Just for the future:
There is a utility called libtrash. This is a wrapper library (LD_PRELOAD hack) around the system calls which Linux uses when deleting files, and which moves them to a configurable location instead.
However, if the damage is done:
It might be easy but it might be as well impossible to recover the lost files. One should for heaven's sake not unmount and re-mount the partition (that is, not reboot!).
If there is still any process running which holds the specific file open, then you're lucky and just copy the file descriptor from the /proc directory.
Here's a guide for that:
http://www.linux.com/article.pl?sid=06/10/30/1652211
There are utilities for ext2 based file systems. One is called recover, and one e2undel. But you need to remember some informations about the files. And it won't work with ext3...
Also, depending on file type you might want to try "forensic utilities". These scan the whole partition for "magic bytes"/headers of known filetypes and *try* to restore them.
* Magic Rescue
* foremost
* The Coroner's toolkit
* PhotoRec (this claims even to recover from USBs, and memory cards).
* probably others...
No comments:
Post a Comment