> ls: trelvik: File too large
Let me guess. The file is >2GB? If so, this is simply because your
file utilities are not compiled with large file (64 bit) support.
Here are some notes I have on fixing things for Linux:
Updates to Red Hat 7.1 system required to deal with large (>2GB)
partition image files with The Coroner's Toolkit and TCTutils/autopsy.
stat:
stat-2.5-2 (from rawhide)
strings:
binutils-2.11.90.0.8-12.i386.rpm (from rawhide)
[requires libc.so.6(GLIBC_2.2.3)]
glibc-2.2.4-18.i686.rpm
glibc-common-2.2.4-18.i686.rpm
glibc-devel-2.2.4-18.i686.rpm
Workaround: Redirect I/O instead of open file ("strings <file"),
hack strings.c and bfd/bfd>*.h to handle "long long int" file
offsets.
less:
less-358-21.i386.rpm (from rawhide)
xxd:
vim-common-6.0-0.27
vim-enhanced-6.0-0.27
vim-minimal-6.0-0.27
vim-X11-6.0-0.27
file:
(Reported to Bugzilla - no resolution as of 10/5/2001)
Workaround: use "file" from TCT instead
TCT 1.08:
Recompile with "-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
TCT Utils 1.0:
Recompile with "-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
autopsy:
autopsy fails with "image file not found" due to Perl's -e
not being able to stat the large file properly, and
"Invalid block argument (positive numbers only)" due
to Red Hat's perl being compiled with 32 bit ints.
Workaround: Compile perl 5.6.1 from source with large
file support enabled and 64 bit ints.
--
Dave Dittrich Computing & Communications
dittrichat_private University Computing Services
http://staff.washington.edu/dittrich University of Washington
PGP key http://staff.washington.edu/dittrich/pgpkey.txt
Fingerprint FE 97 0C 57 08 43 F3 EB 49 A1 0C D0 8E 0C D0 BE C8 38 CC B5
-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Apr 25 2002 - 21:22:03 PDT