I think every admin must do something stupid atleast once….right? Well my brain fart happened during a System upgrade (another story I’ll be ranting about later). I made backups of all the files I thought were important (/home, /etc, /var/lib/mysql and other userdata we had on the system) and installed Ubuntu 8.04 on the server. Well, of course the second person who walks in to report problems, asks me about his personal crontab……DOOOHHHHH!!!! Yeah I forgot to back that sucker up. Now, the lucky part of all this is that I just deleted the old directories on that partition, I did not format it. So once I realized that, I figured why not just search for it. I mean I knew something about the file, why shouldn’t I be able to just search the raw disk and look for a specific string I know existed in the crontab file. Well guess what you can and it works like a charm….here is how:
grep --binary-files=text -10 "DO NOT EDIT THIS FILE" /dev/sda9 >/tmp/output
This command was issued on a ext3 partition and found the portion of the file I was looking for in about 20 minutes (the partition is about 450GB). The Unix utils are marvelous and just using a single grep command (above) allows me to look for the string “DO NOT DELETE THIS FILE” (which I knew for fact was in my deleted file) and output 10 lines of text above and below that line into a temporary file. Now that’s power kids, don’t try this on your Winblows machine :-).