Nuke: Difference between revisions

From Halfface
Jump to navigation Jump to search
 
(6 intermediate revisions by the same user not shown)
Line 3: Line 3:
  lsblk
  lsblk
  telinit 2
  telinit 2
  for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices') ; do service $SERVICE stop; done
  for i in 1 2 3 4 5 ; do for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done ; done
  service nfs stop
  service nfs stop
  service rpcidmapd stop
  service rpcidmapd stop
Line 21: Line 21:
  chroot .
  chroot .
  dd if=/dev/zero of=/dev/sda bs=1M &
  dd if=/dev/zero of=/dev/sda bs=1M &
  while kill -USR1 $(pgrep -f dd); do sleep 10;done
  while ps uxawww| grep -q "[d]d " ; do kill -USR1 $(pgrep -f "dd ") ; sleep 1 ; done
If shutdown fail then this might work.
echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger


==pivot_root==
==pivot_root==
Line 28: Line 31:
  telinit 2
  telinit 2
  # stop services
  # stop services
  for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices') ; do service $SERVICE stop; done
  for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done
  service nfs stop
  service nfs stop
  service rpcidmapd stop
  service rpcidmapd stop
Line 43: Line 46:
  cp -ax /usr/{bin,sbin,lib,lib64} /dev/shm/tmproot//usr/
  cp -ax /usr/{bin,sbin,lib,lib64} /dev/shm/tmproot//usr/
  cp -ax /var/{account,empty,lib,local,lock,nis,opt,preserve,run,spool,tmp,yp} /dev/shm/tmproot//var/
  cp -ax /var/{account,empty,lib,local,lock,nis,opt,preserve,run,spool,tmp,yp} /dev/shm/tmproot//var/
  cp -a /dev /dev/shm/tmproot/dev
  rsync -aP /dev/ /dev/shm/tmproot/dev/ --exclude shm
   
   
  # Switch the filesystem root to the temporary filesystem:
  # Switch the filesystem root to the temporary filesystem:

Latest revision as of 10:30, 16 December 2019

How to nuke linux machine remotely

chroot

lsblk
telinit 2
for i in 1 2 3 4 5 ; do for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done ; done
service nfs stop
service rpcidmapd stop
killall java
mkdir /dev/shm/ramdisk/
cd /dev/shm/ramdisk
mkdir proc sys dev usr
rsync -a /usr/bin/ usr/bin/
rsync -a /bin/ bin/
rsync -a /usr/sbin/ usr/sbin/
rsync -a /sbin/ sbin/
rsync -a /lib64/ lib64/
mount -t proc proc proc/
mount -t sysfs sys sys/
mount -o bind /dev dev/
mount /dev/shm -o remount,rw,exec,suid,dev
chroot .
dd if=/dev/zero of=/dev/sda bs=1M &
while ps uxawww| grep -q "[d]d " ; do kill -USR1 $(pgrep -f "dd ") ; sleep 1 ; done

If shutdown fail then this might work.

echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger

pivot_root

http://www.ivarch.com/blogs/oss/2007/01/resize-a-live-root-fs-a-howto.shtml

# Stop all services other than the network and SSH, and stop SELinux interfering:
telinit 2
# stop services
for SERVICE in $(chkconfig --list | grep 2:on | awk '{print $1}' | grep -Ev 'sshd|network|rawdevices|sudoscriptd') ; do service $SERVICE stop; done
service nfs stop
service rpcidmapd stop
setenforce 0 

# Unmount all filesystems:
umount -a

# Create a temporary filesystem:
mkdir /dev/shm/tmproot/
mount none /dev/shm/tmproot/ -t tmpfs
mkdir /dev/shm/tmproot//{proc,sys,usr,var,oldroot}
cp -ax /{bin,etc,mnt,sbin,lib,lib64} /dev/shm/tmproot//
cp -ax /usr/{bin,sbin,lib,lib64} /dev/shm/tmproot//usr/
cp -ax /var/{account,empty,lib,local,lock,nis,opt,preserve,run,spool,tmp,yp} /dev/shm/tmproot//var/
rsync -aP /dev/ /dev/shm/tmproot/dev/ --exclude shm

# Switch the filesystem root to the temporary filesystem:
pivot_root /dev/shm/tmproot/ /dev/shm/tmproot/oldroot
mount none /proc -t proc
mount none /sys -t sysfs
mount none /dev/pts -t devpts

# restart sshd
service sshd restart
# You should now try to make a new connection. If that succeeds, close your old one to release the old pty device. If it fails, get the SSH daemon properly restarted before proceeding.  

# Close everything that's still using the old filesystem:
umount /oldroot/proc
umount /oldroot/dev/pts
umount /oldroot/selinux
umount /oldroot/sys
umount /oldroot/var/lib/nfs/rpc_pipefs
# Now try to find other things that are still holding on to the old filesystem, particularly /dev:
fuser -vm /oldroot/dev
# Common processes that will need killing:
killall udevd
killall gconfd-2
killall mingetty
killall minilogd
Finally, you will need to re-execute init:
# telinit u

Unmount the old filesystem:
umount -l /oldroot/dev
umount /oldroot