Susan Chan Lee wrote:
> Thanks for all the replies, none of them seemed to work for me though!
>
> Anyway I got it working using the below commands. BUT my question to the
....
> [root@fanta /root]# losetup /dev/loop0 hda5.bs1024.dd
> [root@fanta /root]# mke2fs /dev/loop0 1024
.....
> [root@fanta /root]# mount -o ro /dev/loop0 /mnt/boot/
It seems to me that you just formatted the disk image. If you look
in /mnt/boot, I expect that all you'll see is the (newly created)
lost+found directory.
I hope you were using a spare copy of the file to do this.
Have you tried
file hda5.bs1024.dd
??
It should identify what the image you have is.
It may be a compressed partition. I'd also peel off a couple of blocks of the
file (256 bytes at a time) and see if you have a recognizable file type...
dd if=somefile of=somefile2 bs=256 skip=1 count=10000
That'll peel off a maximum of 2MB of the image, skipping the first
256 bytes. more than enough for 'file' to do it's work. (and enough for 'mount' to
recognize (and possibly choke on) the nub of a filesystem.
Note that losetup allows a user to mount at an offset (with 1 byte granularity)
and/or use an encrypted file.
BTW: To verify the integrity of the HD image, I'd do an md5sum of the image
file and keep the results somewhere safe (so that you can always verify it)
Even better yet, use pgp or gpg to create a signed digest of the file. That's
much more likely to keep a court happy. You'd be best off if you can get an
independent 3rd party to sign your signed digest.
> [root@fanta /root]# mount -o ro /dev/loop0 /mnt/boot/
> trying
>
> mount -o loop image.dd /mountpoint -vv
>
> I get:
>
> mount: going to use the loop device /dev/loop3
> set_loop(/dev/loop3,ttt/image2.dd,0): success
> mount: setup loop device successfully
> EXT2-fs: loop(7,3): couldn't mount because of unsupported optional
> features (4).del_loop(/dev/loop3): success
> mount: wrong fs type, bad option, bad superblock on /dev/loop3,
> or too many mounted file systems
Try getting a recent version of Linux (I'm using Redhat 8.0).
More recent versions tend to be able to handle more FS types
better.
You don't need a fast machine to do this.
Get yourself an old P2/200, put a disk on it and load Redhat
You might want to try BSD as well. It doesn't look like Linux is
very good at reading BSD images..
--
Stephen Samuel +1(604)876-0426 samuelat_private
http://www.bcgreen.com/~samuel/
Powerful committed communication, reaching through fear, uncertainty and
doubt to touch the jewel within each person and bring it to life.
-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Jan 01 2003 - 20:05:44 PST