Skip to content

mc support inspect testing

Jump to bottom
Allan Roger Reid edited this page Nov 29, 2024 · 5 revisions

Connect to linux box e.g.

ssh -p 20169 ubuntu@x.x.x.x -o "ServerAliveInterval=5" -o "ServerAliveCountMax=100000" -o "StrictHostKeyChecking=off"
loginctl enable-linger ubuntu

Make certs

mkdir -p ~/.minio/certs
cd ~/.minio/certs
wget https://github.com/minio/certgen/releases/latest/download/certgen-linux-amd64
chmod +x certgen-linux-amd64
./certgen-linux-amd64 -host "127.0.0.1"
cd ~

Install and run minio in background

wget https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x minio
CI=on ./minio server /tmp/data{0..3} --certs-dir ~/.minio/certs --address :9000 --console-address :9090 > out.log &
tail -10 out.log

Install mc and alias

mkdir -p ~/mc && cd ~/mc && rm -rf mc* && wget https://dl.min.io/client/mc/release/linux-amd64/mc
chmod +x mc && cd ~
mc/mc alias set inspect-demo https://127.0.0.1:9000 minioadmin minioadmin --insecure

Copy small file

cat << EOF > test.log
this is a test
EOF

dd if=/dev/urandom bs=1M count=128 iflag=fullblock of=object

mc/mc mb inspect-demo/test-bucket --insecure
mc/mc cp test.log inspect-demo/test-bucket/test.log --insecure

Get inspect file

mkdir -p ~/testing && cd ~/testing
~/mc/mc support inspect "inspect-demo/test-bucket/test.log/**" --legacy --dev --airgap --insecure

Output

Encrypted file data successfully downloaded as inspect-data.524c0b94.enc
Decryption key: 524c0b94538803620bebd4173fd60280e6ee0a9303c0f23740ee8cebfeb9c7185c89b621

The decryption key will ONLY be shown here. It cannot be recovered.
The encrypted file can safely be shared without the decryption key.
Even with the decryption key, data stored with encryption cannot be accessed.

Install go

wget https://go.dev/dl/go1.21.7.linux-amd64.tar.gz
sudo rm -rf /usr/local/go && sudo tar -C /usr/local -xzf go1.21.7.linux-amd64.tar.gz
sudo apt-get install vim -y
sudo apt-get install zip -y
cat <<EOF >> $HOME/.profile 
export PATH=$PATH:/usr/local/go/bin:~/go/bin
EOF
cat $HOME/.profile 
source $HOME/.profile
go version

Compile inspect and xl-meta

sudo chmod 755 /usr/local/go/bin/
sudo apt-get install git
mkdir -p ~/github && cd ~/github
git clone https://github.com/minio/minio.git
cd ~/github/minio/docs/debugging/inspect
go install
cd ~/github/minio/docs/debugging/xl-meta
go install
cd ~

Try to extract file

inspect --key 524c0b94538803620bebd4173fd60280e6ee0a9303c0f23740ee8cebfeb9c7185c89b621 ~/testing/inspect-data.524c0b94.enc

Output

Enter Decryption Key: 524c0b94538803620bebd4173fd60280e6ee0a9303c0f23740ee8cebfeb9c7185c89b621
output written to /home/ubuntu/testing/inspect-data.524c0b94.zip

Try to export file

xl-meta --export ~/testing/inspect-data.524c0b94.zip | jq

Delete three shards

File is garbled. Why? Because it is minio erasure encoded

cat _tmp_data_test-bucket_test.log_xl.meta-null.data

?M??=???A?ǿ??fFq?3?
                   ?Cұ?*?this is a test

Start minio to access this specific data set

mkdir -p ~/inspect-data.524c0b94
unzip -d ~/inspect-data.524c0b94 inspect-data.524c0b94.zip
cd ~/inspect-data.524c0b94 && ./start-minio.sh
Clone this wiki locally