Monday 12 November 2012

What's New - Oracle Solaris 11


Objective:
Key features in Oracle Solaris 11.

1. Virtualize everything.
- Extremely fast with no overhead over performance, zones can be used as an boundary for Solaris and other applications.
- Perfect OS for clouds environments, Virtualize all the data center topology into single oracle system with built-in flow control, you control the usage of the network(Network virtulization).



2. Benefit from integration inside and out.
- Optimized for oracle hardware and software.
- Foundation for public, private clouds environments.
- ZFS: heart of OS. 
- Technologies like IPS, live upgrade, boot environment, SMF, Zones are perfectly integrated.

3. Designed for rapid deployment.
- Automated installer is a new tool to deploy rapidly Solaris into bare-metal systems or zones or clouds in Data    Center with automatic installers in Solaris 11.
- IPS is the new packaging system that allows fast dependable and system updates.
- ZFS cloning, trapshooting, zoning zones can be extremely and rapidly created and deployed.



4. Enjoy your weekend with planned downtime.
Allows dramatic reduction of downtime with below features:
- IPS.
- ZFS root.
- Boot environments.
- Built-in safety with fall back options.
- Zones mobility.
- Fast reboots.
- SMF.

5. Extreme availability
- Solaris 11 is available across single system or multi-systems.
- key tech like FMA + SMF = predictive self healing of the system, medicating hardware and software before any chance of effecting application up-time.
- For multi-site disaster recovery, "Oracle Solaris cluster" protects both physical and virtual instances.

6. Oracle Solaris 11 technologies:
- Cryptographic framework.
- ZFS encryption.
- Privileges RBAC.
- Root as a Role.
- Zones.
- Read only zones root.
- Ipfilter.
- IPsec.
- Kerberos.
- Trusted extensions.
- Auditing key management.
- Trusted platforms module.
- Oracle software security assurance.

7. Manage OS:
- Manage with software updates with IPS(Image Packaging System).
- Manage with software dependencies with SMF.
- Manage with hardware dependencies with FMA.
- Manage your data easily with ZFS.
- Manage you entire OS with Oracle Enterprise Manager.

Hope you had knows some, few features in Oracle Solaris 11, lot can be found from http://docs.oracle.com

Saturday 15 September 2012

SSH : Passwordless - Linux/Windows

Concepts:

Public key: it's not actually a key, but you could think it as an lock. You could make lot of copies and distribute it where ever you wish like. You need to copy in ".ssh/authorized_keys" folder.

Private key: this is an actual key, that to be used to open a lock (public key). Your public key can be distributed any where, as long as your private key is not compromised. When you run "ssh-keygen" – it produces both private (id_rsa) & public(id_rsa.pub) keys for usage.




Pass phrase - what exactly is this ?
Encrypting an private key using an another key i.e... Equivalent of putting the private key in a combo-lock safe which adds one more layer of protection. Incase of your private key falls into the wrong hands, the person should still know the password to use the private key.




You could use either rsa/dsa for encryption/decryption depending on your security.

Case 1: windows to Linux server.
For linux administrators that use windows for their desktop os, putty is a tool. This tutorial will help you save time administering your servers without having to login and provide username and password each time.

I am trying to create an ssh2-rsa passwordless authentication from windows to linux server.

Here are the steps to go on:
1.   Download your putty and puttygen.
2.   Open your puttygen, select ssh2-rsa, and click generate.
3.   Move your mouse around in the space to generate public key



4.   Save your private key and copy your public key
5.   Open your putty session:
              enter hostname or ip address.
              click connection -> data -> enter "root" for auto login username.
              in connections -> ssh -> browse to the private key (from step 4)
              save your session
6.   Log into the server, paste the public key in the below path and quit.
      [root@server ~]# vim .ssh/authorized_keys
7.  You must now be able to login to your server without password.




Case 2: Linux to Linux server
  
1. Create your public key in the server.
     [root@server ~]# ssh-keygen -t rsa
2. View your public key once it is generated.
     [root@server ~]# cat .ssh/id_rsa.pub
3. Copy your public key in the ".ssh/authorized_keys" file on the destination folder.


Once it is done, your passwordless authentication is successful.

Sunday 9 September 2012

IT password policies

Objective: Implementation of IT password policies.

Environment: Redhat Linux 5.0 32-bit.

Descriptions:

Being working in IT industry for a quite a long time, I always thought of implementing the password policies which are applied at the active directory(Windows Server) in Linux Enterprise/Workstation.

Browsing in Internet, some of the best policies were found as below, and was configured successfully in Linux.

1. Min length 8 Char - ( 5 Uppercase or 5 Lowercase or both; 2 Numeric; 1 special char; No dictionary words )
2. Password history - requires a unique password of 5 char that are different than found in old password.
3. Max password age - 60 days.
4. Minimum days for password change - 30 days
5. Warning before password expiry - 15 days.
6. Account lockout threshold - 3 times.
7. Account lockout duration - 30 mins.

In order to understand the above, I would suggest you to know the below pre-requisites:

1. PAM (Pluggable Authentication Modules).
2. Shadow password suite.
3. User administration.

Summary:

1. By default, the minimum length of the password is 5. It could be over written by the PAM module which includes combination of upper, lower, digits, special characters.

2. Password history is set by difork parameter.

All entries for PAM must be in configuration file "/etc/pam.d/system-auth"

password  required pam_cracklib.so dcredit=-2 ucredit=-3 ocredit=-1 lcredit=-2 minlen=8 difok=5

pam_cracklib: checks the password against dictionary words. 
dcredit= Maximum credit for having digits in the new password.
ucredit= Maximum credit for having upper case letters in new password.
lcredit=  Maximum credit for having lower case letters in new password.
ocredit= Maximum credit for having other characters in the new password.
difork = 5 new characters should not be present in the old password, however 1/2 of the characters in the new password are different from old password, then new password is accepted.

3. Max password age & warning & minimum days for password changes will be found in "/etc/login.defs".
/etc/login.defs: file defines the site-specific configuration for the shadow password suite.

PASS_MAX_DAYS 60
PASS_MIN_DAYS   30
PASS_MIN_LEN    8
PASS_WARN_AGE   15

4. After 3 attempts for a wrong password, the account must be locked.
pam_unix: This is UNIX standard authentication module, it uses standard system calls from system libraries to retrieve account information (/etc/passwd & /etc/shadow) as well as authentication.

auth sufficient  pam_unix.so nullok try_first_pass remember=3

Q. How will the system know about your old password's ?
Solution:
Once your remember option are enabled, all your password's are logged into "/etc/security/opasswd", for any change in password attempt would refer this file and modules of pam_cracklib are loaded to check password's against your password requirements.

5. In a bigger organisation if accounts are locked out, you don't need to log a case for a password reset. Hence an mechanism of "auto-unlock" feature can be enabled on your accounts. 
pam_tally.so: Login counter module.

auth required pam_tally.so onerr=fail deny=3 unlock_time=1800

Q. How will system know how many attempts were done ?
Solution:
This module maintains a count of attempted accesses, can reset count on success, can deny access if too many attempts fail.

After three attempts your account is locked out, however unlock_time=1800 which means your account will be automatically unlocked after 30 mins.

Q. How will an UNIX administrator come to know about the attempts?
Solution:  

1. Account was locked due to bad password attempts, you could see the count was incremented by 3 
     [root@server ~]# faillog -u sunil
     Login       Failures Maximum                 Latest   On
     sunil          3        0   09/09/12 08:38:44 +0530  192.168.56.

2. Reset your account failures immediately,
     [root@server ~]# faillog -r sunil  
     
3. Verify user's account.
     [root@server ~]# faillog -u sunil
     Login       Failures Maximum Latest   On
     sunil           0      0   09/09/12 08:39:46 +0530  192.168.56.

 As most of them would be aware of the password policies, however I wanted to list the password requirement to all the users who are about to change their password's.

So when you are changing the passwords, pam_echo module loads and it will prompt you below requiremets.
password    required      pam_echo.so file=<path of the file>

Path to file contains the below:

Hi Users,
                   Know your password & account policies:

 *       Minimum length 8 Character consisting of uppercase, lowercase, digits, special characters.
 *       Do not repeat the old password.
 *       Maximum duration of password is 60 days.
 *       Minimum days need to change password is 30 days.
 *       Warning before password expiry is 15 days.
 *       Three bad password attempts would lock you account.
 *       Account will be un-locked after 30 minutes        














In order to help with the above you could follow "genpasswd()" which can help you with password assisting.
Below is the code.

Note:
Password can be generated in a random fashion with above all requirements.

  1. Open your .bashrc and paste the below code & source it.
  genpasswd() {
            local l=$1
            [ "$l" == "" ] && l=16
            tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs
}

[root@server ~]# genpasswd 8
e0iqswVI

References:



3. The best documentation could be your man page. Please refer /usr/share/doc/pam-0.99.6.2/txts

Objective successful 

Saturday 14 July 2012

Linux : VNC - Virtual Network Computing

Objective: To create VNC server and make this accessible for the remote client.

Description:
Virtual Network Computing (VNC) is a graphical desktop sharing system.
VNC is platform-independent -a VNC viewer on one operating system may connect to a VNC server on the same or any other operating system.

Environment: Redhat Linux 5.0 32-bit.

1. VNC server
Hostname: server
IP address:192.168.56.99

2. Remote user
IP address:192.168.56.102
Hostname:appserver

Plan:
- Install and verify "vnc" packages.
- Create your VNC users.
- Set your users' VNC passwords.
- Edit the server configuration.
- Create and customize xstartup scripts.
- Start the VNC service.
- Test VNC user.

1. Verify install both the packges of VNC server.
[root@server ~]# rpm -qa vnc*

Install VNC server and client package.
[root@server ~]# yum install -y vnc*

[root@server ~]# yum list vnc*
Installed Packages
vnc.i386                                 4.1.2-9.el5            installed
vnc-server.i386                       4.1.2-9.el5            installed

2. Create VNC user.
[root@server ~]# useradd sunlnx
[root@server ~]# passwd sunlnx

3. Edit VNC server configurations.
Append the below lines in config file(/etc/sysconfig/vncservers)
VNCSERVERS="1:sunlnx"
VNCSERVERARGS[1]="-geometry 640x480"

[root@server ~]# tail -2 /etc/sysconfig/vncservers
VNCSERVERS="1:sunlnx"
VNCSERVERARGS[1]="-geometry 640x480"

4. Need to create default startup scripts.
[root@server ~]# vncserver

You will require a password to access your desktops.

Password:
Verify:

New 'server:1 (root)' desktop is server:1

Creating default startup script /root/.vnc/xstartup
Starting applications specified in /root/.vnc/xstartup
Log file is /root/.vnc/server:1.log

This would have created .vnc directory in $HOME.
[root@server ~]# ls -ld .vnc/
drwxr-xr-x 2 root root 4096 Jul 14 13:40 .vnc/

[root@server ~]# ls .vnc/
passwd  server:1.log  server:1.pid  xstartup

5. Create xstartup scripts.
We will create the xstartup scripts by starting and stopping the vncserver as root.
[root@server ~]# service vncserver start
Starting VNC server: 1:sunlnx
New 'server:1 (sunlnx)' desktop is server:1

Starting applications specified in /home/sunlnx/.vnc/xstartup
Log file is /home/sunlnx/.vnc/server:1.log

                                                           [  OK  ]
[root@server ~]# service vncserver stop
Shutting down VNC server: 1:sunlnx                         [  OK  ]
[root@server ~]#

6. VNC server listens on port 5901.
[root@server ~]# netstat -nalt
tcp        0      0 0.0.0.0:5901                0.0.0.0:*                   LISTEN

7. Install "vncviewer" on the remoted system, and connect to the VNC server.
Below are the snaps.
















Objective successful.

Saturday 7 July 2012

Linux talk - talk to another user


I came across talking to same users(/etc/passwd)in the local server. The same could be used to even talk to the users remotely.

To talk to the user who is logged in more than once, use ttyname to indicate the appropriate terminal name.Once communication has been established, the two parties may type simultaneously.

Let's see how can we configuire this.

1. Verify the package is installed, if not install by 'yum' or 'rpm'.
[root@server ~]# rpm -qa | grep talk
talk-0.17-29.2.2
talk-server-0.17-29.2.2
[root@server ~]#

2. Change Disable=no in talk file.
[root@server ~]# vi /etc/xinetd.d/talk
# default: off
# description: The talk server accepts talk requests for chatting with users \
#       on other systems.
service talk
{
        flags                   = IPv4
        disable                 = no
        socket_type             = dgram
        wait                    = yes
        user                    = nobody
        group                   = tty
        server                  = /usr/sbin/in.talkd
}

3. Make sure both 'talk' and 'ntalk' are 'on'
[root@server ~]# chkconfig --list | grep talk
        ntalk:          on
        talk:            on

4. Restart 'xinetd' service to take effect.
[root@server ~]# service xinetd restart
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                            [  OK  ]

Case 1:
I shall communicate to different user(login names)on the same server. 

[root@server ~]# grep "^root" /etc/passwd
root:x:0:0:root:/root:/bin/bash

[root@server ~]# grep "sysadm" /etc/passwd
sysadm:x:854:855::/home/sysadm:/bin/bash







Case 2:
Talk to a user who is logged in more than once.Here, you need to communicate with their terminal name.

[root@server ~]# tty
/dev/pts/1

[sysadm@server ~]$ tty
/dev/pts/3




Enjoy CLI in your work environment.

Monday 4 June 2012

Find your true passions

Finding your true passion isn't as simple. For some, yes it does come naturally, but most of the time, you have to ask yourself some questions to pinpoint exactly what you were born to do. Here are few questions that can guide you to finding your ultimate passion:

What puts a smile on your face?
Is there a particular event, a particular topic that makes you smile, and makes you happy whenever you encounter it. Think about something that you do or that perhaps you used to do that brings total peace to you when you do it. Peace is happiness, and happiness is passion.

What do you find easy?
Fun leads to happiness and happiness is synonymous with passion, So assess everything that you do, whatever it is that you find really easy and fun, this may very well be your passion.

What sparks your creativity?
My passion was all about computer & technology. Think about something in your life where you seem to always expand its horizon, always coming up with new, fun, and exciting ideas relating to that subject. Whatever makes you creative, is probably something that you are very passionate about.

What would you do for free?
I truly believe that if you follow what you are passionate about without thinking about if it will make you rich or not, you will end up being successful. Doing what you have a passion for brings out your best, and this leads to greatness. Greatness breezes to success. successful people in the world got to where they are because they wanted to get rich? Absolutely not, they did what they were so passionate about, and their immense success was just a byproduct of their dedication. So think about something that you would just love to do, even if you were not getting paid. Think about something that you look forward to do, something that you wish you could do all the time.

What do you like to talk about?
The topics of conversation we have can definitely tell what we are interested in, and this is a good way to find out what we really enjoy in life. Ask them what topic makes your eyes brighten up, and changes your entire behavior. Try it out, it's a very insightful exercise, and one that can direct you closer to figuring out your passion.

What makes you unafraid of failure?
Doing what you love is a success in and of itself, so failure is like an impossibility. Think of something that you just do or want to do, no matter what. Something that you do not have second thoughts about. Think about something that you feel you must do and that failure is not even a concern of yours, because the mere act of doing it is like the journey and the destination all wrapped up in one. This may very well be your true passion.

What would you regret not having tried?
We all have these dreams, and somehow, life pushes us in another direction, and next thing we know, we are far from those dreams we used to have. Whatever it is that you may experience regret now or later on for not having tried, this is a good chance to be your true passion. There is nothing worse than arriving at the end of the journey and having regret. This is why finding your passion, and following it is so important. Live your life so that you do not have regret.

Saturday 2 June 2012

Unhappy @ work ..

I am sure that there are a lot of people in this world who don't love what they do, and that is why I decided to write this post. We live our lives based on the choices and decisions we make on a daily bases. Life is what we make it and if we really want to be happy, we need to become aware of this truth and we need to realize that: "No one saves us but ourselves. No one can and no one may. We ourselves must walk the path." - Buddha
If you are stuck in a job that you hate, you have the power to do something about it, you have the power to allow/ bring happiness back into your life. Being stuck in a job we hate it's not something we want for ourselves, for this will drain us of energy, making us and the many people  we love very unhappy. If you are stuck in a job you hate, here is what you can do about it:
1. If you don't like your job, change it!
Change your job, change your life. Like everything in life, if you don't like your job you can always change it. You can always remove yourself from the situations that are not meaningful nor fulfilling to you. It can be scary I know, but keep in mind that short term pain will bring long term gain and if you are not happy with your job right now you will have to change it because if you don't, you will not be able to be happy with your whole life, and you will become resentful towards yourself and those around you, living a life full of regrets, pain and anger.

Remove yourself from your job if it's not meaningful and fulfilling, remove yourself from your job if you are unhappy with it and trust that there is something out there that you can do better than anyone else, and know that without your work – your meaningful contribution, the world will not be complete. Have some faith in yourself and the very wisdom that created us all, for I am sure nobody was sent here on this planet to be average and stuck in a job they hate.
2. If you can't change your job, change your attitude
Attitude is everything! It's not always easy to just leave a job that we don't like because we all have these earthy responsibilities.
Until we manage to find a job that we love, a job that is meaningful to us, it will be beneficial if we could change our attitude towards our current job and towards our present life. You have no idea how much a positive attitude can help, and how happier we will become the moment we decide to look at the bright side of things, and trust me, there is always a bright side.
3. keep your dreams alive

It s so important to keep our dreams alive, knowing that: "All our dreams can come true, if we have the courage to pursue them." - Walt Disney
No matter where you are, no matter how horrible your job may be and no matter how much you hate it, if you manage to keep an eye on the things you want, if you manage to keep an eye on your big, bold and beautiful dreams you will be happy. Every experience has something to teach us and instead of being resentful we can chose to be grateful for the lessons they are helping us master. If you don't like your job, change it and if you can't change it, you can always change your attitude, and that will make all the difference. Let's not complicate our lives and let's not be to harsh on ourselves because if we don't practice love, gentleness and forgiveness towards ourselves, chances are that nobody will. Always look to make the best of everything that happens to you, of what you have and where you are and allow yourself to learn from every experience and every interaction, allow life to make you better not bitter.

Sunday 27 May 2012

Linux:Recover deleted file by its 'inode'

What are inodes?

'i'-node:
Inode store information about files and directories (folders), such as file ownership, access mode (read, write, execute permissions), and file type.

[root@server ~]# stat file_delete_recover
  File: `file_delete_recover'
  Size: 272             Blocks: 8          IO Block: 4096   regular file
Device: 801h/2049d      Inode: 1431938     Links: 1
Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2012-05-27 11:16:09.000000000 +0530
Modify: 2012-05-27 11:16:07.000000000 +0530
Change: 2012-05-27 11:16:07.000000000 +0530

Created a file and found it's inode.

[root@server ~]# cat file_delete_recover

Only system administrators and root user can view and recover the deleted files using debugfs command.

In this case study, we are recovering the files through the inode numbers. Hence it is mandatory that we should know the inodes of the files using the command `ls -li`.

1. Note down the 'inode' number of the file.

[root@server ~]# ls -li file_delete_recover
1431938 -rw-r--r-- 1 root root 272 May 27 11:16 file_delete_recover
[root@server ~]#

2. Find, your file system?

[root@server ~]# fdisk -l

Disk /dev/sda: 43.1 GB, 43199234048 bytes
255 heads, 63 sectors/track, 5252 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1        1912    15358108+  83  Linux
/dev/sda2            1913        2173     2096482+  83  Linux
/dev/sda3            2174        2304     1052257+  82  Linux swap / Solaris
/dev/sda4            2305        5252    23679810    5  Extended
[root@server ~]#

3. File system debugger which should be opened in Read-Write mode.

[root@server ~]# debugfs -w /dev/sda1
debugfs 1.39 (29-May-2006)
debugfs:  logdump -i <1431938>
Inode 1431938 is at group 44, block 1441794, offset 128
Journal starts at block 1, transaction 46430
  FS block 1441794 logged at sequence 47033, journal block 4866
    (inode block for inode 1431938):
    Inode: 1431938   Type: regular        Mode:  0600   Flags: 0x0   Generation: 3837206388
    User:     0   Group:     0   Size: 5711
    File ACL: 0    Directory ACL: 0
    Links: 1   Blockcount: 16
    Fragment:  Address: 0    Number: 0    Size: 0
    ctime: 0x4fbdbcae -- Thu May 24 10:14:30 2012
    atime: 0x4fc1afa7 -- Sun May 27 10:07:59 2012
    mtime: 0x4fbdbcae -- Thu May 24 10:14:30 2012
    Blocks:  (0+2): 1466368
  FS block 1441794 logged at sequence 47034, journal block 4883
    (inode block for inode 1431938):
    Inode: 1431938   Type: regular        Mode:  0600   Flags: 0x0   Generation: 3837206388
    User:     0   Group:     0   Size: 5711
    File ACL: 0    Directory ACL: 0
    Links: 1   Blockcount: 16
    Fragment:  Address: 0    Number: 0    Size: 0
    ctime: 0x4fbdbcae -- Thu May 24 10:14:30 2012
    atime: 0x4fc1afa7 -- Sun May 27 10:07:59 2012
    mtime: 0x4fbdbcae -- Thu May 24 10:14:30 2012
    Blocks:  (0+2): 1466368
  FS block 1441794 logged at sequence 47035, journal block 4892
    (inode block for inode 1431938):
    Inode: 1431938   Type: regular        Mode:  0600   Flags: 0x0   Generation: 3837206388
    User:     0   Group:     0   Size: 0
    File ACL: 0    Directory ACL: 0
    Links: 0   Blockcount: 0
    Fragment:  Address: 0    Number: 0    Size: 0
    ctime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    atime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    mtime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    dtime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    Blocks:
  FS block 1441794 logged at sequence 47039, journal block 4961
    (inode block for inode 1431938):
    Inode: 1431938   Type: regular        Mode:  0600   Flags: 0x0   Generation: 3837206388
    User:     0   Group:     0   Size: 0
    File ACL: 0    Directory ACL: 0
    Links: 0   Blockcount: 0
    Fragment:  Address: 0    Number: 0    Size: 0
    ctime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    atime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    mtime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    dtime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    Blocks:
  FS block 1441794 logged at sequence 47137, journal block 5597
    (inode block for inode 1431938):
    Inode: 1431938   Type: regular        Mode:  0600   Flags: 0x0   Generation: 3837206388
    User:     0   Group:     0   Size: 0
    File ACL: 0    Directory ACL: 0
    Links: 0   Blockcount: 0
    Fragment:  Address: 0    Number: 0    Size: 0
    ctime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    atime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    mtime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    dtime: 0x4fc1afaf -- Sun May 27 10:08:07 2012
    Blocks:
  FS block 1441794 logged at sequence 47147, journal block 5642
    (inode block for inode 1431938):
    Inode: 1431938   Type: regular        Mode:  0644   Flags: 0x0   Generation: 238435995
    User:     0   Group:     0   Size: 272
    File ACL: 0    Directory ACL: 0
    Links: 1   Blockcount: 8
    Fragment:  Address: 0    Number: 0    Size: 0
    ctime: 0x4fc1bf9f -- Sun May 27 11:16:07 2012
    atime: 0x4fc1bf9f -- Sun May 27 11:16:07 2012
    mtime: 0x4fc1bf9f -- Sun May 27 11:16:07 2012
    Blocks:  (0+1): 1454080
  FS block 1441794 logged at sequence 47148, journal block 5650
    (inode block for inode 1431938):
    Inode: 1431938   Type: regular        Mode:  0644   Flags: 0x0   Generation: 238435995
    User:     0   Group:     0   Size: 272
    File ACL: 0    Directory ACL: 0
    Links: 1   Blockcount: 8
    Fragment:  Address: 0    Number: 0    Size: 0
    ctime: 0x4fc1bf9f -- Sun May 27 11:16:07 2012
    atime: 0x4fc1bfa1 -- Sun May 27 11:16:09 2012
    mtime: 0x4fc1bf9f -- Sun May 27 11:16:07 2012
    Blocks:  (0+1): 1454080
  FS block 1441794 logged at sequence 47150, journal block 5696
    (inode block for inode 1431938):
    Inode: 1431938   Type: regular        Mode:  0644   Flags: 0x0   Generation: 238435995
    User:     0   Group:     0   Size: 272
    File ACL: 0    Directory ACL: 0
    Links: 1   Blockcount: 8
    Fragment:  Address: 0    Number: 0    Size: 0
    ctime: 0x4fc1bf9f -- Sun May 27 11:16:07 2012
    atime: 0x4fc1bfc2 -- Sun May 27 11:16:42 2012
    mtime: 0x4fc1bf9f -- Sun May 27 11:16:07 2012
    Blocks:  (0+1): 1454080
No magic number at block 5756: end of journal.
debugfs:

4. Note down the last blocks:(0+1)- 1454080.

5. Delete the file.

[root@server ~]# rm file_delete_recover
rm: remove regular file `file_delete_recover'? y

[root@server ~]# ls file_delete_recover
ls: file_delete_recover: No such file or directory

6. Recover the file.

[root@server ~]# dd if=/dev/sda1 of=file_delete_recover bs=4096 count=1 skip=1454080
1+0 records in
1+0 records out
4096 bytes (4.1 kB) copied, 0.000333325 seconds, 12.3 MB/s

7. Deleted file was recovered.

[root@server ~]# ls -li file_delete_recover
2798859 -rw-r--r-- 1 root root 4096 May 27 11:22 file_delete_recover

[root@server ~]# cat file_delete_recover

Only sys administrators and root user can view and recover the deleted files using debugfs command.

In this case study, we are recovering the files through the inode numbers. Hence it is mandatory that we should know the inodes of the files using the command `ls -li`.