captive-cmdline - Command-line client for captive(7) NTFS disk access
Simple ftp(1)-like client to access disks by Microsoft Windows drivers.
Use if lufs-captivefs(7) not available; also useful during debugging.
All programs using captive(7) library share the common set of configuration
options:
- --filesystem=pathname
-
Pathname to .sys or .so filesystem module file. You will use exactly
once this option. Possible choices are
/var/lib/captive/ntfs.sys
etc.
- --load-module=pathname
-
Pathname to any W32 module to load w/o initialization. Multiple modules can be
loaded although in common case you will use just
/var/lib/captive/ntoskrnl.exe
here.
- --ro
-
Read/write mode: Any write access will be forbidden. You should set this mode
for cdfs.sys (CD-ROM filesystem). This option is mutually exclusive with
--blind and --rw.
- --blind
-
Read/write mode: All writes are just simulated in memory (default). Microsoft
Windows filesystem driver will see no difference between --blind and --rw
although the UNIX image file/device will be open read/only as for --ro.
All the changes get 'written' as long as captive(7) program runs - all the
changes will be lost afterwards. This mode is the most suitable for debugging.
This option is mutually exclusive with --ro and --rw.
- --rw
-
Read/write mode: Write directly to the image file/device. Standard read/write
disk mode. You should use --sandbox-server option in this case to have the
disk protected against Microsoft Windows filesystem driver crashes. Modified
disk image blocks are in --sandbox-server --rw mode buffered in the
memory and they get reflected to the disk only after successful completion
of all filesystem operations including filesystem unmount.
This option is mutually exclusive with --ro and --blind.
- --cdrom
-
Media type: CD-ROM. You must set this media type for cdfs.sys.
Virtual Microsoft Windows block device driver used by Captive maps to
\Device\CdRom0. This option is mutually exclusive with --disk.
- --disk
-
Media type: Disk (default). You must set this media type for all the Microsoft
Windows filesystem drivers except cdfs.sys. Virtual Microsoft Windows block
device driver used by Captive maps to \Device\CaptiveHarddisk0.
This option is mutually exclusive with --cdrom.
- --debug-messages
-
Turn on debugging messages. Be prepared for substation debug output.
Use of --syslog feature is not recommended in this case.
- --sandbox-server=pathname
-
Pathname to
/usr/sbin/captive-sandbox-server
program, turns on sandboxing.
You should always use this option in conjunction with --rw, see it for
details. Although this program is setuid root and it drops it privileges
to @CAPTIVE_SANDBOX_SETUID@ user. Your system gets protected by
chroot(2), setuid(2), setgid(2) and setrlimit(2) UNIX security
features against malicious Microsoft Windows drivers. You should never use this
option during debugging.
-
This option is turned on automatically during the mount operation by
mount.captive-ntfs(8).
Option needs to be used by hand for the captive-cmdline(2) client.
- --sandbox-server-ior=IOR
-
Specify CORBA IOR of
/usr/sbin/captive-sandbox-server
program, turns on
sandboxing. Specified CORBA IOR should be the string starting by ``IOR:''
text. This option is useful only for debugging. No sandbox restarting is
possible in this case.
- --no-sandbox
-
Turn off sandboxing feature (default). No
/usr/sbin/captive-sandbox-server
is run. Microsoft Windows filesystem driver is run in native UNIX environment
without any CORBA separation. This option is recommended only for debugging.
It is dangerous to use --rw together, see its description for the details.
- --bug-pathname=pathname
-
Pathname to strftime(3) for .captivebug.xml.gz bugreports. Every crash of
sandbox child gets bugreported to the specified file. You should attempt to
minimize the number of operations from the mount operation till the expected
crash to minimize the snapshot file size. --sandbox-server option is
required for --bug-pathname.
-
!!! Be aware '.captivebug.xml.gz' will contain data from your disk drive !!!
- --syslog
-
Messages sent to syslog(3) instead of stderr. This option gets handy
for mount(8) operation as the messages would be lost otherway.
Watch our for possible ``Filesystem crash broke dirty object'' messages where
some written filesystem data got lost in the case of Microsoft Windows
filesystem driver crash.
- --syslog-facility=facility
-
openlog(3) facility for --syslog. See facility section of
openlog(3) man page for details. Lowercased values such as daemon or
user are supported.
captive(7), lufs-captivefs(7)