Thread (4 messages) 4 messages, 3 authors, 2021-03-10

Re: Scrubbing filenames from meta-data dump of ext4 filesystems

From: George Goffe <hidden>
Date: 2021-03-10 17:12:31 

Andreas,

Thank you for all your help!

Best regards,

George...

On Tue, Mar 9, 2021 at 12:37 AM Andreas Dilger [off-list ref] wrote:
On Mar 8, 2021, at 2:40 PM, Theodore Ts'o [off-list ref] wrote:
quoted
On Mon, Mar 08, 2021 at 12:01:46PM -0800, George Goffe wrote:
quoted
Howdy,

I'm helping to shoot a bug on a Fedora Core 35 system and have been
requested to provide a meta-data dump of the problem filesystem. The
filenames are restricted so I need to scrub this file  before sending
it.

Does ext4 have a facility whereby I can scrub the filenames from the dump?
Yes, please see the following excerpt from the e2image man page:

   This will only send the metadata information, without any data
   blocks.  However, the filenames in the directory blocks can still
   reveal information about the contents of the filesystem that the
   bug reporter may wish to keep confidential.  To address this
   concern, the -s option can be specified.  This will cause e2image
   to scramble directory entries and zero out any unused portions of
   the directory blocks before writing the image file.  However, the
   -s option will prevent analysis of problems related to hash-tree
   indexed directories.
I had actually looked for this option in the e2image man page in order
to reply to this email, but I couldn't find it and wondered if I had
mis-remembered the existence of this functionality.

I've pushed a patch that reorganizes the e2image man page to list all
of the options explicitly in a separate OPTIONS section, rather than
putting them inline in the text, which makes it hard to find them.

Cheers, Andreas
quoted
The -s option can be used with the -r and -Q options to e2image, for
creating raw and qcow2 image dumps, respectively.  Because the
filenames have been scrambled, this will invalidate the hash-tree
indexes for the directory, so e2fsck will complain about this.  But
for some kinds of corruption, the -s option can provide data when the
customer would otherwise not be willing to provide a metadata-only
dump of the file system.

Hope this helps,

                              - Ted

Cheers, Andreas





-- 
It's not what you know that hurts you, it's what you KNOW that AINT
so. WIll Rodgers
Related discussions
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help