Trinity Rescue Kit v 0.5 HOWTO
3. Changing NT/Win2k passwords
-kernel 2.4.17
-bash shell
-18 MB ramdisk
-numerous binaries
-network support (most common network cards supported). Use findnic.sh to try
all modules.
-SCSI support (again, most common adapters are supported, not all because of
size limitations)
-DHCP support. If no DHCP server is available, you can always use garp (see
further)
-mount all possible partitions on every disk on your local computer
(mountallfs.sh). Supported file systems: fat, fat32, ntfs, iso9660, Reiserfs,
ext2, ext3. Modular are samba and nfs
-do automatic virus scanning with f-prot (which first gets you the latest updates if you
have an internet connection over your lan) (virusccan.sh)
-tools to change NT and Win2k passwords and repair NTFS partitions (chntpw and
ntfsfix)
-keyboard support for all languages (defaults to belgian azerty)
-lilo splash screen (not really a feature)
-major bug fix since v0.4
-mountallfs.sh mounts all possible partitions on all possible disks.
The mount points are equal to the device special file, so if you have a
filesystem on /dev/hda1, it will create a directory /hda1 and mount it there.
This script will give you numerous error messages, because there is no way to
know beforehand if a filesystem exists on a partition. I haven 't been able to
pipe it yet to /dev/null (the mount command must use something else than stderr
or stdout). Also beware that Windows 2000 NTFS partitions (NTFS 5) get mounted
as read-only. See further in this document how to mount them read/write.
Verify what is mounted by typing "mount"
-findnic.sh searches for your network card by trying all modules in
/lib/modules/2.4.16/kernel/drivers/net/ . Once more, this is a very verbose
script.
Type "lsmod" and "ifconfig -a" to verify if your card runs.
With shift+pgup you can see what went over your screen (a nice bash feature).
Next, type "dhcpcd eth0" to get an ip-address over your ethernet
If you don 't have a dhcp-server, you can use "garp" to assign
yourself a free ip-address. You will have to manually configure your default
gateway (e.g. route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.5.254) and dns
servers in /etc/resolv.conf
-virusscan.sh uses the free Linux antivirus version of F-prot (from Datafellows). It attempts to get the latest updates at ftp.f-prot.com, unpacks it and scans all local disks. Off course, you first need networking support and local filesystems mounted.
3. Changing NT/Win2k passwords
This is quite tricky, you cannot miss any of these steps or you 'll end up
with a pooched filesystem!
I'm also not responsable for any damage you may suffer from this procedure.
It has worked for me so far, but I can 't give any guarantees. Use it as a last
resort
-After mounting all partitions with "mountallfs.sh", your NTFS partitions will be mounted read-only. To have it mounted read/write, type "mount -o remount,rw /yourntfsmountpoint".
-You need some free space on another non NTFS partition, because editing on
NTFS is very dangerous and it won 't work anyway to make changes to your SAM. You
can create a new ramdisk (default size of 16Mb) by typing "mke2fs
/dev/ram1", make a mount point, say f.i. /ram, "mkdir /ram" and
mount it there "mount /dev/ram1 /ram.
There! A nice ramdisk to copy your files into (you need enough RAM off course)
-Copy your SAM, system and SECURITY file to another filesystem (fat or ext2). These files are located in WINNT/system32/config/
-Go to the dir you just copied your files to
-Type "chntpw SAM system SECURITY" or just "chntpw" to see a help screen
-Follow instructions
-Copy SAM, system and SECURITY back to their original location
-Unmount the ntfs partition
-Very important! Run ntfsfix of the partition you just unmounted! If it was /hda1, do ntfsfix /dev/hda1. Ntfsfix does some repairs like emptying your LOG file and setting the chkdsk flag. Let checkdisk run when you reboot into NT/Win2K
-Your Windows should boot after checkdisk, with the new password in place.
Find version 0.3, 0.4 and 0.5 of the Trinity Rescue Kit over here The file is about 10 Meg. Write it with any burning software that can write ISOs.
For support questions, please mail to me, Tom Kerremans, trk-at-telenet-dot-be
5. Development HOWTO
See this separate page
since v0.3
-kernel 2.4.17
-debugged startup scripts
-lots of error messages minimized
-volume name changed to TRK
-lilo splash screen (bootmessage PCX)
-clean up initrd (there is actually some space left now!)
-bigger ramdisk (18Mb, most systems have enough ram left)
-Reiserfs with more internal checking
-keyboard support for all countries. The most common have small scripts (e.g.
for German, just type "de")
-put f-prot in path (/usr/sbin/f-prot)
-virusscan.sh: changed virusscan updater from ftp.f-prot.com
to ftp.frisk.is, which has better response time
and is faster.
-virusscan.sh: fetch both SIGN.DEF and SIGN2.DEF for f-prot (takes a bit longer
to download)
-virusscan.sh: only scan local harddiscs (hd* and sd*) for viruses, no need to
do f.i. /bin
-development howto written (rough version)
since v0.4
-problems with classic Pentiums -remember freeze after "VFS
mounted root"- solved (and probably with exotic SCSI configs which I
mistakenly accounted the problems to). It turned out it the ld-linux.so library,
which is part of glibc, has a bug (or call it a feature for newer machines):
older Pentiums don 't support the cmove instruction, so init will hang with an
infinite SIGILL stream (regards to User
Mode Linux). So I upgraded glibc to version 2.2.4 using the i386 version,
which should be compatible with all x86 architectures.
-cardmgr for laptops added (still needs testing)
-added lspci and dosfsck binaries
-again freed up some space. Sometimes when changing a lot of files on the initrd
filesystem, it 's a good thing to dd a file from dev/zero to the disk, sync it
and delete it so all the garbage of deleted files, which otherwise take up data
in the compression of the initrd, is gone.
Lots of these things are still untested, please send me
bugreports. With the ld library loader bug fixed, TRK should be getting to a
mature version. The only thing holding it back are good test results on as many
as possible machines.
-still too much error messages when loading network modules or mounting
filesystems with my scripts(which are otherwise insignificant).
-not all disc controllers are supported due to size limitations
-scripts are non-interactive and have no options
-development howto kind of messy