Linux: getting flash videos from almost deleted files


#!/bin/sh

DATE=$(date +%Y.%m.%d-%H:%M:%S)

lsof | grep Flash | while read LINE; do
PID=$(echo "${LINE}" | awk '{ print $2 }')
FD=$(echo "${LINE}" | awk '{ print $4 }' | sed s/[a-zA-Z]//)
cat /proc/${PID}/fd/${FD} > ~/"${DATE}"-${FD}.flv
done

exit 0

It used to be easy: if you wanted to save a video played using Flash plugin, it was as easy as copying a file from browser's cache. Why use special webpages or plugins, when you could just:

cp /tmp/Flash* ~/video.flv

In other words: you already had that file downloaded by the flash plugin! But it seems Adobe changed this in one of recent updates, and there is no /tmp/Flash* file anymore... or maybe it is?

The cached movie is still written to the filesystem. It is quickly unlinked (a filesystem term for deleting a file) by the plugin, but the plugin still keeps a handle to the file. The result is that the cache file is no longer visible in the directory, but it occupies space on disk and can be read by that handle. This is how filesystems on Linux operate: as long as there is at least one handle to a file, such file won't be deleted from the filesystem.

Now we need to use two tools. First is lsof, which shows all opened handles by all processes. The key knowledge is that the deleted file is still created as /tmp/Flash*. Lets find the handle:

liori% lsof|grep Flash
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
firefox-b 23220 liori 83u REG 254,0 10565348 929 /tmp/FlashXXQCq4K0 (deleted)
I added lsof's header to make it clearer. Note that funny (deleted) remark—when you check the contents of /tmp, you won't see that file! We're interested in the PID and the FD number. FD is the opened handle's number, and PID is an identifier used to distinguish different programs.

Second tool is the /proc filesystem. This is a special directory existing on all commonly used Linux installations. It contains data about running system: driver settings, process list, diagnostic information. What's most interesting is that it contains files representing all opened file handles. In our case (PID=23220 and FD=83) the handle representing our deleted file is /proc/23220/fd/83. Again, if you just try to list that directory, you will only see a broken symlink. But what if you do this?

liori% cat /proc/23220/fd/83 >video.flv
...you'll get the contents of the deleted file!

This technique is of course not only useful to grab videos downloaded by your flash plugin. Any time you delete a file, but realize that it is still opened by some program, you can recover it.

http://liori.jogger.pl/2010/11/08/getting-flash-videos-from-almost-deleted-files/

Fedora 15: Intel Corporation Mobile 4 Series Chipset Integrated Graphics Controller

I get a black screen upon boot if inteldrmfb is enabled. So I needed to boot with the option "nomodeset". But with this option I could just use the vesa driver in Xorg.



One solution is:

1) Remove "nomodeset" and "vga" options from kernel boot parameters

2) Add this options to kernel parameters:

i915.modeset=1 video="inteldrmfb:1440x900"

3) Run setpci -s 00:02.0 F4.B=00 as root to turn the backlight back on. You can do this automatically on boot putting this command in /etc/rc.local



Now you can use intel driver in Xorg.



Reference: http://en.gentoo-wiki.com/wiki/Intel_GMA

Eclipse: Clear launch cache

$ ( cd workspace/.metadata/.plugins/org.eclipse.debug.core/.launches ; rm -rf * )

Linux: Automount USB external drive with autofs

To avoid any confusion with the base name of your USB block device, make alias using udev manager:

Making udev device name alias

Edit the file /etc/default/autofs and enable BROWSE and LOGGING:

-BROWSE_MODE="no"
+BROWSE_MODE="yes"

-#LOGGING="none"
+LOGGING="verbose"
Edit the file /etc/auto.master and comment all lines what are not commented.
Add to the end of /etc/auto.master this line:
/mnt /etc/auto.usbdrive --timeout=2

Create the file /etc/auto.usbdrive:
kingston -fstype=vfat,rw,uid=1000,gid=100,fmask=133,dmask=022,user :/dev/kingston1

Start autofs daemon:
$ (chmod +x /etc/rc.d/rc.autofs ; sh /etc/rc.d/rc.autofs start)

Plug-in the pendrive and see /var/log/messages:

Jul 27 13:29:46 keyra kernel: [17339.948942] sd 9:0:0:0: [sdb] Attached SCSI removable disk
Jul 27 13:30:00 keyra automount[5766]: attempting to mount entry /mnt/kingston
Jul 27 13:30:00 keyra automount[5766]: mount(generic): mounted /dev/kingston1 type vfat on /mnt/kingston
Jul 27 13:30:00 keyra automount[5766]: mounted /mnt/kingston
Jul 27 13:30:01 keyra automount[5766]: 1 remaining in /mnt
Unplug the device:

Jul 27 13:42:35 keyra automount[5766]: expiring path /mnt/kingston
Jul 27 13:42:35 keyra automount[5766]: unmounting dir = /mnt/kingston
Jul 27 13:42:35 keyra automount[5766]: expired /mnt/kingston
Jul 27 13:42:41 keyra kernel: [18115.356920] usb 2-2: USB disconnect, address 9

Shell: Using while loop to read file lines

while IFS= read -r LINE ; do echo "$(date) $LINE" ; done < 20110603-105216.log

Shell: Skip First Two Fields and Print the Rest of Line

Using awk:
$ echo 'This is a test blah foo bar etc' | awk '{print substr($0, index($0,$3))}'
a test blah foo bar etc

Using cut:
$ echo 'This is a test blah foo bar etc' | cut -d ' ' -f3-
a test blah foo bar etc

Shell: Read An Array Using C Style For Loop

$ CONCEITO=("ruim" "fraco" "mediano" "bom" "muito bom" "excelente") ; \

for((i=1;i<11;i++)) ; do echo "#$i = ${CONCEITO[$(($RANDOM%6))]}" ; done



#1 = excelente

#2 = fraco

#3 = ruim

#4 = bom

#5 = ruim

#6 = excelente

#7 = mediano

#8 = mediano

#9 = excelente

#10 = muito bom





Obs: Array length: ${#CONCEITO[@]}

Postgresql: show tables, show databases, show columns

mysql: SHOW TABLES
postgresql: \d
or
postgresql: SELECT table_name FROM information_schema.tables WHERE table_schema = 'public';

mysql: SHOW DATABASES
postgresql: \l
or
postgresql: SELECT datname FROM pg_database;

mysql: SHOW COLUMNS
postgresql: \d table
or
postgresql: SELECT column_name FROM information_schema.columns WHERE table_name ='table';

Shell: Retrieve empty directories

$ find -type d -empty

Linux: Dell Server / Desktop / Laptop Find Out Service Tag Command

Type the command as follows as root user:

# dmidecode | grep --color -i serial

or

# dmidecode -t 1

Referência: cyberciti.biz/faq/linux-find-dell-service-tag-command

Shell: Count Number of Characters in a String

x="This is a test"
y="${x//[^s]}"
echo "$y"
echo "${#y}"

To match both 's' and 'S', enter:

x="This is a test. S"
y="${x//[^s|S]}"
echo "${#y}"

Multimidia: Adjust vol/gain on ffmpeg transcoding

ffmpeg -i input.mp4 -ab 192 -ar 44100 -vol 512 output.mp3

256, no change. 128, decrease twice. 512, increase twice.

Perl: Split s String into lines

How to split a string into lines while preserving the trailing "\n":
my @a = split(/^/, $text);

Perl: How to capture STDOUT and the exit code

Capture the exit code but not STDOUT:
$status = system("command");

Capture STDOUT but not exit status:
$output = `command`;

Shell: Find and remove dead links

$ find -L -type l -exec rm -f {} \;

SSH: Login without password

Generate a pair of authentication keys, but do not enter a passphrase:
$ ssh-keygen -t rsa
$ ssh othermachine mkdir -p .ssh
$ cat .ssh/id_rsa.pub | ssh othermachine 'cat >> .ssh/authorized_keys'

Shell: What are lines which are repeated ?

$ cat file.txt
21421415
42657547
65765234
85685634
24246547
12336467
76545253
12336467
46565865
65464364
34668747
21421415
67475473
$ cat file.txt | sort | uniq -c | \
awk '{ if ($1 > 1) { print $2 } }'
12336467
21421415

Shell: Output the common lines of two text files

One way:
$ diff --side-by-side file_a file_b | grep -n -v "[|<>]"

Or using the command 'comm' (man comm for more details):
$ comm -12 file_a file_b

Git: Recovering Lost Commits with git reflog and reset

Reviewing lost commits

The reflog command will give you a good history of what’s been happening on the head of your branches. Run it, then find the line that refers to the state that you want to get back to:

$ git reflog
... snip ...
cf42fa2... HEAD@{84}: checkout: moving to master
73b9363... HEAD@{85}: commit: Don't symlink to themes on deployment.
547cc1b... HEAD@{86}: commit: Deploy to effectif.com web server.
1dc3298... HEAD@{87}: commit: Updated the theme.
18c3f51... HEAD@{88}: commit: Verify with Google webmaster tools.
26fbb9c... HEAD@{89}: checkout: moving to effectif
The latest entries appear at the top. You can work out which branch each change was made on by looking out for lines that say “checkout: moving to …”. Commits 88 through to 85 (they’re numbered in the second column of the output) were the commits that I’d lost; all I needed to do was to get them back.

Reverting a branch to an earlier state

In short, you need to switch to the correct branch (“effectif” in my case) and then do a hard reset. The --hard options sets the HEAD of the current branch back to the commit that you specify:

$ git checkout effectif
$ git reset --hard 73b9363

Mencoder: Join audio to a video

$ mencoder input_video.flv -audiofile input_audio.mp3 -oac copy -ovc copy -o out.flv

Shell: Remove Last Character From String / Line / Word

The % is bash parameter substitution operators which remove from shortest rear (end) pattern.

$ x="foo bar"
$ echo "${x%?}"
$ foo ba

Referência: nixCraft

Eclipse: Eclipse CPP x86_64 crashes on Slackware64

Add

-XX:-UseCompressedOops

to eclipse.ini

Referência:https://bugs.eclipse.org/bugs/show_bug.cgi?id=333227

Slackware: awesome-3.4.10

First, you need compile and reinstall cairo with the flag --enable-xcb. Retrieve from a Slackware repository and recompile it yourself.

Install the libraries:

- imlib2 at slackbuilds.org
- lua at slackbuilds.org
- libev at slackbuilds.org
- libxdg-basedir at r3n4n-slackbuilds-libxdg-basedir

Install awesome window manager. SlackBuild at r3n4n-slackbuilds-awesome

Slackware: wmii-3.9.2

SlackBuild for wmii+ixp-3.9.2 at:

https://github.com/r3n4n/slackbuilds

Chrome: Java support for Linux Google Chrome

As root (Slackware x86_64):

# mkdir /opt/google/chrome/plugins
# cd /opt/google/chrome/plugins
# ln -s /usr/lib64/java/jre/lib/amd64/libnpjp2.so

X11: Disable screen shut off with VLC

# Turn off monitor modes that will power down,
# standby or blank the screen:
$ /usr/bin/xset -dpms
$ /usr/bin/xset s off
# Open VLC:
$ /usr/bin/vlc "$@"
# Re-enable modes:
$ /usr/bin/xset dpms
$ /usr/bin/xset s on