Linux System Administration

0 of 85 lessons complete (0%)
Exit Course

System Backup & Recovery, Active Directory, LDAP

System Recovery in Linux

You don’t have access to this lesson

Please register or sign in to access the course content.

System Recovery in Linux

System recovery in Linux refers to the process of restoring files, directories, applications, and sometimes the entire operating system to a previous working state after a system failure, data corruption, accidental deletion, or other issues. Recovery can involve restoring from a backup or using system tools to repair damaged components.

Types of Recovery:

  1. File Recovery: Restoring individual files that have been deleted or corrupted.
  2. Application Recovery: Reinstalling or restoring specific applications and their configurations.
  3. System Recovery: Restoring the entire system, including the OS and configuration files.
  4. Partition or Disk Recovery: Restoring entire disks or partitions after failures, corruption, or accidental deletions.

Logs for Recovering Files and Applications

Logs can help track and troubleshoot recovery processes. Below are some important log files and commands for monitoring recovery:

  1. System Logs:
    • Location: /var/log/syslog or /var/log/messages
    • Check logs for error messages during recovery, particularly after system crashes or file corruption.
    • Example: tail -f /var/log/syslog
  2. Backup Logs:
    • Always store logs of your backup operations for troubleshooting recovery issues.
    • Example: Create an rsync log during backup or restoration rsync -av --log-file=/var/log/rsync.log /backup/source /backup/destination
  3. Recovery Logs:
    • During recovery operations, you can create logs to keep track of what’s restored or any errors encountered.
    • Example: Log the recovery process using tar
    • tar -zxvf /backup/backup.tar.gz -C /restore/directory/ > /var/log/tar_restore.log 2>&1
  4. Application Logs:
    • If recovering specific applications, check their individual logs located in /var/log/ for any errors.
    • Example: To monitor Apache logs during restoration
    • tail -f /var/log/apache2/error.log

Example: Recovering Files from a tar Backup with Logs

# Restore files from a backup tarball and create a log file for the operation
tar -zxvf /backup/backup.tar.gz -C /restore/directory/ > /var/log/restore.log 2>&1

# View the log for any errors or confirmation of successful restoration
cat /var/log/restore.log

Example: Application Recovery Logs

# Reinstalling an application and logging the output
sudo apt-get install --reinstall apache2 > /var/log/apache_reinstall.log 2>&1

# View the log
cat /var/log/apache_reinstall.log

Incorporating these tools and logs ensures an organized approach to system recovery, making it easier to troubleshoot issues during the restoration process.

Linux Recovery Tools

Linux Recovery Tools:

  1. TestDisk
    • A powerful tool for recovering lost partitions and making non-booting disks bootable again.
    • Can restore deleted partitions and repair file systems.
    • Example: Recover a lost partitionbashCopy codesudo testdisk Follow the on-screen instructions to select the disk and search for lost partitions.
  2. PhotoRec
    • Companion tool to TestDisk, used to recover lost files from hard disks, USB drives, and memory cards.
    • It works even when the file system is damaged.
    • Example: Recover lost filesbashCopy codesudo photorec Follow the interactive menu to select the disk and file types for recovery.
  3. extundelete
    • A utility specifically designed for recovering deleted files from ext3 and ext4 partitions.
    • Example: Recover a deleted filebashCopy codesudo extundelete --restore-file /path/to/file /dev/sdX
  4. rsync (For Restoring Backups)
    • If rsync was used for backups, the same tool can restore files.
    • Example: Restore a directorybashCopy codersync -av /backup/directory/ /restored/directory/
  5. tar (For Restoring tar Backups)
    • Restores files archived with tar during backup.
    • Example: Extract a tar archive to restore filesbashCopy codetar -zxvf /backup/backup.tar.gz -C /restore/directory/
  6. dd (Disk Imaging and Cloning)
    • Can be used for restoring complete disk images created with dd.
    • Example: Restore a disk imagebashCopy codedd if=/backup/sda.img of=/dev/sda bs=4M
  7. Clonezilla (System Imaging)
    • Restores disk images and partitions saved with Clonezilla, making it useful for disaster recovery.
    • Example: Restore from a saved disk imagebashCopy codesudo clonezilla -restore
  8. Timeshift (For Restoring Snapshots)
    • If snapshots were created using Timeshift, it can quickly restore the system to a previous state.
    • Example: Restore a snapshot using TimeshiftbashCopy codesudo timeshift --restore
  9. gpart (Partition Recovery)
    • A tool used to recover lost partitions by scanning and re-creating them.
    • Example: Run a partition scanbashCopy codesudo gpart /dev/sda
  10. Reinstalling Applications (via apt, dnf, etc.)
    • Sometimes applications or libraries need to be reinstalled if corrupted.
    • Example: Reinstalling a packagebashCopy codesudo apt-get install --reinstall package_name