Nuke: Difference between revisions
Jump to navigation
Jump to search
(Created page with "=How to nuke linux machine remotely= ==chroot== telinit 2 for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices') ; do service...") |
(→chroot) |
||
(7 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
=How to nuke linux machine remotely= | =How to nuke linux machine remotely= | ||
==chroot== | ==chroot== | ||
lsblk | |||
telinit 2 | telinit 2 | ||
for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices') ; do service $SERVICE stop; done | for i in 1 2 3 4 5 ; do for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done ; done | ||
service nfs stop | service nfs stop | ||
service rpcidmapd stop | service rpcidmapd stop | ||
Line 20: | Line 21: | ||
chroot . | chroot . | ||
dd if=/dev/zero of=/dev/sda bs=1M & | dd if=/dev/zero of=/dev/sda bs=1M & | ||
while kill -USR1 $(pgrep -f dd); | while ps uxawww| grep -q "[d]d " ; do kill -USR1 $(pgrep -f "dd ") ; sleep 1 ; done | ||
If shutdown fail then this might work. | |||
echo 1 > /proc/sys/kernel/sysrq | |||
echo b > /proc/sysrq-trigger | |||
==pivot_root== | ==pivot_root== | ||
Line 27: | Line 31: | ||
telinit 2 | telinit 2 | ||
# stop services | # stop services | ||
for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices') ; do service $SERVICE stop; done | for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done | ||
service nfs stop | service nfs stop | ||
service rpcidmapd stop | service rpcidmapd stop | ||
Line 42: | Line 46: | ||
cp -ax /usr/{bin,sbin,lib,lib64} /dev/shm/tmproot//usr/ | cp -ax /usr/{bin,sbin,lib,lib64} /dev/shm/tmproot//usr/ | ||
cp -ax /var/{account,empty,lib,local,lock,nis,opt,preserve,run,spool,tmp,yp} /dev/shm/tmproot//var/ | cp -ax /var/{account,empty,lib,local,lock,nis,opt,preserve,run,spool,tmp,yp} /dev/shm/tmproot//var/ | ||
rsync -aP /dev/ /dev/shm/tmproot/dev/ --exclude shm | |||
# Switch the filesystem root to the temporary filesystem: | # Switch the filesystem root to the temporary filesystem: |
Latest revision as of 10:30, 16 December 2019
How to nuke linux machine remotely
chroot
lsblk telinit 2 for i in 1 2 3 4 5 ; do for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done ; done service nfs stop service rpcidmapd stop killall java mkdir /dev/shm/ramdisk/ cd /dev/shm/ramdisk mkdir proc sys dev usr rsync -a /usr/bin/ usr/bin/ rsync -a /bin/ bin/ rsync -a /usr/sbin/ usr/sbin/ rsync -a /sbin/ sbin/ rsync -a /lib64/ lib64/ mount -t proc proc proc/ mount -t sysfs sys sys/ mount -o bind /dev dev/ mount /dev/shm -o remount,rw,exec,suid,dev chroot . dd if=/dev/zero of=/dev/sda bs=1M & while ps uxawww| grep -q "[d]d " ; do kill -USR1 $(pgrep -f "dd ") ; sleep 1 ; done
If shutdown fail then this might work.
echo 1 > /proc/sys/kernel/sysrq echo b > /proc/sysrq-trigger
pivot_root
http://www.ivarch.com/blogs/oss/2007/01/resize-a-live-root-fs-a-howto.shtml
# Stop all services other than the network and SSH, and stop SELinux interfering: telinit 2 # stop services for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done service nfs stop service rpcidmapd stop setenforce 0 # Unmount all filesystems: umount -a # Create a temporary filesystem: mkdir /dev/shm/tmproot/ mount none /dev/shm/tmproot/ -t tmpfs mkdir /dev/shm/tmproot//{proc,sys,usr,var,oldroot} cp -ax /{bin,etc,mnt,sbin,lib,lib64} /dev/shm/tmproot// cp -ax /usr/{bin,sbin,lib,lib64} /dev/shm/tmproot//usr/ cp -ax /var/{account,empty,lib,local,lock,nis,opt,preserve,run,spool,tmp,yp} /dev/shm/tmproot//var/ rsync -aP /dev/ /dev/shm/tmproot/dev/ --exclude shm # Switch the filesystem root to the temporary filesystem: pivot_root /dev/shm/tmproot/ /dev/shm/tmproot/oldroot mount none /proc -t proc mount none /sys -t sysfs mount none /dev/pts -t devpts # restart sshd service sshd restart # You should now try to make a new connection. If that succeeds, close your old one to release the old pty device. If it fails, get the SSH daemon properly restarted before proceeding. # Close everything that's still using the old filesystem: umount /oldroot/proc umount /oldroot/dev/pts umount /oldroot/selinux umount /oldroot/sys umount /oldroot/var/lib/nfs/rpc_pipefs # Now try to find other things that are still holding on to the old filesystem, particularly /dev: fuser -vm /oldroot/dev # Common processes that will need killing: killall udevd killall gconfd-2 killall mingetty killall minilogd Finally, you will need to re-execute init: # telinit u Unmount the old filesystem: umount -l /oldroot/dev umount /oldroot