Nuke: Difference between revisions
Jump to navigation
Jump to search
(→chroot) |
|||
Line 3: | Line 3: | ||
lsblk | lsblk | ||
telinit 2 | telinit 2 | ||
for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done | for i in 1 2 3 4 5 ; do for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done ; done | ||
service nfs stop | service nfs stop | ||
service rpcidmapd stop | service rpcidmapd stop |
Revision as of 10:11, 16 December 2019
How to nuke linux machine remotely
chroot
lsblk telinit 2 for i in 1 2 3 4 5 ; do for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done ; done service nfs stop service rpcidmapd stop killall java mkdir /dev/shm/ramdisk/ cd /dev/shm/ramdisk mkdir proc sys dev usr rsync -a /usr/bin/ usr/bin/ rsync -a /bin/ bin/ rsync -a /usr/sbin/ usr/sbin/ rsync -a /sbin/ sbin/ rsync -a /lib64/ lib64/ mount -t proc proc proc/ mount -t sysfs sys sys/ mount -o bind /dev dev/ mount /dev/shm -o remount,rw,exec,suid,dev chroot . dd if=/dev/zero of=/dev/sda bs=1M & while kill -USR1 $(pgrep -f dd); do sleep 10;done
If shutdown fail then this might work.
echo 1 > /proc/sys/kernel/sysrq echo b > /proc/sysrq-trigger
pivot_root
http://www.ivarch.com/blogs/oss/2007/01/resize-a-live-root-fs-a-howto.shtml
# Stop all services other than the network and SSH, and stop SELinux interfering: telinit 2 # stop services for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done service nfs stop service rpcidmapd stop setenforce 0 # Unmount all filesystems: umount -a # Create a temporary filesystem: mkdir /dev/shm/tmproot/ mount none /dev/shm/tmproot/ -t tmpfs mkdir /dev/shm/tmproot//{proc,sys,usr,var,oldroot} cp -ax /{bin,etc,mnt,sbin,lib,lib64} /dev/shm/tmproot// cp -ax /usr/{bin,sbin,lib,lib64} /dev/shm/tmproot//usr/ cp -ax /var/{account,empty,lib,local,lock,nis,opt,preserve,run,spool,tmp,yp} /dev/shm/tmproot//var/ rsync -aP /dev/ /dev/shm/tmproot/dev/ --exclude shm # Switch the filesystem root to the temporary filesystem: pivot_root /dev/shm/tmproot/ /dev/shm/tmproot/oldroot mount none /proc -t proc mount none /sys -t sysfs mount none /dev/pts -t devpts # restart sshd service sshd restart # You should now try to make a new connection. If that succeeds, close your old one to release the old pty device. If it fails, get the SSH daemon properly restarted before proceeding. # Close everything that's still using the old filesystem: umount /oldroot/proc umount /oldroot/dev/pts umount /oldroot/selinux umount /oldroot/sys umount /oldroot/var/lib/nfs/rpc_pipefs # Now try to find other things that are still holding on to the old filesystem, particularly /dev: fuser -vm /oldroot/dev # Common processes that will need killing: killall udevd killall gconfd-2 killall mingetty killall minilogd Finally, you will need to re-execute init: # telinit u Unmount the old filesystem: umount -l /oldroot/dev umount /oldroot