Nuke

From Halfface
Jump to navigation Jump to search

How to nuke linux machine remotely

chroot

lsblk
telinit 2
for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done
service nfs stop
service rpcidmapd stop
killall java
mkdir /dev/shm/ramdisk/
cd /dev/shm/ramdisk
mkdir proc sys dev usr
rsync -a /usr/bin/ usr/bin/
rsync -a /bin/ bin/
rsync -a /usr/sbin/ usr/sbin/
rsync -a /sbin/ sbin/
rsync -a /lib64/ lib64/
mount -t proc proc proc/
mount -t sysfs sys sys/
mount -o bind /dev dev/
mount /dev/shm -o remount,rw,exec,suid,dev
chroot .
dd if=/dev/zero of=/dev/sda bs=1M &
while kill -USR1 $(pgrep -f dd); do sleep 10;done

pivot_root

http://www.ivarch.com/blogs/oss/2007/01/resize-a-live-root-fs-a-howto.shtml

# Stop all services other than the network and SSH, and stop SELinux interfering:
telinit 2
# stop services
for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices') ; do service $SERVICE stop; done
service nfs stop
service rpcidmapd stop
setenforce 0 

# Unmount all filesystems:
umount -a

# Create a temporary filesystem:
mkdir /dev/shm/tmproot/
mount none /dev/shm/tmproot/ -t tmpfs
mkdir /dev/shm/tmproot//{proc,sys,usr,var,oldroot}
cp -ax /{bin,etc,mnt,sbin,lib,lib64} /dev/shm/tmproot//
cp -ax /usr/{bin,sbin,lib,lib64} /dev/shm/tmproot//usr/
cp -ax /var/{account,empty,lib,local,lock,nis,opt,preserve,run,spool,tmp,yp} /dev/shm/tmproot//var/
cp -a /dev /dev/shm/tmproot/dev

# Switch the filesystem root to the temporary filesystem:
pivot_root /dev/shm/tmproot/ /dev/shm/tmproot/oldroot
mount none /proc -t proc
mount none /sys -t sysfs
mount none /dev/pts -t devpts

# restart sshd
service sshd restart
# You should now try to make a new connection. If that succeeds, close your old one to release the old pty device. If it fails, get the SSH daemon properly restarted before proceeding.  

# Close everything that's still using the old filesystem:
umount /oldroot/proc
umount /oldroot/dev/pts
umount /oldroot/selinux
umount /oldroot/sys
umount /oldroot/var/lib/nfs/rpc_pipefs
# Now try to find other things that are still holding on to the old filesystem, particularly /dev:
fuser -vm /oldroot/dev
# Common processes that will need killing:
killall udevd
killall gconfd-2
killall mingetty
killall minilogd
Finally, you will need to re-execute init:
# telinit u

Unmount the old filesystem:
umount -l /oldroot/dev
umount /oldroot