On Sun, 30 Jun 2024 11:16:34 -0700 MC <darkhat@xxxxxxxxx> wrote: > Hi everyone, > > Is there a way to force mdadm to assemble a certain set of drives into > a particular RAID format? A friend of mine had a NAS that was hit with > ransomware. His setup was a RAID-5, 64kb chunk size, 4x4TB, XFS > filesystem setup, while during the attack, they overwrote the config > to be RAID-0/512kb chunk size (it is a Buffalo NAS, running Linux with > libmd). He pulled the plug while it was in the process of formatting > the XFS filesytem. Much of the data I have been able to recover, but > now it would be a lot nicer for me if I could access a raw /dev device > assembled as RAID-5/64kb chunk (rather than the current RAID-0 > mdadm/mdstat currently shows), instead of using a tool like UFS > Explorer to assemble it properly for me. Obviously, minimal > (preferably none) writes to the disk if possible. I was afraid to > start throwing mdadm assemble and create commands around. Could > someone please advise on best path forward? > > Thanks in advance, > Mike > Hello Mike, there is a --build option for mdadm (run array with no metadata). Perhaps this is option you are looking for: #mdadm -Ss (stop all existing) # mdadm --build /dev/md126 <here your raid5 params comes> --assume-clean use --assume-clean to avoid reconstruction. so far I know, --readonly is not supported. You can set /sys/block/md126/ro = 1 manually to prevent writes. Thanks, Mariusz
