Zhanga Redux

The chronicles of the work and personal life of a boring software developer with an awesome dog.

Identifying file associated with a bad sector on ext2/ext3/ext4

Monday, April 16, 2018

I got some SMART warnings about a bad sector on my hard drive, and I wanted to know which specific file had the bad sector.

First, I looked at the SMART logs to see where the problem was:

# smartctl -x /dev/sdd

  After command completion occurred, registers were:
  -- -- -- == -- == == == -- -- -- -- --
  40 -- 51 00 08 00 00 04 4b 5b c0 40 00  Error: UNC at LBA = 0x044b5bc0 = 72047552


fdisk -l is useful for looking at the partition info and sector size:

# fdisk -l /dev/sdd
Disk /dev/sdd: 1.8 TiB, 2000398934016 bytes, 3907029168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x54afc7e9

Device     Boot Start        End    Sectors  Size Id Type
/dev/sdd1        2048 3907029167 3907027120  1.8T 83 Linux

Then I used badblocks to look around that physical sector for more bad sectors. My sector size is 512 bytes, shown above; also, badblocks takes the end sector number first, followed by the start sector:

# badblocks -b 512 /dev/sdd 72047570 72047540

Finally, debugfs is useful for finding which files are on those blocks.


  1. First, find the logical filesystem block number by computing (physical sector - partition start sector) * (physical sector size / filesystem block size). In my case, this would be (72047552 − 2048) * (512 / 4096) = 9005688. Since there are 9 contiguous sectors affected, the bad area stretches into block 9005689 as well.
  2. Use testb to see whether there is actually anything there. If not, then no data is lost.
  3. Use icheck to find the inode corresponding to those blocks. Luckily (?), both bad blocks are associated with the same inode here.
  4. Finally, use ncheck to find the pathname(s) associated with the inode.
# debugfs /dev/sdd1
debugfs 1.43.5 (04-Aug-2017)
debugfs:  testb 9005688
Block 9005688 marked in use
debugfs:  testb 9005689
Block 9005689 marked in use
debugfs:  icheck 9005688
Block   Inode number
9005688 105518423
debugfs:  icheck 9005689
Block   Inode number
9005689 105518423
debugfs:  ncheck 105518423
Inode   Pathname
105518423       /drz/rdiff-backup/artanis/var/lib/pgsql/data/base/21595/26720

Here, it was just a backup file, so once I swap out the hard drive or reallocate the sector, the next backup cycle will fix the lost data.

Tags: linux | Posted at 22:57 | Comments (35)

Using 7-Zip to create AES-256 encrypted zip files from the command line

Sunday, March 11, 2018

The default encryption method used by 7-Zip for Zip files, and the only method supported by InfoZip, is ZipCrypto, which is generally pretty terrible. To create AES-256 encrypted archives using 7-Zip, use:

$ 7z a -tzip -mem=AES256 -p super-secret.zip super-secret.txt

To verify that it worked, use:

$ 7za l -slt super-secret.zip

Notice that all the filenames within the archive are visible; I don't think 7-Zip supports Zip header encryption. You can do it the ghetto way by simply putting a Zip inside an encrypted Zip to hide the filenames in the inner one.

Tags: | Posted at 20:50 | Comments (2)

Dual-booting Fedora 25 and Windows 10 on Thinkpad T560 with UEFI

Tuesday, February 28, 2017

I just bought a new Lenovo Thinkpad T560. It runs both Windows 10 and Fedora 25 quite well, but I had a lot of trouble getting the system to dual-boot. In hopes of helping somebody, here are the steps I had to take to get it to work. I'm assuming you're starting with a new laptop with Windows 10 installed, since that's what it comes with from the factory.

  1. Before doing anything else, open Power Options in Windows and turn off "fast startup" so that Windows fully shuts down.
  2. Open Disk Management and shrink the Windows partition, leaving enough space for the Linux installation. Luckily, the Windows 10 Disk Management tool makes this very easy and very fast — it wasn't so in the past!
  3. Head over to a different machine already running Fedora, and grab the netinst iso image. I got mine from here; see the links on the right-hand side of the page.
  4. Create USB boot media using livecd-iso-to-disk:
    # livecd-iso-to-disk Fedora-netinst-x86_64-25-1.3.iso /dev/sdb1
  5. The Thinkpad has UEFI Secure Boot enabled by default, which prevents it from booting off of this USB drive. Reboot the laptop and enter the Thinkpad setup utility by hitting F1 at the boot screen. Disable Secure Boot, and enable UEFI + Legacy boot. Save and exit the setup utility.
  6. At the boot screen again, hit F12 to enter the boot menu and choose the USB drive.
  7. Follow the Fedora installer like normal, taking care of course to only create partitions in the free space and not overwrite any existing partitions. Since this is a laptop with one drive, I didn't see any need for LVM and I chose the "standard" partitioning + encryption.
  8. After Fedora setup finished, I wasn't able to boot off the hard drive at all, not even into windows. So, boot off of the USB drive again. Choose the recovery option. It will find the new Fedora installation.
  9. chroot into your system:
    # chroot /mnt/sysimage
  10. Fedora's installer seems to have detected the system as a BIOS (not EFI) booting system. Let's fix that. Open parted:
    # parted /dev/sda
  11. At the parted prompt, toggle the pmbr_boot flag off:
    (parted) toggle disk_toggle pmbr_boot
    (parted) q
    You can verify this worked by issuing print. The "Disk Flags" list should not contain pmbr_boot. At this point, Windows should be bootable if you hit F12 at the startup screen and choose the Windows Boot Manager, but Fedora still won't boot.
  12. Locate your EFI partition, which is the one with type EFI System. Mine is /dev/sda1, and yours probably is too.
    # fdisk -l
    Disk /dev/sda: 477 GiB, 512110190592 bytes, 1000215216 sectors
    Units: sectors of 1 * 512 = 512 bytes
    Sector size (logical/physical): 512 bytes / 512 bytes
    I/O size (minimum/optimal): 512 bytes / 512 bytes
    Disklabel type: gpt
    Disk identifier: (a UUID here)
    Device         Start        End   Sectors   Size Type
    /dev/sda1       2048     534527    532480   260M EFI System
    /dev/sda2     534528     567295     32768    16M Microsoft reserved
    /dev/sda3     567296  205367295 204800000  97.7G Microsoft basic data
  13. Get the EFI partition's UUID:
    # blkid /dev/sda1
  14. Add a line to /etc/fstab so it always gets mounted:
    UUID=abcd-0123 /boot/efi vfat defaults 0 2
  15. Mount it:
    # mount -a
    You should see some files in /boot/efi now.
  16. Install stuff needed for EFI boot. Remember, you are still booted into the USB recovery system, but these will install into the right place since the system is chroot'ed.
    # dnf install grub2-efi grub2-efi-modules shim
  17. Because the system is still booted off of the USB drive, grub2-mkconfig doesn't think the system is an EFI system at this point. We'll need to manually copy the GRUB config file:
    # cp /boot/grub2/grub.cfg /boot/efi/EFI/fedora/grub.cfg
  18. Open /boot/efi/EFI/fedora/grub.cfg (e.g. with vi) and search/replace linux16 and initrd16 with linuxefi and initrdefi.
  19. Now reboot and hit F12 at the boot screen to open the boot menu. Choose to boot off of the hard drive. You should get the GRUB menu and Fedora should boot!
  20. To be sure that this will survive kernel updates, once you've successfully booted into Fedora, try this and make sure it still boots:
    # grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
  21. Go back into the Thinkpad setup utility, switch it to boot from UEFI only, and re-enable Secure Boot.

At this point, Fedora should show up in the boot menu that appears when you hit F12, and it can be set as the default using the setup utility. To boot Windows, either choose the Windows Boot Manager from the boot menu, or choose Windows from the GRUB menu. Either way works.

Aside from this painful series of steps which almost made me want to give up and just wipe Windows off of it completely, the T560 actually works really well with Fedora. I guess Linux isn't what it was 15 years ago — wifi, audio, suspend, OpenGL, display brightness, everything just works fine out of the box. No screwing with wpa_supplicant, xorg.conf, or any of that! And the battery life on this machine is magnificent!

Tags: fedora, installation, linux | Posted at 15:23 | Comments (4)

Advance fee fraud targeted against local photographers

Monday, March 9, 2015

I received a suspicious email a month ago via A Tale Ahead Photography's contact form:

From: Thomas Taylor <generalglaber@gmail.com>


How are you doing ?,i will like to know your availability day in
Feb,2015 just 4 hours service,also i will need portrait work done after
the photography work is done after the event...............i will like
you to get back to me with your availability day in Feb,2015 it a
family reunion party..........i will like you to email back Asap 
.Do you accept credit card payment ?

Thomas T

It's not only distinctly un-American, but the grammar and syntax closely matches the style of emails from Nigerian princes. It's also worth noting that he filled in the "date of event" field on my contact form as "20 02 2015." In fact, I'm betting this is the side job of one such prince on days when he's away from his palace. Anyway, if you couldn't tell, I was getting set up for the classic fake check scam, except this time with a stolen credit card. What's neat in this particular case is that it's not just a generic scam, but rather, locally and specifically targeted against photographers like Annie & myself.

I thought I'd mess around a bit and string him along. Note that these aren't things I would say to a real client... I would never ask a client to reschedule a family reunion party for me, or matter-of-factly add 60% as a travel fee. But "Thomas" didn't mind! Read on...

Hi Thomas,

Thank you for contacting me. I am available for your family reunion 
party on most days this month. What day and time is your party and 
where is it located?

From: Thomas Taylor <generalglaber@gmail.com>

Yes good to hear this i am looking for Feb,20th but i don't know maybe
the date is open,if the date is open with you that would be okay,also
what is your accurate cost for 4 hours service?,and i can see you can 
handle my family reunion party photography service
Photo size i want,get back to me with the accurate cost.
16x20 and 7 portrait of my family,and here is the address of the venue
470 West 7th Street San Pedro, California 90731.
The event start 12noon.


(The email above actually used four different fonts/sizes/colors. Copy/pasting from different templates?)

Hi Thomas,

The cost for four hours of photography is $1150. How many of each print
did you want? Our prints start at $1.50 for each 4x6". I am actually booked
on Feb 20, though. Any chance you could reschedule for another day?

From: Thomas Taylor <generalglaber@gmail.com>

Okay can i make it on the 21st? and i want at least two each of them so 
i want you to make it as fast as you can.....
thank you.
Hi Thomas,

Sure, the rate would be $1150 plus the 10 prints would would be a total of 
$125 extra. There is also a travel fee of $660 as your party will be 
approximately 6 hours from our studio. Would this total of $1935 work for you?

From: Thomas Taylor <generalglaber@gmail.com>

Yes good,
I am okay with the cost of $1935 does that include processing fee + tax 
cause i would need you to do me little favour cause i have a little issue 
with the payment of the venue the management of the venue for the event the 
manager told me he didn't have a credit card machine so i will need you to 
do me the favor to add his fee together with your fee he has to receive 
1900$  thru via western union for the booking of the venue so i will like 
you to get back to me with the total cost so that i can make the payment 
today or tomorrow.
Also , the reason why you are sending money via western union to the manager 
is because they have to receive payment upfront and their credit card machine 
is faulty at the moment.


Ah ha! There it is.

Sure, that's fine. Can you provide me with the name and contact info of the venue?
From: Thomas Taylor <generalglaber@gmail.com>

Yes sure, i will give you the necessary info once you have run my credit 
card, and what type of credit card do you accept?
We accept all types of credit cards, but I need the contact info of the 
venue. Could you provide that information to me?
From: Thomas Taylor <generalglaber@gmail.com>

Here is the number of the venue 312 681 0885 ask of Terry Lisa thank you.

312 is a Chicago area code. I guess they can't afford to buy a local VOIP number?

Hi Thomas,

My phone is having issues and I can't dial long distance right now. The 
number you gave me is a 312 number. Does the venue have a local phone number?

From: Thomas Taylor <generalglaber@gmail.com>

Sorry for that, you can also reach them on there email terrysa001@gmail.com 
soget back to Asap.
Hi Thomas,

That email didn't work. Why doesn't the venue have a local phone number?

From: Thomas Taylor <generalglaber@gmail.com>

I don't know, heaven me i normally send them via email but for that phone i don't know....
So i want to know if you are ready for my card or not? because i want to make the 
payment so i will know i have payed 
upfront for the venue thank you david.
Sure, I am ready. I will try emailing again tomorrow. What is the credit card number?
From: Thomas Taylor <generalglaber@gmail.com>

I will like to know all the neccessary informations needed on my Credit Card...
Hi Thomas,

I just need the credit card number as well as whether it's Amex/Visa/Mastercard/etc.

From: Thomas Taylor <generalglaber@gmail.com>

CARD NUMBER:[redacted]

NAME ON CARD: Thomas Taylor

C V V CODE: [redacted]



BILLING POST CODE: [redacted, but in California]

 I will like you to charge on my card and get back to me with the approval 


Thanks Thomas. Would you like me to charge the amount in US dollars or Naira?

(Naira is the Nigerian currency.)

From: Thomas Taylor <generalglaber@gmail.com>

US dollars what do you mean Naira? who is Naira? kindly charge my card in 
US dollars and get back to me with the approval code..

I ran out of things to say at this point. I should note that I immediately contacted both stopit@mastercard.com and spoof@citicorp.com to report the Citi-issued Mastercard as stolen, but never heard back.

Tags: fraud, photography | Posted at 12:24 | Comments (4)

Changing the time zone in CentOS

Friday, June 6, 2014

Here's how to change the time zone in CentOS. This should work on both CentOS 5 and 6.

First, determine the correct timezone. You can do this using tzselect (which just outputs some text and doesn't save anything), or by looking in /usr/share/zoneinfo for the right file. I'm on Pacific time, so for me it would be America/Los_Angeles.

Now, back up your existing time zone file:

# mv /etc/localtime /etc/localtime.bak

Then symlink the desired zoneinfo file to localtime:

# ln -s /usr/share/zoneinfo/America/Los_Angeles /etc/localtime

Now if you run date, the appropriate time zone should be displayed. There is one more step though. Open up the file /etc/sysconfig/clock and edit it to reflect the appropriate zone. For example:


Without this change, /etc/localtime will get overwritten and will revert to the previous time zone after yum or rpm updates tzdata.

Tags: linux | Posted at 08:53 | Comments (0)