[knc1]

The kernel uses gzip compression for the dot-config.
It is the last thing concatenated to the image by the kernel build system, although the builder may have concatenated other things afterwards (some distro's put their splash image after the dot-config).

Search for the gzip magic number, assume for first try that the dot-config is the last such signature:

Spoiler:

Code:

core2quad main $ zcat pw_5.2.0-main_kernel.img.gz > km-5.2.0.img

core2quad main $ od -A d -t x1 km-5.2.0.img | grep '1f 8b 08 00'
0265728 1f 8b 08 00 00 00 00 00 02 03 ed 92 3d 6f d3 50
0266176 07 4d c7 b8 e0 84 06 00 00 1f 8b 08 00 00 00 00
0481984 30 1a 02 00 45 2d 02 00 4c 1a 02 00 1f 8b 08 00
0483728 f8 02 00 00 c7 06 00 00 00 00 00 00 1f 8b 08 00
0487424 4f 6b ca 3f 00 00 00 00 6a 0e 00 00 1f 8b 08 00
0487776 00 00 00 00 1f 8b 08 00 00 00 00 00 00 03 63 65
0487824 29 00 00 00 1f 8b 08 00 00 00 00 00 00 03 45 cf
0488032 30 14 01 00 00 00 00 00 d1 00 00 00 1f 8b 08 00
0488240 56 f3 14 01 00 00 00 00 ca 00 00 00 1f 8b 08 00
0488512 00 00 00 00 06 01 00 00 00 00 00 00 1f 8b 08 00
0488560 95 64 00 00 00 00 00 00 29 00 00 00 1f 8b 08 00
0488736 00 00 00 00 1f 8b 08 00 00 00 00 00 00 03 4d cf
0488896 14 01 00 00 a0 00 00 00 28 01 00 00 1f 8b 08 00
0492704 00 00 00 00 1f 8b 08 00 00 00 00 00 00 03 ed dd
0498592 ff 0f 39 52 c9 f8 0c f8 02 00 00 00 1f 8b 08 00
0504960 a9 85 0c f8 02 00 00 00 00 00 00 00 1f 8b 08 00
0514480 0c f8 02 00 1f 8b 08 00 00 00 00 00 00 03 ed dd
0519328 02 00 00 00 1f 8b 08 00 00 00 00 00 00 03 ed dd
0527488 f8 ff 00 bb 33 3f 8c 0c f8 02 00 00 1f 8b 08 00
0530384 00 00 00 00 1f 8b 08 00 00 00 00 00 00 03 ed dd

core2quad main $ dd if=km-5.2.0.img bs=1 skip=530388 of=km_config-5.2.0.gz
4078636+0 records in
4078636+0 records out
4078636 bytes (4.1 MB) copied, 17.0352 s, 239 kB/s

In the previous posts, we have seen the 'trailing garbage ignored' message from gunzip.
This might be anything, from a single byte of padding to a very large chunk of something else.

In this case, 4Mbytes is a bit too large for a compressed configuration file!

Investigate what gunzip thinks is the contents of the file:

Code:

core2quad main $ gunzip -l -v  km_config-5.2.0.gz 
method  crc     date  time           compressed        uncompressed  ratio uncompressed_name
defla ffffffff Feb 21 08:18             4078636          4294967295  99.9% km_config-5.2.0

core2quad main $ zcat km_config-5.2.0.gz > km_config-5.2.0-00
gzip: km_config-5.2.0.gz: decompression OK, trailing garbage ignored

core2quad main $ file km_config-5.2.0-00
km_config-5.2.0-00: data

core2quad main $ ls -l km_config-5.2.0-00
-rw-rw-r-- 1 mszick mszick 194572 2013-02-21 09:09 km_config-5.2.0-00

Whatever that is, it isn't a configuration file.

Try searching for an initramFS in 'cpio -H newc' format:

Spoiler:

Code:

core2quad main $ od -A d -t x1 km-5.2.0.img | grep '30 37 30 37 30 31'
0102368 30 37 30 37 30 31 30 30 30 30 30 32 44 31 30 30
0102480 65 76 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0102720 6f 6e 73 6f 6c 65 00 00 30 37 30 37 30 31 30 30
0102848 30 37 30 37 30 31 30 30 30 30 30 32 44 35 30 30
0102960 65 76 2f 7a 65 72 6f 00 30 37 30 37 30 31 30 30
0103088 6d 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0103328 6d 69 63 00 30 37 30 37 30 31 30 30 30 30 30 32
0103568 61 74 63 68 64 6f 67 00 30 37 30 37 30 31 30 30
0103696 63 30 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0103824 30 37 30 37 30 31 30 30 30 30 30 32 44 44 30 30
0104064 74 79 6d 78 63 33 00 00 30 37 30 37 30 31 30 30
0104192 63 34 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0104432 62 2f 30 00 30 37 30 37 30 31 30 30 30 30 30 32
0104560 2f 66 62 2f 30 00 00 00 30 37 30 37 30 31 30 30
0104688 6b 30 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0104816 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0104944 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0105072 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0105200 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0105328 30 37 30 37 30 31 30 30 30 30 30 32 45 39 30 30
0105456 30 37 30 37 30 31 30 30 30 30 30 32 45 41 30 30
0105584 30 37 30 37 30 31 30 30 30 30 30 32 45 42 30 30
0105712 30 37 30 37 30 31 30 30 30 30 30 32 45 43 30 30
0105840 30 37 30 37 30 31 30 30 30 30 30 32 45 44 30 30
0105952 65 76 2f 6d 74 64 00 00 30 37 30 37 30 31 30 30
0106080 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0106208 30 37 30 37 30 31 30 30 30 30 30 32 46 30 30 30
0106448 74 64 2f 33 00 00 00 00 30 37 30 37 30 31 30 30
0106576 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0106704 30 37 30 37 30 31 30 30 30 30 30 32 46 34 30 30
0107712 6f 6f 70 30 00 00 00 00 30 37 30 37 30 31 30 30
0107840 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 32
0107968 30 37 30 37 30 31 30 30 30 30 30 32 46 45 30 30
0108208 32 63 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0108336 30 37 30 37 30 31 30 30 30 30 30 33 30 31 30 30
0108576 32 63 2f 32 00 00 00 00 30 37 30 37 30 31 30 30
0108704 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0108832 6e 74 30 00 30 37 30 37 30 31 30 30 30 30 30 33
0108960 6e 74 31 00 30 37 30 37 30 31 30 30 30 30 30 33
0109072 30 30 2f 70 72 6f 63 00 30 37 30 37 30 31 30 30
0109312 30 37 30 37 30 31 30 30 30 30 30 33 30 39 30 30
0109424 69 62 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0188048 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0188176 30 37 30 37 30 31 30 30 30 30 30 33 30 43 30 30
0188288 6e 74 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0211472 30 37 30 37 30 31 30 30 30 30 30 33 30 46 30 30
0247920 02 f8 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0338320 30 37 30 37 30 31 30 30 30 30 30 33 31 32 30 30
0338432 69 6e 00 00 30 37 30 37 30 31 30 30 30 30 30 33
0351792 01 00 00 00 00 00 00 00 30 37 30 37 30 31 30 30
0359568 30 37 30 37 30 31 30 30 30 30 30 33 31 35 30 30
0361808 30 37 30 37 30 31 30 30 30 30 30 33 31 36 30 30
0809120 75 70 73 00 30 37 30 37 30 31 30 30 30 30 30 33
0833632 72 6f 75 70 73 00 00 00 30 37 30 37 30 31 30 30
0976496 00 00 00 00 30 37 30 37 30 31 30 30 30 30 30 33
1007328 6d 65 00 00 30 37 30 37 30 31 30 30 30 30 30 33
4046000 63 20 6f 70 74 69 6f 6e 00 30 37 30 37 30 31 00

Knowing that every file in a cpio archive has the same header magic, start with the earliest one in the file:

Code:

core2quad main $ od -A d -t x1 km-5.2.0.img | grep '30 37 30 37 30 31'
0102368 30 37 30 37 30 31 30 30 30 30 30 32 44 31 30 30

core2quad main $ dd if=km-5.2.0.img bs=1 skip=102368 of=km-5.2.0-irfs.cpio
4506656+0 records in
4506656+0 records out
4506656 bytes (4.5 MB) copied, 18.6441 s, 242 kB/s

Which is a reasonable size for an un-compressed file system.

You **must** be 'root' to copy permissions and ownership, also to create special files.
You **must** use the '--no-absolute-filename' option to prevent trashing your work station!

Spoiler:

Code:

core2quad main $ mkdir km-5.2.0-irfs
core2quad main $ cd km-5.2.0-irfs
core2quad km-5.2.0-irfs $ sudo su

core2quad km-5.2.0-irfs # cpio -i -d -m  --no-absolute-filenames -I ../km-5.2.0-irfs.cpio
cpio: Removing leading `/' from member names
1769 blocks

core2quad km-5.2.0-irfs # ls -l
total 28
drwxr-xr-x 2 root root 4096 2013-02-21 09:52 bin
drwxr-xr-x 7 root root 4096 2013-02-21 09:52 dev
lrwxrwxrwx 1 root root   18 2013-02-21 09:52 init -> /bin/recovery-util
drwxr-xr-x 3 root root 4096 2013-02-21 09:52 lib
drwxr-xr-x 3 root root 4096 2013-02-21 09:52 mnt
drwxr-xr-x 2 root root 4096 2012-09-06 18:28 proc
drwx------ 2 root root 4096 2012-09-06 18:28 root
drwxr-xr-x 2 root root 4096 2012-09-06 18:28 sys

core2quad km-5.2.0-irfs # cd ..
core2quad main # tar --create --gzip --file=main-5.2.0-irfs.tar.gz km-5.2.0-irfs
core2quad main # exit

Attached below.