First Aide

The price for mass storage devices of all types has been falling steadily in recent years, with a simultaneous increase in capacity. As a result, users are storing more and more data on local storage media – often without worrying about backing it up. Once the milk has been spilled, the anxious search begins for important photos, videos, correspondence, and spreadsheets. SystemRescueCd can help in these cases by providing a comprehensive toolbox for every computer, with the possibility of restoring lost items.

The Gentoo derivative is a hybrid image for 32- and 64-bit computers that comes in just under 470MB [1]. The entire distro fits on a CD, so it is also suitable for use on older systems. To boot the operating system from a USB stick, use the commands:

$ isohybrid systemrescuecd-x86-<Version>.iso
$ sudo dd if=systemrescuecd-x86-<Version>.iso of=/dev/sd<X> bs=1M

Replace the drive information sd<X> in the copy command with the correct device name for the USB storage medium used.

Diversity

When starting the Live system, the GRUB boot manager (Figure 1) welcomes you with numerous options that include different kernels for different Intel hardware architectures.

Figure 1: SystemRescueCd offers a variety of startup options, including the ability to launch various floppy disk images.

The system can also be copied completely into main memory and operated from there, which has advantages for very old and correspondingly slow computers. To avoid problems with the graphics card, the distribution also integrates a standard VESA graphics driver. In the case of very old computer systems with 4:3 aspect monitors, the graphical user interface can also be started in SVGA or XGA resolution.

Various diagnostic tools are available for retrieval as floppy disk images, which is particularly useful if you can narrow down the cause of data loss and do not need a complete operating system with all the tools. Memtest and HDT images are available for hardware and monitoring tests without long start times.

If you suspect damage to the hard disk, start the MHDD tool from the boot manager for low-level checks of the volumes. If the target system is used in a heterogeneous environment, you can also change or reset passwords from other operating systems using the SystemRescueCd boot manager.

The default boot options (option 1 on the start screen) and directly start the graphical environment (option 6) start the system and provide the entire collection of software. Whereas default boot options opens a root console after manually setting the keyboard layout, directly start the graphical environment calls the X server after modifying the keyboard layout and then the Xfce desktop.

A number of editors are available from the console, including text-based web browser links, after manually setting up network access. To start the graphical user interface from the console, enter the startx command. After a short time, a deliberately simple and somewhat rustic-looking Xfce desktop with an open terminal window appears (Figure 2).

Figure 2: The Xfce desktop, designed for use on old computers or computers with limited resources, dispenses with frills.

Under Xfce, you can easily configure access to the Internet for various technologies, either from Settings | Network Connections or by clicking the network icon at bottom right in the panel. It is currently not possible to set up wireless access to the Internet with state-of-the-art encryption technology at the command line. You need to use a wired connection. Set up access with the net-setup <interface> call by using eth0 for the first LAN interface, eth1 for the second, and so on.

Software

SystemRescueCd software inventory is aligned strictly with the requirements of a rescue system and therefore dispenses with the usual standard programs, such as LibreOffice and Gimp. True to the purpose of the application, it is a purely Live system that cannot be installed permanently from the boot manager or the graphical user interface. If you still want to set up SystemRescueCd manually on a mass storage device, it is possible to install the system on a partition with a filesystem supported by Linux. However, you need to make a number of manual corrections. Alternatively, it works well on a Windows filesystem [2].

Although the Xfce desktop offers the usual Multimedia and Office groups in its start menu, they do not contain any software packages for everyday use. Only the ePDFViewer is stored under Office, and ISO Master and Xfburn programs are found under Multimedia. The applications in the Internet submenu are also strictly oriented toward system rescue tasks: The Firefox web browser version 52.1.2 ESR (extended support release) offers a private mode but does without preinstalled extensions. Additionally, you will find only the TigerVNC Viewer for controlling remote computers and the GTKTerm terminal.

The features in the Accessories submenu are more extensive. You can choose between the Thunar and emelFM2 file managers, and you can start up gVim as a graphical front end for the Vim editor. The Xfburn program burns optical discs, and the Bulk Rename graphical tool allows you to rename a large number of files automatically in batch mode. In addition to a process list, a simple task manager graphically displays RAM and CPU usage (Figure 3).

Figure 3: The task manager provides information about system resource utilization and running processes.

In the bar at the bottom of the screen, SystemRescueCd provides quick-start icons for some commonly used applications. In addition to the file manager emelFM2 (Figure 4), you'll find the graphical partitioning tool GParted, as well as Xfburn, Firefox, the Geany text editor, and a terminal. The System menu offers up the well-established Midnight Commander, which is an ncurses program that takes over the management of files and directories visually, simply, and efficiently.

Figure 4: The emelFM2 file manager comes with a GTK-based interface and follows in the footsteps of Midnight Commander.

Test Programs

Under Linux, you can usually troubleshoot and locate hardware problems quickly thanks to numerous test and monitoring programs. SystemRescueCd offers a useful mix of tools for the graphical user interface and the terminal. The System submenu holds not only Htop, which lists running processes and their resource consumption, but also Hardware Lister, which graphically displays the hardware components of the target system.

This inventory tool is particularly useful when it comes to checking the revision status of the components in the computer (e.g., to indicate whether you should update the firmware). The graphical user interface uses information from the Lshw command-line program, which often provides much more detailed information. The iotop tool is not directly accessible from a menu but can be started by entering the iotop command in the terminal. In the event of sporadically occurring high system load and associated high latencies, iotop can alert you to problems with individual hardware components that bury the entire system under a flood of IRQ requirements. Server administrators, especially, appreciate this small program.

Safe and Secure

The distribution places particular emphasis on data recovery. Therefore, it comes with many tools for the maintenance and care of mass storage. For this purpose, the System submenu harbors the Show Filesystems, GParted, Partimage, and Testdisk entries.

Show Filesystems opens a terminal and calls fsarchiver; the Partition Image ncurses program hides behind the Partimage entry, which allows you to create images of hard disk partitions in a few steps. Because this is also possible with system partitions, you could have a snapshot available in minutes to restore the original system (Figure 5).

Figure 5: Old-fashioned, but useful: Partition Image clones any partitions and restores them if necessary.

The GParted graphical program allows you to edit partition tables of mass storage devices; the software can handle a number of different filesystems and includes external storage media, if required. The current versions of the SystemRescueCd contain GParted in the new 5.x version, which also gets along with the modern Btrfs filesystem.

The powerful terminal program Testdisk is suitable not only for reconstructing partitions, but also for restoring the boot sector of mass storage devices in case of accidental or malicious boot sector destruction. The graphical program Grsync helps with file and directory synchronization. The application is based on the Rsync command-line tool and uses its most important parameters (Figure 6).

Figure 6: The small Grsync tool synchronizes your data with just a few mouse clicks. It is based on Rsync, the well-known sync software.

The Rsnapshot command-line program, which is also based on Rsync, creates snapshots of entire partitions – much like Partition Image. It is also suitable for the use of an external USB hard disk as a backup medium. With multiple snapshots on a single target medium, Rsnapshot only saves copies of unchanged files once; it then uses hardlinks to these files in subsequent snapshots, saving storage space. However, newer backups inevitably depend on the older ones – if they are missing, the reconstruction fails. Search for Rsnapshot in the SystemRescueCd menus in vain – the software is called directly from the command prompt.

Despite its name, the tob (tape-oriented backup) shell script not only saves data on tape, but also on conventional filesystems. Its numerous options are revealed by the tob --help command.

Photorec, which is also called in the terminal, teams up with Testdisk for data reconstruction. The duo restores accidentally deleted data or data that is no longer accessible because of a hardware defect. Although its name suggests otherwise, Photorec is not limited to restoring digital images: It also knows many other file formats and reconstructs them.

Extra Equipment

For performance comparisons between individual hardware components or complete computer systems, SystemRescueCd comes with a number of prominent benchmark programs. The most popular, Bonnie++ and Stress, are launched in a terminal window and thus don't appear in the Xfce menus.

By measuring the read and write throughput of mass storage devices, Bonnie++ can provide information on possible hardware defects in the event of poor system performance. On the other hand, the Stress benchmark tool creates high load on various hardware components (e.g., CPU, memory, bus). Like Bonnie++, you control the stress level through a variety of parameters (see the list with stress --help); htop then lets you see how much stress the system is under.

SystemRescueCd also comes with some forensic programs, including chkrootkit, which scans the computer for hidden malware that opens a back door for attackers, and CmosPwd, which reveals BIOS passwords. Because these passwords are stored in EEPROM modules on many computers, especially notebooks, unrestricted access is not possible. For experienced users, CmosPwd offers a way to read or modify passwords. However, it primarily considers older BIOS variants and cannot cope with newer versions, especially (U)EFI systems [3].

Magic Rescue is a useful tool for reconstructing file content. However, the software does not use the filesystem allocation tables but relies on "magic numbers," which are located in the header of the respective files and denote the file type. As a result, Magic Rescue works even with corrupted or destroyed file allocation tables. The command-line program Foremost also recovers damaged or deleted files by using Magic Rescue information from the standardized file headers and footers.

SystemRescueCd also allows a more comprehensive analysis of network access with the standard console tools Nmap, Traceroute, Netcat, and Netselect; graphical packages such as Zenmap and Wireshark are missing. Therefore, if you have network-specific problems, it is better to use specialized distributions like Wifislax [4] or Kali Linux [5].

Conclusions

SystemRescueCd v5.0.4 is fast, stable, and contains hardly any unnecessary ballast. The developers have removed software that is not critical to its mission, as well as several programs with overlapping functions. The resource-saving Xfce desktop and a concentration of proven command-line tools allow SystemRescueCd to be used on computers with old or incompatible graphics hardware.

The developers have taken great care in putting the system together. For example, the latest updates have improved many central programs and replaced less powerful applications with better ones. The integration of tools from other operating system worlds – including DOS applications that can be started separately – also makes SystemRescueCd ready for data recovery in a heterogeneous environment.