[Script] binhex - no_ransom.sh

[kizer]

Totally fair. I was just going to manually rename my chattr file from what it is now and set the new name in the script so it could function and change to whatever I set it to. 

 

I knew you couldn't be held accountable for every name change simply because you can't read our minds. 

 

I honestly didn't expect you to enable a name change via command line. I just figured we would plug it in via the script. 

[Jaybau]

Might there be a way to output the files that are being acted upon?

I would prefer lsattr after the expected action to verify the file attribute has changed.

The output would be useful because the script won't let you know if you made a typo.

[kizer]

6 hours ago, Jaybau said:

Might there be a way to output the files that are being acted upon?

I would prefer lsattr after the expected action to verify the file attribute has changed.

The output would be useful because the script won't let you know if you made a typo.

 

My file structure is as follows. 

 

Media/Movies

Media/Tv shows

 

I have a script that I run on the 15th of every month. It runs against my Media share and includes the Movie folder only because I don't change them often. Tv shows I'm constantly changing because of Ripping and Re-ripping. 

 

Also I added after the script a little Notification to let me know it was done. 

 

To test it I would goto my Movie folder and attempt to delete or move a file. Its not going anywhere.

 

#!/bin/bash
#noParity=true
#arrayStarted=true
/mnt/cache/appdata/scripts/no_ransom.sh --lock-files 'yes' --media-shares 'Media' --include-folders 'Movies' --include-extensions '*.*' --debug 'yes'

echo "Sending Notification"
/usr/local/emhttp/plugins/dynamix/scripts/notify -e "$(date +%D-%H:%I) Movies Locked" -d "$(date +%D-%H:%I) Movies Locked" -i "normal" 
echo "."
echo "."
echo "done"

 

As you can see from the script path I hid the script on my SSD/Cache /mnt/cache/appdata so its backed up with backup/restore plugin and I use the above script as a call out to the long long bit of code.  The reason I'm mentioning the backup is because I literally just rebuilt my SSD/Cache today because I was stupid and did some tinkering with some cables and my server went hay wire.  lol 

 

 

[Naitor]

Is anybody using this script still? Or are there any newer ways to projetct your data from encryption? 

Edited August 12, 2023 by Naitor

[binhex]

Is anybody using this script still? Or are there any newer ways to projetct your data from encryption? 

Well I am, I get great comfort in knowing I cannot accidentally delete my media, and of course protection against ransomware. The only two alternatives I can think of currently are offline backups or zfs snapshots.

Sent from my 22021211RG using Tapatalk

[stridemat]

I still use it and like the added piece of mind with only a little inconvenience. 

[Mooseknuckles]

For some reason, after inputting "/tmp/no_ransom.sh --lock-files 'no' --media-shares 'Server' --debug" into terminal I am only able to delete files and not folders. I also tried re re-enable and it is in the same state as applying no, can delete files but not the folder. 

[binhex]

1 hour ago, Mooseknuckles said:

For some reason, after inputting "/tmp/no_ransom.sh --lock-files 'no' --media-shares 'Server' --debug" into terminal I am only able to delete files and not folders. I also tried re re-enable and it is in the same state as applying no, can delete files but not the folder. 

how are you attempting to delete the folders via windows explorer?, if so then it could be your SMB share permissions that are preventing this or even folder permissions (this script sets attributes not permissions).

[Mooseknuckles]

15 minutes ago, binhex said:

how are you attempting to delete the folders via windows explorer?, if so then it could be your SMB share permissions that are preventing this or even folder permissions (this script sets attributes not permissions).

Thanks for that, deleting through windows explorer. SMB permissions are public and I can make a folder and delete it no problem there. Enabling the script back does not stop me from deleting. 

[binhex]

Thanks for that, deleting through windows explorer. SMB permissions are public and I can make a folder and delete it no problem there. Enabling the script back does not stop me from deleting. 

Try doing a refresh in Windows explorer after what looks like a successful delete, I think you will find the file isn't actually deleted

Sent from my 22021211RG using Tapatalk

[Mooseknuckles]

18 minutes ago, binhex said:

Try doing a refresh in Windows explorer after what looks like a successful delete, I think you will find the file isn't actually deleted

Sent from my 22021211RG using Tapatalk
 

For some folders yes, for some folders no. I notice that the scripted in terminal is only referring to Disk 1 for the share when there are 2 disks. Maybe that is why ? 

 

At this point I actually want to disable but I cannot as I want to delete some folders. 

[binhex]

10 hours ago, Mooseknuckles said:

For some folders yes, for some folders no.

that is very odd, i dont understand that at all.

 

10 hours ago, Mooseknuckles said:

I notice that the scripted in terminal is only referring to Disk 1 for the share when there are 2 disks. Maybe that is why ? 

no, this should not be the cause, the script will look through al disks looking for a matching top level folder named after --media-shares, which in your case is 'Server' (case sensitive), you do have a share called 'Server' right?.

 

10 hours ago, Mooseknuckles said:

At this point I actually want to disable but I cannot as I want to delete some folders. 

run the script as follows:-

/tmp/no_ransom.sh --lock-files 'no' --media-shares 'Server' --debug 'yes'

post the output, this will definitely unset any attributes set by this script.

[Jaybau]

I received this error when trying to create a hard link:

 

ln: failed to create hard link '[target]' => '[source]': Operation not permitted

 

I believe this error is caused by the file being immutable.

 

This is unfortunate because I wanted to:

1)  Keep my media collection safer (mainly prevent accidental changes/deletions).

2) Use Sonarr/Radarr to organize my media library via hard links.

 

So it looks like I'll need to make the files immutable after I import into Sonarr/Radarr.

[Jederek]

took me a while to get it right since i never used the terminal but it worked like a charm thank you

[Nirvash]

Could this script be turned into a plugin? That way it could be downloaded through the CA store and have a convenient button to run it, or schedule it.

 

I'd also add a log of locked files and maybe (if it's not too difficult) a log of files that have been tried to be modified but were locked by the plugin. 

 

And I was wondering... has this been "field tested"? With this I mean, did someone get a ransomware infection and their unraid data survived?

Edited February 9 by Nirvash

[Xarishark]

I also would like to get this in plugin form with a UI scheduling option etc like the mover or parity check has. Also, I would like to ask for a feature locking files that are x days old that way files can become immutable after let's say 3 days in the server etc. Thanks in advance!