Skip to content

NTFS partition with windows 7 data recovery in linux

When I tried to mount NTFS partition with windows 7 in fedora linux 42, I got the error: "The MFT is not self-contained: No such file or directory Failed to load $MFT: No such file or directory".

Here are some ideas how to deal with this problem.

This error typically means the NTFS filesystem is in an inconsistent state — most commonly because Windows was not shut down cleanly (hibernate, fast startup, or crash). Windows Fast Startup / Hibernation — Windows 8+ (and sometimes 7) leaves the filesystem in a "dirty" state when using fast startup or hibernate. The partition is still "owned" by Windows and locked. Unclean shutdown means power loss or crash left the journal unfinished. Corrupted MFT — Master File Table is damaged (less common, more serious).

Fix options

Option 1 — Boot into Windows 7 and do a full shutdown (not hibernate): Start → Shutdown (hold Shift if needed to force full shutdown). Then try mounting in Fedora again.

Option 2 — Fix with ntfsfix (quick Linux-side fix)

umount /dev/sdXN # First make sure the partition is NOT mounted
ntfsfix /dev/sdXN
mount /dev/sdXN /mnt/windows # Try mounting again

ntfsfix clears the dirty flag and replays the journal. It is not a full fsck — it just makes the partition mountable. Replace sdXN with your actual partition (e.g. sda2, nvme0n1p3).

Option 3 — Run chkdsk from Windows. If ntfsfix doesn't help, boot from a Windows installation media or recovery environment and run:

chkdsk C: /f /r

This does a thorough repair of the filesystem including MFT issues.

Option 4 — Force mount (read-only, data recovery only). If you just need to read files and can't repair right now:

mount -t ntfs-3g -o ro,recover /dev/sdXN /mnt/windows
mount -t ntfs3 -o ro /dev/sdXN /mnt/windows # Or with ntfs3 kernel driver

Option 5 — MFT is actually corrupted (serious case). If all above fails, the MFT itself may be damaged. Try using the MFT mirror backup:

ntfsfix -b /dev/sdXN  # restore MFT from backup
dnf install testdisk
testdisk /dev/sdX     # Or use testdisk for deeper recovery

Option 6 — Mount read-only ignoring errors. Try forcing the ntfs3 kernel driver with recovery options:

mount -t ntfs3 -o ro,norecover,force /dev/sdXN /mnt/recovery # Try with different options
mount -t ntfs-3g -o ro,rescue,ignore_safe_hibernation /dev/sdXN /mnt/recovery # Or with ntfs-3g

Option 7 — If standard mounting failed, here are progressively more aggressive recovery approaches:

dnf install testdisk # includes both photorec and testdisk tools
testdisk /dev/sdX    # testdisk - for partition/filesystem structure recovery
photorec /dev/sdX    # photorec - for file content recovery by scanning raw data

photorec doesn't need a working filesystem — it scans raw sectors looking for known file signatures (PDF, JPEG, DOCX, etc.). It recovers content but loses original filenames and directory structure.

Option 8 — Scalpel (file carving). Similar to photorec but more configurable:

dnf install scalpel 
vim /etc/scalpel/scalpel.conf # uncomment file types you need
scalpel /dev/sdXN -o /mnt/recovered/

Option 9 — ntfsundelete / ntfscat (ntfs-3g tools)

dnf install ntfs-3g
ntfsundelete /dev/sdXN -s # List recoverable files without mounting
ntfscat /dev/sdXN -i 12345 > recovered_file.txt # Read a specific file by inode number
ntfsls -i /dev/sdXN # List all files with inodes

Pro tip: When SMART attributes are not so good (especially if the drive has bad sectors) always work on a disk image, not the real drive because working directly on a failing drive risks making things worse.

ddrescue -d -r3 /dev/sdXN /mnt/rec.img /tmp/rec.log # Clone to image file skipping bad sectors
losetup /dev/loop0 /mnt/external/recovery.img # Then work on the image instead of the real drive
ntfsfix /dev/loop0
mount -t ntfs-3g -o ro /dev/loop0 /mnt/recovery

Posted in Windows.

Tagged with , , .

rev="post-2024" No comments

By Admin 12.05.2026

How to control Windows 10 via SSH

  1. Download SSH-server from github https://github.com/PowerShell/Win32-OpenSSH/releases/ and install.
  2. Start and enable auto-start after booting in powershell console: 
    Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'
  3. Allow incoming connection in Windows Firewall: 
    New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22
  4. Enable password-less authentication: 
    Add-Content -Path "C:\ProgramData\ssh\administrators_authorized_keys" -Value "your_public_key_here"
icacls "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:r /grant "SYSTEM:(F)" /grant "ADMINISTRATORS:(F)"
  5. To make PowerShell the default shell permanently: 
    New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" `
  -Name DefaultShell `
  -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" `
  -PropertyType String -Force

After that you can run from linux commands on remove windows-machine like this:

ssh myuser@192.168.0.13 'gps | where Name -like "*notepad*"'
ssh myuser@192.168.0.13 'Stop-Process -Name "notepad" -Force'

Posted in Misc.

rev="post-2021" No comments

By Admin 27.04.2026

Apache 2.4 doesn't start with AH00023: Couldn't create the rewrite-map mutex

Problem: Apache 2.4.6 doesn't start on CentOS 7. error.log shows this confusing error message:

[Mon Mar 16 08:55:03.254104 2026] [core:emerg] [pid 3946] (28)No space left on device: AH00023: Couldn't create the rewrite-map mutex
[Mon Mar 16 08:55:03.254178 2026] [:emerg] [pid 3946] AH00020: Configuration Failed, exiting

We don't have problems with free space on storage device, so this message looks really weird:

# df -h
Filesystem      Size  Used Avail Use% Mounted on
devtmpfs        895M     0  895M   0% /dev
tmpfs           920M  105M  815M  12% /run
tmpfs           920M     0  920M   0% /sys/fs/cgroup
/dev/sda1        50G   14G   36G  28% /
 
# df -i
Filesystem       Inodes  IUsed    IFree IUse% Mounted on
devtmpfs         228953    296   228657    1% /dev
tmpfs            235265    521   234744    1% /run
tmpfs            235265     16   235249    1% /sys/fs/cgroup
/dev/sda1      14305488 480611 13824877    4% /
# cat /proc/sys/kernel/sem
250     32000   32      128

Solution:

# sysctl -w kernel.sem="250 32000 100 256"
kernel.sem = 250 32000 100 256

After that change apache starts normally without complains.

Also some of this apache config-file changes might help:

Mutex fcntl:/var/run/httpd default

or

Mutex flock:/var/run/httpd default

I haven't tested it yet.

Posted in *nix, Howto.

Tagged with .

rev="post-2019" No comments

By Admin 16.03.2026

How to fix DNS resolving problem in libvirt guest

Situation: dnsmasq is running on host machine and listens on 192.168.122.1:53 (both TCP and UDP), but resolving in guest machine doesn't work. When dig command shows "status: REFUSED" while querying 192.168.122.1 from inside VM like this

# dig srv.myex.zone @192.168.122.1
 
; <<>> DiG 9.16.23-RH <<>> srv.myex.zone @192.168.122.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 49818
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;srv.myex.zone.                 IN      A
 
;; Query time: 0 msec
;; SERVER: 192.168.122.1#53(192.168.122.1)
;; WHEN: Wed Jun 11 10:27:42 CDT 2025
;; MSG SIZE  rcvd: 42

we should check /var/lib/libvirt/dnsmasq/default.conf config-file. Most probably, it has no-resolv directive in it:

##WARNING:  THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
##OVERWRITTEN AND LOST.  Changes to this configuration should be made using:
##    virsh net-edit default
## or other application using the libvirt API.
##
## dnsmasq conf file created by libvirt
strict-order
no-resolv
pid-file=/run/libvirt/network/default.pid
except-interface=lo
bind-dynamic
interface=virbr0
dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0
dhcp-no-override
dhcp-authoritative
dhcp-lease-max=253
dhcp-hostsfile=/var/lib/libvirt/dnsmasq/default.hostsfile
addn-hosts=/var/lib/libvirt/dnsmasq/default.addnhosts

And if it really there, that's the cause of our problem. With no-resolv enabled, it won’t forward the query to upstream DNS servers, resulting in a REFUSED response because it has no answer and is not allowed to query upstream. As comments above state, we can't just edit the file, because our changes will be lost soon (after reboot, for example). The proper way to fix this is:

  1. virsh net-edit default
    add inside <network> tag this lines:

      <dns>
    <forwarder addr='1.1.1.1'/>
    <forwarder addr='8.8.4.4'/>
  </dns>
  2. virsh net-destroy default
  3. virsh net-start default

After this file /var/lib/libvirt/dnsmasq/default.conf will contain new lines

server=1.1.1.1
server=8.8.4.4

and no-resolv will not have any effect anymore.

Posted in *nix.

Tagged with , .

rev="post-2005" No comments

By Admin 11.06.2025