blks -A not working
Brought to you by:
carrier
Menu
▾
▴
#103 blks -A not working
From John Lehr:
Good Morning Group,
I have a question about blkls, particularly the –a option. I am creating keyword search files with blkls and srch_strings, and I wanted to distinguish between allocated and unallocated, created one two text files for each type of block (ascii and unicode).
For unallocated, I used something like:
# blkls partition.dd | srch_strings –t d > text.file
This produced a text file of ascii strings with byte offset from unallocated blocks as desired.
For allocated, I tried:
# blkls –a partition.dd | srch_strings –t d > text.file
But, surprisingly, it looks like all blocks were exported from the partition, not just allocated blocks. (I piped blkls through ‘pv’ to meter the output and instead of getting the 83gb of allocated space, I got the whole 221gb partition).
Confirmed by RB:
Confirmed on 3.0.1/Gentoo:
[test@test sleuthtest] dd if=/dev/zero of=ext2.img bs=1024 count=1024
1024+0 records in
1024+0 records out
1048576 bytes (1.0 MB) copied, 0.00636198 s, 165 MB/s
[test@test sleuthtest] mkfs.ext2 -q ext2.img
[test@test sleuthtest] md5sum ext2.img
3adb3f90e51cde1277036247809a051e ext2.img
[test@test sleuthtest] blkls -a ext2.img | md5sum -
3adb3f90e51cde1277036247809a051e -
[test@test sleuthtest] blkls -e ext2.img | md5sum -
3adb3f90e51cde1277036247809a051e -
[test@test sleuthtest] blkls -A ext2.img | md5sum -
b04822bb7365e95e9e73b770c8f44508 -
Fixed in trunk. Flags were not being cleared and all files were therefore being searched.
Sending trunk/CHANGES.txt
Sending trunk/tools/fstools/blkls.cpp
Transmitting file data ..
Committed revision 120.