The official site http://trinityhome.org is currently down Download TRK 1.0 build 80 here (fast mirror)
Trinity Rescue Kit v 1.0 HOWTO (20-02-2003)
The Trinity Rescue Kit is a Linux distribution based on Mandrake 9.0. It is designed to rescue/repair/prepare dead or damaged systems, be it Linux or Windows. It has networking capabilities and supports about every network card, disk controller and USB controller.
The Trinity Rescue Kit 1.0 is the successor of v 0.5, which is more than a year old by now. Version 0.5 and previous were based on a RedHat 7.2 distribution, but for version 1.0 I switched to Mandrake (except for some packages) because they have more hardware support than any distribution and because I always support the underdog. Plus it 's just a good distribution and European. Let 's hope they can survive.
Provided you know some Linux, TRK can really save the day for you in terms of evacuating files, cure a machine of viruses, reset Windows NT/2K/XP passwords, create a disk image over the network, saving lost partitions, etc. ==> see more in Features
Provided you DON' T know some Linux, TRK can really mess up your day, because all the failsafes are off (except NTFS 5 which are still read-only if you don 't remount it rw) once you start mounting disks. Be warned!
1. Features
-based on Mandrake 9.0 distribution
-kernel 2.4.19-16mdkcustom
-20Mb ramdisk
-numerous binaries (TRK 1.0 is almost 50mb, 80% of the stuff is linked to the CDrom,
so keep it mounted)
-network support: about every ethernet network card is supported as a module.
Kudzu should detect most of them.
-disk support: all common IDE controllers are baked into the kernel, including
some very common Adaptec SCSI chipsets. All else is modular. I don 't think I
skipped a lot of SCSI controllers, most of them are in there. For some reason however, kudzu detects them
but doesn 't load the appropriate module, not even when you try to talk to the
device file. So look into the proper Linux hardware
documentation which module corresponds to your SCSI controller and load it
manually with modprobe.
-DHCP client support
-automatic virus scanning with F-prot (which first gets you the latest
updates if you have an internet connection over your lan) (virusccan.sh)
-tools to change NT and Win2k passwords and repair NTFS partitions (chntpw and
ntfsfix, credits to Christophe Grenier, http://www.cgsecurity.org/)
-ftp client support (ftp and lftp)
-keyboard support for all languages (defaults to belgian azerty)
-filesystem support: ext2, ext3, iso9660, joliet, jfs, Reiserfs, fat16, fat32,
NTFS read write, but still dangerous under ntfs 5. Also samba filesystem is
supported
New features since version 0.5
-way more network card and disk controller support than in v 0.5
-pcmcia cardmanager
-usb support
-lilo: multiple boot possibilities (skip kudzu, belgian keyboard, run
scripts from floppy, single user etc.) in a fancy boot bitmap
-6 virtual consoles. Root is automatically logged in.
-devfs support. I had a hard time implementing it but it finally works without
all too much error output
-ssh (secure shell) and scp (secure copy) support
-kudzu (RedHat 8.0 version with RedHat hardware database), set to configure
everything that doesn 't require user input (-q). Afterwards, all detected
devices are actually loaded from modules.conf
-fancy linux_logo-like Trinity login logo (see screenshots)
-testdisk, a tool that scans for partition errors and even recovers completely
gone partitions (provided the filesystems still exist), again regards to
Christophe Grenier http://www.cgsecurity.org/
-partition image: a tool to make image copies of a system. More info, see http://www.partimage.org/
-midnight commander
-smb client support
-color ls (dircolors)
-full path in prompt. Nice to know where you are when rescueing files lying deep
in some dead system.
-wget, file, strings, chroot
-80x50 screen, giving you more characters in one view
-better startup scripts
-mountallfs.sh (broken now) mounts all possible partitions on all possible disks.
The mount points are equal to the device special file, so if you have a
filesystem on /dev/hda1, it will create a directory /hda1 and mount it there.
This script will give you numerous error messages, because there is no way to
know beforehand if a filesystem exists on a partition. I haven 't been able to
pipe it yet to /dev/null (the mount command must use something else than stderr
or stdout). Also beware that Windows 2000 NTFS partitions (NTFS 5) get mounted
as read-only. See further in this document how to mount them read/write.
Verify what is mounted by typing "mount"
-virusscan.sh uses the free Linux antivirus version of F-prot (from
Frisk software). It attempts to get the latest updates at ftp.f-prot.com,
unpacks it and scans all local disks. Off course, you first need networking
support and local filesystems mounted.
F-prot has a weird license which permits you to use it for free for home use
until a new version appears. It 's definitely not GPL, so I 'm considering
a TRK version without f-prot, just to avoid license problems
-/floppy/trkscripts is not actually a script, but you can make it one. TRK 1.0 has a lilo option that triggers mounting your floppy drive (on /dev/fd0) and search for the file "trkscripts" to execute. It executes in the current startup shell, so you can give it system wide variables. Somebody had asked me to implement this feature but from the computers' harddisk so one could launch computer specific maintenance. It was a great idea, except you would have to be certain you could mount any computers disk automatically (cfr. SCSI modules that don 't load in kudzu). A floppy is such a universal device that it will almost always work.
3. Changing NT/Win2k passwords
This is quite tricky, you cannot miss any of these steps or you 'll end up
with a pooched filesystem!
I'm also not responsable for any damage you may suffer from this procedure.
It has worked for me so far, but I can 't give any guarantees. Use it as a last
resort
-After mounting all partitions with "mountallfs.sh", your NTFS partitions will be mounted read-only. To have it mounted read/write, type "mount -o remount,rw /yourntfsmountpoint".
-You need some free space on another non NTFS partition, because editing on
NTFS is very dangerous and it won 't work anyway to make changes to your SAM.
You can create a new ramdisk (default size of 16Mb) by typing "mke2fs
/dev/ram1", make a mount point, say f.i. /ram, "mkdir /ram" and
mount it there "mount /dev/ram1 /ram.
There! A nice ramdisk to copy your files into (you need enough RAM off course)
-Copy your SAM, system and SECURITY file to another filesystem (fat or ext2). These files are located in WINNT/system32/config/
-Go to the dir you just copied your files to
-Type "chntpw SAM system SECURITY" or just "chntpw" to see a help screen
-Follow instructions
-Copy SAM, system and SECURITY back to their original location
-Unmount the ntfs partition
-Very important! Run ntfsfix of the partition you just unmounted! If it was /hda1, do ntfsfix /dev/hda1. Ntfsfix does some repairs like emptying your LOG file and setting the chkdsk flag. Let checkdisk run when you reboot into NT/Win2K
-Your Windows should boot after checkdisk, with the new password in place.
I will try to update TRK regularly so it has at least the latest antivirus
definitions, should you not have a LAN based internet connection available.
You can download the GZ compressed 24mb iso version 1.0 build 80 here. or in uncompressed format, which is only 50mb here
I 'll be setting up mirrors on faster lines pretty soon, because this is only a 512kbit line, which I should not be using for heavy traffic. :-(
5. Development HOWTO
-difficult procedure to change NT passwords, will make scripts for them
-mountallfs.sh script broken after devfs implementation. I 'll make a better
script for future version that tries to find out there 's a filesystem on a
partition before attempting to mount it.
-partimage client works, partimaged server doesn't: /usr/etc/partimagedusers has wrong file ownership but crashes afterwards anyway with a segmentation fault. I have recompiled it and this works. Fixed in next version. You can compile it yourself of course on your server if you like.
7. Future features
-maybe X-windows, but I don 't see the use. Some people have asked it. I
might consider -as a new project- adapting a complete installation from disk to
cd with a minimal window manager using framebuffering. A Debian would do better
here.
-Some sort of hardware test software, although the Linux kernel itself is
already a good test
-firewall support
-The current version of kudzu doesn 't detect my USB Silicom network card, nor
does it detect any PCMCIA devices since it has no support for it yet. The latest version, 0.99-97 supports it but requires GLIBC_2.3, which Mandrake 9.0 doesn 't support yet. Next version of TRK will be built on Mandrake 9.1 which will have GLIBC_2.3. To manually enable PCMCIA/cardbus support, do "modprobe pcmcia_core" and then "modprobe serial_cs". Next you can run "cardmgr" and if that didn 't detect your networkcard yet, you might have to insmod it manually. But it works. Manually...
-The Silicom U2E USB Ethernet adapter works by modprobing kaweth ("modprobe kaweth")
-A TRK Forum on this site
-Lilo boot splash screen
-Kernel and init startup output
-Fancy login logo
-Miscellaneous output: running processes, disk
usage, loaded modules, ip configuration
Contact me, Tom Kerremans aka harakiri at harakiri-at-trinityhome.org.
I 'd like to know what you think of it.
TRK 0.3 HOWTO
TRK 0.4 HOWTO
TRK 0.4 Development HOWTO
TRK 0.5 HOWTO
