brought me his machine to upgrade.
A Frys cheapo Linux special, originally it came with a 30g, 128m ram and Thiz Linux. I Thized the disc straight into the trash and installed Suse 9.0 on it for him when he first got it.

Well, as time went on he realized that his system needed upgrading. So I sent him to the store and he brought back another 128m ram, a 120g drive and Suse 9.1 Pro.

The plan was to have the old doggy 30g as his boot/OS/work drive (hda) and his new 120g as /home (hdb)....

Well, booting up 9.1 does not come up and say
"Hey, I see you have data on your drive already and a new blank drive. Would you like to move it around in anyway before we procede?"

No, Suse just suggests that you wipe everything out and start over. Even if you tell it you want to do an upgrade, it has NO PROVISION what-so-ever to allow you to format the new drive then move your old /home from hda to hdb then reformat hda and partition it up in a useful way.

Ok, so in light of this, I took Damn Small Linux 0.8.2 [damnsmalllinux.org]
and booted up. Opened a root terminal, fdisked hdb, formated it for ext3 then moved all of his old /home data from hda to hdb.

It copied EVERYTHING. Hidden files, configurations, email, cookies, bookmarks, music, photos, the whole works.

When it was done I booted into Suse 9.1 pro, did a NEW INSTALLATION and wiped hda clean, installed the OS on it and told it that /home is on hdb1.

I created the same user and password as the old system so Suse looked at the /home on the new 120g drive and asked me if I wanted to change the permissions and ownership over. I said yes.

The install proceded normally to completion.
When it was finished and I rebooted the system, it was identical to the way it was brought to me except that he now has a 120g /home directory instead of the 10gigs he had before.

Damn Small Linux is the very best tool a tech can carry with him. I keep a copies on biz cards in all of my tool boxes and in each of my vehicles.
I don't leave home without it.

I also carry standard Knoppix in case I run into a case where I need k3b on the ailing machine.
I have several other versions of Knoppix I keep handy for various network jobs, like knoppix-std [knoppix-std.org]
and a few other network related Knoppix knock offs..

Re:I just used Damn Small Linux to overhual a Suse

I think you could have added the new disk to the old running system, fdisk and format it using yast or commandline tools, move your home there, and then re-install the system on the 30GB disk.
I would have done:
- login as root
- cd /
- mv home home.orig
- mkdir home
- yast
(add the disk, say it will be /home, format it)
- df
(make sure the /dev/sdb1 is now mounted as /home)
- mv /home.orig/* /home
- rmdir /home.orig

home is now on the new disk.
reboot system from CD, install 9.1 on 30GB and during partition selection tell it that /home is /dev/sdb1.
that should do it.

What am I missing?

I can rescue my system from my Mandrake CD. At the menu type in "rescue" and you get access to everything you need.

I had to do this once when I had some directory corruption.

LK

coincidence

Heh, funny this story should come up now, I used Knoppix to recover customer web sites from a couple of disks from a compramised machine just the other day. Saved my life (coz if Knoppix wasn't there then I'd have to use a boot disk with vi on it, and I'd rather die, than use vi).

But what about winmodem support?

I'm dying to figure this part out...

Why is this news

The article is dated October 23, 2003. Nearly a year old!

There must be newer versions of almost everything mentioned in the article, and probably better ways of doing most of the tasks...

And most /. readers know about Knoppix already.

First rate device detection

Luckily I haven't had to use Knoppix to recover any crashed systems...

However I did use it to tweak the device settings on my install of FreeBSD. Knoppix has always detected anything I threw at it, while FreeBSD isn't quite up to the same level (but getting better). So, I gave Knoppix a whirl and got enough driver info for the noname videocard that shipped in the used computer I was setting up as a server.

Rock on Knoppix!

ntfsclone

Where is ntfsclone in the latest KNOPPIX? I tried version 3.4 I think it was - couldn't find it anywhere, so had to revert to 3.3. There was an ntfsprogs package but it didn't seem to include all the tools. That's all I use KNOPPIX for - making an image of my Win2K partition.

Tom's

Tom's Root Boot" [toms.net] is the only Linux boot CD needed to fix a Linux system. Although I use Knoppix occasionally to test hardware.

Real world application

I had a fault on my home system, so I tried to knoppix my wife around. I did not recover from the attempt no matter what utilities I tried. I tried to reiser, I tried to fsck her. I even tried mem86 check her and remind her of all the good times we had. In the end, she rebooted me no matter how many times I tried to replug her.
Knoppix not good for everything.
Yep, this is bad. Baaaddd joke if you can call it that.
Oh, by the way, this is nothing but flaimbait.
Burn karma, burn.

Also...

http://rescuecd.pld-linux.org/ [pld-linux.org]

Better safe than sorry

First of all, there are a couple of basic steps people can take to ensure their systems are rescuable and secure regardless of any patches they have applied.

• Make sure your root filesystem is as small as possible to minimize the chances of corruption there and that you can have it mounted read-only. This not only improves your security (since you can simply remove CAP_SYS_ADMIN from all your daemons and they won't be able to remount anything), but also makes it even harder to corrupt the root filesystem. Your user and group information files will need to be moved to /var and appropriate symbolic links created in /etc so that users can still change user and group passwords and you can create accounts without remounting the root filesystem read-write.
• Never remove your legacy device inames from /dev, ever! Even if you use devfs or udev, a new /dev is mounted over the original one, so the legacy inames disappear magically from VFS. The legacy device inames may come in handy in a system recovery later. If you use devfs or udev, make sure your /dev filesystem is mounted with the noexec option enabled for security reasons.
• Make sure your /var is always mounted noexec and nodev. If you use qmail, switch to Postfix (yes, I've done it, DJB is such a dumbass with his lack of respect for standard directory hierarchies).
• Make sure your /tmp is not in your root filesystem. You can mount a tmpfs for your /tmp and point /usr/tmp, /var/tmp, and /anything-else/.../tmp to your /tmp with a symbolic link. If you do mount a tmpfs or any other kind of filesystem, make sure you do it with the noexec and nodev options enabled. If you can't or are not willing to use another filesystem for /tmp (tmpfs sometimes is too small for CVS, and you may not have enough space for a dedicated /tmp), use /var/tmp instead (assuming you've mounted /var according to my instructions above).
• Grab a copy of the GNU fileutils from a mirror close to you, compile it statically, and install the resulting binaries in /sbin (not /bin). If anytime later something terrible happens to your libc, you can always make /sbin have precedence over /bin in your $PATH and use the static binaries in /sbin instead for recovery. Always remember to make add /sbin first in your $PATH if you ever upgrade your libc from the sources, especially if it is your first time doing so (believe me, everyone I know, including me, had problems with their first libc installations from the source). Doing this can save you from a lot of trouble.
• Even when you know your kernel binary will boot perfectly (because perhaps you used the same configuration file to compile the same kervnel version), make a backup of your old kernel by renaming (not copying) it and specifying the new name in lilo.conf. LILO knows nothing about filesystems (never used grub, so I can't talk about it, but I suspect the same thing happens with it), so if your kernel, for some reason, gets fragmented in your filesystem, you will be in trouble to boot from it, since LILO assumes the kernel is never fragmented.

Following above steps is usually enough to prevent rescue situations because the root filesystem is vital, so protecting it is the first line of defense, but if the worse comes to worst and you ever get into trouble, you must learn with the problem. If the kernel loads and init doesn't, it may be a libc problem. Try booting with init=/bin/sh, remount your filesystems read-write, examine the problem, umount them (or remount them read-write, when unmount is not possible), sync, reboot and watch the changes. If the kernel does not load, you may need a

Yawn - where is the innovation?

Wow - Solaris has been doing this for years - SunOS even used to do it off tape.

Ever hear of "boot [cdrom|net|root-mirror] -s"? Come up in single user off alternate media, mount your root disk and proceed to fix as necessary.

Even DOS was able to do this - it was called a boot floppy.

Just because something puts a new wrapper on the process and because its based of Linux doesnt make it incredible.

Knoppix Hacks

Knoppix can do that and a whole lot more.

Knoppix Hacks [oreilly.com]

Virus scanning, emergency router, write to NTFS, even fire up a mythtv box.

Linux systems need recovery?

I'm shocked and horrified.

slashdotted?

Our apologies...
The IBM developerWorks Web site is currently under maintenance.
Please try again later.

Thank you.

Here [google.com] is the Google cached version.

...and if you're using some OTHER OS...

...Knoppix could still be helpful in recovering data, etc.

http://www.shockfamily.net/cedric/knoppix/ [shockfamily.net]

I lived on knoppix for a month

I lived on it for a month while evaluating which distro I was going to go with.

I chose Gentoo, but I always have the latest Knoppix boot-cd with me because I frequently screw up my system.

That's what has amazed me since abandoning Windows last year; with Linux, you always seem to be able to go in and fix whatever is broken.

In the Windows world, often, there is NO other alternative but backing up the data and reformatting.

Knoppix embodies just how powerful open source is; it's a modular distro, able to boot from a CD with no need of a hard-disk.

Using Knoppix to recover non-Linux boxes

On more than on occasion, now, I've successfully resurrected "dead" Windows machines by using Knoppix as a (very powerful) diagnostic tool. It not only has allowed me to recover files from a WIN-XP drive that a fresh install of XP wouldn't touch, it also is very helpful at determining if a system failure is hardware or software related.

I give Knoppix an enthusuastic two thumbs-up as an indispensible tool in my PC "repairman's kit". :)

It really adds to the "geek factor" when you can recover someone's valuable data from a machine that someone else said was "beyond hope".

Also works well for hardware drivers :)

I was upgrading a laptop from Fedora Core 1 to Core 2 and encountered a problem with Fedora's support for the ATi Rage Mobility [redhat.com].

I remembered that with the install of Core 1 that text installation was needed as graphical installation would fail. Fortunately though, video would work after installation. Unfortunately, Core 2 wasn't so kind.

I grabbed my trusty Knoppix disc and copied the working video driver over and restarted X. Problem solved and with framebuffer support even.

It was much quicker than trying to find working drivers on-line, downloading, compiling, and then installing them. It may not have been the "correct" method, but it worked and is still working.

We /.'d IBM?

That server is offline this am.

Hey, IBM, that was only a demonstration of our power.

IBM slashdotted?

Our apologies...

The IBM developerWorks Web site is currently under maintenance.
Please try again later.

Thank you.

Wow... We slashdotted IBM! But to the point: I wonder what is your experience. What is better for system recovery? Standard Knoppix [knoppix.org] which is a general purpose desktop system meant to be an impressive demonstration tool but lacking many security programs, or some specialised versions like Knoppix STD [knoppix-std.org] or Local Area Security [localareasecurity.com] which have more tools but are kind of "script kiddie friendly" and look very unprofessional with their Martix themes, leet-speak, "proving no localhost is safe" slogans etc. making them look more like intrusion than recovery tools? Or maybe Morphix [morphix.org] is the answer thanks to its ease of customisation and apt-getting new packages on the fly? Do you have any Real World(TM) experience?

Knoppix can virus-scan Winduhs

How To Do A Virus Scan With Knoppix [enterprise...planet.com]
Starting with 3.4, it comes with a f-prot installer. It scans and cleans viruses, except not on NTFS, it only tells you if your NTFS partition is infected, which it probably is. Because Linux NTFS support is still unreliable. But the advantage is you scan from a known clean disk and the latest virus definitions. And it's free.

DUP DUP DUP

So not only is this a dup of an earlier story from last year [slashdot.org], but this posting is the EXACT SAME TEXT as the earlier story. Is Slashdot now rerunning stories that reach or approach their 1-year anniversary???

Knoppix System Recovery

The short: Knoppix Rocks!

The long: I am a system administrator for a very small network. Back in May of this year, our Win2K file server crashed hard. After reinstalling the OS, I found that Windows refused to import a NTFS disk containing the users files. We had everything backed up on tape, but found the cranky tape drive wasn't working properly. No dice there. Around 8 PM I decided to give Knoppix a try. I was introduced to Knoppix while in school, but I am by no means a Linux Guru. To my surprise it booted the first time and successfully mounted the troubled drive. After a bit of searching, I found the instructions on the Net detailing system recovery using Knoppix. Using the methods detailed, I recovered 40 Gigs off of the drive. Talk about saving my hide! Now, Knoppix is a part of my recovery toolkit.

If you've never tried Knoppix, now is the time!

It saved my bacon...

I botched the setup for ivtv and lirc in /etc/modules.conf on my wife's computer, so that it panicked during boot. Fired up Knoppix, pulled the bogus lines from /etc/modules.conf, and all was well again. Whew.

not only linux recovery

a few months ago while trying to re-partition my 200gig drive, partition magic came up with some random error and then refused to even read the partition table, simply stating the entire drive had become one large partition of unknown type, as well as windows would not read anything on the hard drive.

several partitioning repair software choices later, i decided to see what my knoppix boot cd would give me for options, and low and behold the partition options actually gave me a list of all the seperate partitions on that drive, alowing me to see what was causing the problem (something like another smaller partition that was created that made the whole drive messed up), simply using knoppix to delete it and reboot, saved me a few gigs of data.

Since then Knoppix has replaced ERD for when i need to recover a pc, even on windows boxes.

Works for Windows also..

When we have need to repair or reinstall a Windows box and don't yet have the network card working, we found it to be much easier to boot from Knoppix, download the drivers for the network card, store them on the windows partition, and reboot to Windows to install them. (Yes, I know that this is kind of like taking blood thinner to make the arsenic work faster, but...)

this works nicely on Windows crashes as well

excellent primer on using Knoppix to help recover from linux system problems. but at the risk of starting a flame war, I'd like to relate my own experience rescuing precious data from a hard drive with a Windows XP install.

after installing some video driver on my XP box, the dang thing refused to boot up. after it failed several diagnostics tests, I knew something was seriously wrong. I had already resigned myself to getting a new, fatter hard drive, but I wanted to get several important folders with photos, documents and addresses off of the dang thing before I trashed it, or reformatted. i remembered that I had burned a copy of Knoppix-STD a few months earlier, and after booting up with it on the damaged box things went really smoothly from there. I managed to find a program that autodetected my DVD burner and without any configuration allowed me to burn two DVDs worth of data from my hard drive without any problems.

I can't remember the exact name of the program on the STD disc (I think it was something like KD3) but it saved my life.

The next step - remastering

I've been using Knoppix at work as the rescue disk for most of our computers. Found that it had a few shortcomings. Fortunately for us, it's very easy to create customized knoppix CDs, viz the: Remastering Howto [knoppix.net]

In a day, I was basically able to create a new Knoppix CD that can:

• run gkrellm & xosview (I have no idea why they omitted these very useful system status packages)
• run extra network utilities like etherape and netcat
• has ntfs.sys & ntoskernel.dll for captive-ntfs already in /var/lib/captive/ (unfortunately, knoppix creates symlinks from the readonly /var to a rw /var on ramdisk, which captive-ntfs doesn't like for some reason. Anyway, need a bootup script that removes those symlinks and copies the actual files to the /var ramdisk)
• run freedos under xdosemu, with the filesystem already populated with some DOS-based system rescue software such as Ghost and PowerQuest DriveImage. This gives the added benefit that I can do backups and restores using these programs over the network by mounting the file server with the images via NFS or SMB (unfortunately, this only works with Ghost, PowerQuest fails to write large files to the Linux filesystem which dosemu exposes as a "DOS network drive" with lredir). Wish dosemu.conf still allowed "wholedisk" access, but should be able to hack up a script that will automatically add detected partitions to dosemu.conf
• updated mozilla / firefox browser
• be free of cruft (games, openoffice-de, etc.)
• boot kernel 2.6 by default (change the syslinux.conf boot options)
• use a custom work-related desktop background :P

Re:Obligatory Joke

OMG! We slashdotted IBM!

[would have been funnier if it were true]

Re:knoppix

and for Windows users learning linux. *ahem*

Re:Knoppix is good, but MEPIS rocks!

> Knoppix might be useful for rescuing a system, but as an
> overal distro, it suffers from the problem that you can't install
> it to your hard driv

Yeah, cos using the Knoppix "Install to Hard Drive" menu option and waiting is difficult.

menu option and waiting is difficult

Yeah, cos using the Knoppix "Install to Hard Drive" menu option and waiting is difficult.

Actually, the gripe is a legitimate one, although very poorly presented. I'm a regular on the Knoppin forums at www.knoppix.net and I constantly see people posting problems with things (mostly simple networking) that worked fine under Knoppix when running from the CD but stopped working as soon as Knoppix was installed to hard disk. Most of the time this seems to be simple permission issues or something that for some reason I don't understand needs to be added to a configuration file. But it's been going on for years and the install scripts never seem to get around to addressing it and making the premissioins right. See for yourself by scanning this forum [knoppix.net].

I just write it off to the arogance that almost all Linux geeks seem to have for newcomers who don't know the cryptic commands to change permissions or all the magic places startup configuration stuff is stored. The geeks who master Knoppix must come across the same problems, but just know where to go to twiddle the right bits to make everything right. That they don't "bother" to go back and make the HD install scripts do this seems strange.

Re:Knoppix is good, but MEPIS rocks!

Yeah, cos using the Knoppix "Install to Hard Drive" menu option and waiting is difficult.

Have you ever actually DONE a Knoppix hd install? Sure the install is easy, but have you ever actually used a hard disk installed knoppix system? It always results in broken apt. And no matter how many times I've tried to beat a knoppix hdinstall's apt into submission to TRULY convert it into Debian, I simply can't.

Knoppix is a great livecd, but a horrible installer. It's less trouble to just install straight Debian.

Re:Knoppix is good, but MEPIS rocks!

Never done it myself, but I've heard that the knopix CDs include a debian installer. Also, you can use an external hard drive or flash drive to hold your home directory and just install stuff there.

Re:Knoppix is good, but MEPIS rocks!

Except that Knoppix will happily install to your hard drive. It may not be pretty-shiney(tm) like some installers, but I don't find these to be "complex workarounds":

http://www.bytebot.net/geekdocs/debian-knoppix.h tm l
http://www.freenet.org.nz/misc/knoppix-install. htm l

Yes, you can: knx-hdinstall

"You can't install it to your hard drive."

Yes, you can: [freenet.org.nz] knx-hdinstall.

Re:Yes, you can: knx-hdinstall

True, but MEPIS has pretty much been built from the beginning as a dual purpose distro (bootable CD / rescue disk, and full-featured distro), and has a wide community of day-to-day users now (check out MEPISLovers.com [mepislovers.com]. There's probably nothing you can do with MEPIS that you can't do with Knoppix, and vice versa, but I still think Knoppix is first and foremost a rescue disk and "Linux intro" CD for newbies. MEPIS is the new Mandrake, and has basically been able to take mindshare by working with the (IMHO) superior apt-get system, and providing the best, most working hardware support out there.

In theory, URPMI is fabulous, but in practice, I've had far, far better luck keeping a clean, consistent system without weird, incompatible RPMs and other stuff mucking up my install when using MEPIS, and find I almost never have to go outside of the pre-configured repositories. And Mandrake's lack of working out of the box Nvidia support (at least as of the last version I used, probably a year and a half ago) killed it for me. MEPIS is the first distro I've been able to use extensively without encountering some hitch that required a kernel recompile.

Don't get me wrong, I have been doing Linux kernel compiles since around '96 (when I was a freshman in college, and I thought compiling the kernel was pretty 3733+), but I just don't want to screw around with that stuff for a day-to-day use desktop system. Custom compiled kernels for special purpose server boxes is fine, but it just doesn't fly for a desktop distro for me - I want to get work done, not screw around with kernel settings.

Re:Knoppix is good, but MEPIS rocks!

Check again, the SimplyMEPIS-2004.03.iso is nowhere near a year old.

Re:Security?!?!?

how safe is it to be able to access anything just by putting a disk in the drive

Well, on my machines (i.e. which I use, @home or @work) only booting from the main hdd is allowed, everythig else is disabled, bios pass'ed. If I want to boot from something else, I enable it. One would need many minutes long work to open the cases and reset the bioses especially if they don't know the specific mobo.

Not a very good protection by any means, but it stops giggling coworkers from being jerks on my machine.

Re:Security?!?!?

Without physical security you have no security at all. I don't even need a boot disk to root your linux box. When the box hits the LILO or Grub protion I can interupt the boot and add "single" to boot options of the kernel. The machine will now start in single user mode (which does not require the root password). I can now make a back of shadow password file, change the root password, and telinit(8) to whatever level your distro uses for network connectivity. I can then upload your "sensitive" files to box I own. To civer my tracks I can remove my presence from all of your logs (or if I was smart, just restore backed up version of logs), restore the shadow password file, touch(1) all of the files back to their original mtimes, and voila.

Re:Security?!?!?

This post isn't even worth the match to flame it.

Re:BitTirrent of KNOPPIX_V3.6-2004-08-16-EN-Live-C

HAHAHAHA.. frelled..

hey.. that's on tomorrow!! woo hoo!!

Re:Security?!?!?

Everything on my drive is 128 bit AES encrypted on the fly when I use it - you and your knoppix CD can take your best shot. It's not the fault of the Knoppix people that your data is insecure enough to be read by anyone with a boot disk.