Benjamin_Loison/linux
1
0
Code Issues 63 Packages Projects Wiki

How to shred free disk slots? #22

New Issue
Open
opened 2024-05-09 02:44:00 +02:00 by Benjamin_Loison · 23 comments
Benjamin_Loison commented 2024-05-09 02:44:00 +02:00
Owner
Copy Link

Tracked at Benjamin_Loison/shred/issues/5.

Tracked at [Benjamin_Loison/shred/issues/5](https://codeberg.org/Benjamin_Loison/shred/issues/5).
Benjamin_Loison commented 2024-09-05 13:48:44 +02:00
Author
Owner
Copy Link
Related to the issue: 
-----BEGIN PGP MESSAGE-----

hF4DTQa9Wom5MBgSAQdAqXiRwz0du96gb/HpXsudOg6KGQnZvFRRdFIhz+bgFDsw
SY9bUxZ9AWNo+U3Syz3zeMwyJTOtuc35po9pfDs3qOP4BzICsRv73dG4ZCoH4zlg
0nsBFhofaRHciz9B48DbhjnyaMxVyrtYSPQ5wUUEN82N2HYK0ZWLSqRh21ADvgwA
QXUP0Tiy+yKnNnJoOEJS+Mvs8gCqDTXy4p69R8PDz2I6X2y1h1VJ48wHfdTmA2EP
B/jNmM7RoTJFdiKS0yktfmtHqiueBdY5ldO37vI=
=7zxM
-----END PGP MESSAGE-----
<details> <summary>Related to the issue:</summary> ``` -----BEGIN PGP MESSAGE----- hF4DTQa9Wom5MBgSAQdAqXiRwz0du96gb/HpXsudOg6KGQnZvFRRdFIhz+bgFDsw SY9bUxZ9AWNo+U3Syz3zeMwyJTOtuc35po9pfDs3qOP4BzICsRv73dG4ZCoH4zlg 0nsBFhofaRHciz9B48DbhjnyaMxVyrtYSPQ5wUUEN82N2HYK0ZWLSqRh21ADvgwA QXUP0Tiy+yKnNnJoOEJS+Mvs8gCqDTXy4p69R8PDz2I6X2y1h1VJ48wHfdTmA2EP B/jNmM7RoTJFdiKS0yktfmtHqiueBdY5ldO37vI= =7zxM -----END PGP MESSAGE----- ``` </details>
Benjamin_Loison commented 2024-09-07 01:27:02 +02:00
Author
Owner
Copy Link

Related to Benjamin-Loison/vim/issues/14.

Related to [Benjamin-Loison/vim/issues/14](https://github.com/Benjamin-Loison/vim/issues/14).
Benjamin_Loison commented 2024-09-07 14:57:26 +02:00
Author
Owner
Copy Link

The Super User answer 19377:

sfill
Output: 
Command 'sfill' not found, but can be installed with:
sudo apt install secure-delete
[The Super User answer 19377](https://superuser.com/a/19377): ```bash sfill ``` <details> <summary>Output:</summary> ``` Command 'sfill' not found, but can be installed with: sudo apt install secure-delete ``` </details>
Benjamin_Loison commented 2024-09-07 15:00:55 +02:00
Author
Owner
Copy Link
sudo apt install secure-delete -y
Output: 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  secure-delete
0 upgraded, 1 newly installed, 0 to remove and 14 not upgraded.
Need to get 74.0 kB of archives.
After this operation, 165 kB of additional disk space will be used.
Get:1 http://mirrors.ircam.fr/pub/ubuntu/archive noble/universe amd64 secure-delete amd64 3.1-8 [74.0 kB]
Fetched 74.0 kB in 0s (623 kB/s)         
Selecting previously unselected package secure-delete.
(Reading database ... 962055 files and directories currently installed.)
Preparing to unpack .../secure-delete_3.1-8_amd64.deb ...
Unpacking secure-delete (3.1-8) ...
Setting up secure-delete (3.1-8) ...
Processing triggers for man-db (2.12.0-4build2) ...

sfill
Output: 
Warning: you are not root. You might not be able to wipe the whole filesystem.
sfill v3.1 (c) 1997-2003 by van Hauser / THC <vh@thc.org>

Syntax: sfill [-fiIlvz] directory

Options:
	-f  fast (and insecure mode): no /dev/urandom, no synchronize mode.
	-i  wipe only inodes in the directory specified
	-I  just wipe space, not inodes
	-l  lessens the security (use twice for total insecure mode).
	-v  is verbose mode.
	-z  last wipe writes zeros, not random data.

sfill does a secure overwrite of the free space on the partition the specified
directory resides and all free inodes of the directory specified.
Default is secure mode (38 writes).
You can find updates at http://www.thc.org

sudo sfill -v
Output: 
sfill v3.1 (c) 1997-2003 by van Hauser / THC <vh@thc.org>

Syntax: sfill [-fiIlvz] directory

Options:
	-f  fast (and insecure mode): no /dev/urandom, no synchronize mode.
	-i  wipe only inodes in the directory specified
	-I  just wipe space, not inodes
	-l  lessens the security (use twice for total insecure mode).
	-v  is verbose mode.
	-z  last wipe writes zeros, not random data.

sfill does a secure overwrite of the free space on the partition the specified
directory resides and all free inodes of the directory specified.
Default is secure mode (38 writes).
You can find updates at http://www.thc.org
```bash sudo apt install secure-delete -y ``` <details> <summary>Output:</summary> ``` Reading package lists... Done Building dependency tree... Done Reading state information... Done The following NEW packages will be installed: secure-delete 0 upgraded, 1 newly installed, 0 to remove and 14 not upgraded. Need to get 74.0 kB of archives. After this operation, 165 kB of additional disk space will be used. Get:1 http://mirrors.ircam.fr/pub/ubuntu/archive noble/universe amd64 secure-delete amd64 3.1-8 [74.0 kB] Fetched 74.0 kB in 0s (623 kB/s) Selecting previously unselected package secure-delete. (Reading database ... 962055 files and directories currently installed.) Preparing to unpack .../secure-delete_3.1-8_amd64.deb ... Unpacking secure-delete (3.1-8) ... Setting up secure-delete (3.1-8) ... Processing triggers for man-db (2.12.0-4build2) ... ``` </details> ```bash sfill ``` <details> <summary>Output:</summary> ``` Warning: you are not root. You might not be able to wipe the whole filesystem. sfill v3.1 (c) 1997-2003 by van Hauser / THC <vh@thc.org> Syntax: sfill [-fiIlvz] directory Options: -f fast (and insecure mode): no /dev/urandom, no synchronize mode. -i wipe only inodes in the directory specified -I just wipe space, not inodes -l lessens the security (use twice for total insecure mode). -v is verbose mode. -z last wipe writes zeros, not random data. sfill does a secure overwrite of the free space on the partition the specified directory resides and all free inodes of the directory specified. Default is secure mode (38 writes). You can find updates at http://www.thc.org ``` </details> ```bash sudo sfill -v ``` <details> <summary>Output:</summary> ``` sfill v3.1 (c) 1997-2003 by van Hauser / THC <vh@thc.org> Syntax: sfill [-fiIlvz] directory Options: -f fast (and insecure mode): no /dev/urandom, no synchronize mode. -i wipe only inodes in the directory specified -I just wipe space, not inodes -l lessens the security (use twice for total insecure mode). -v is verbose mode. -z last wipe writes zeros, not random data. sfill does a secure overwrite of the free space on the partition the specified directory resides and all free inodes of the directory specified. Default is secure mode (38 writes). You can find updates at http://www.thc.org ``` </details>
Benjamin_Loison commented 2024-09-07 20:45:00 +02:00
Author
Owner
Copy Link

Related to Benjamin_Loison/coreutils/issues/1.

Related to [Benjamin_Loison/coreutils/issues/1](https://codeberg.org/Benjamin_Loison/coreutils/issues/1).
Benjamin_Loison commented 2024-09-07 21:05:22 +02:00
Author
Owner
Copy Link

On my Linux Mint 22 Cinnamon Framework 13:

df -h /
Output: 
Filesystem               Size  Used Avail Use% Mounted on
/dev/mapper/vgmint-root  1.8T  1.6T  117G  94% /

time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!'
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ...

ls -lh /oooooooo.ooo

-rw------- 1 root root 2.7G Sep  7 21:09 /oooooooo.ooo

ls -lh /oooooooo.ooo

-rw------- 1 root root 2.8G Sep  7 21:09 /oooooooo.ooo

watch ls -lh /oooooooo.ooo
Output: 
Every 2.0s: ls -lh /oooo...  benjamin-loison-framework: Sat Sep  7 21:18:36 2024

-rw------- 1 root root 18G Sep  7 21:18 /oooooooo.ooo

Unclear if when will reach 117G it will be finished or it will only be the first pass.

So it took about 10 minutes for 15 GB.

On my Linux Mint 22 Cinnamon Framework 13: ```bash df -h / ``` <details> <summary>Output:</summary> ``` Filesystem Size Used Avail Use% Mounted on /dev/mapper/vgmint-root 1.8T 1.6T 117G 94% / ``` </details> ```bash time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!' ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... ``` </details> ```bash ls -lh /oooooooo.ooo ``` ``` -rw------- 1 root root 2.7G Sep 7 21:09 /oooooooo.ooo ``` ```bash ls -lh /oooooooo.ooo ``` ``` -rw------- 1 root root 2.8G Sep 7 21:09 /oooooooo.ooo ``` ```bash watch ls -lh /oooooooo.ooo ``` <details> <summary>Output:</summary> ``` Every 2.0s: ls -lh /oooo... benjamin-loison-framework: Sat Sep 7 21:18:36 2024 -rw------- 1 root root 18G Sep 7 21:18 /oooooooo.ooo ``` </details> Unclear if when will reach 117G it will be finished or it will only be the first pass. So it took about 10 minutes for 15 GB.
Benjamin_Loison commented 2024-09-07 22:21:38 +02:00
Author
Owner
Copy Link

image

Still same output of time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!'.

watch ls -lh /oooooooo.ooo
Output: 
Every 2.0s: ls -lh /oooooooo.ooo                                                        benjamin-loison-framework: Sat Sep  7 22:20:54 2024

-rw------- 1 root root 137G Sep  7 22:20 /oooooooo.ooo

Note that after a few minutes it was still having more GB. Maybe df -h / is not correct.

So how is it able to get additional GB??

So for avoiding possible data erasure I ctrl + c:

time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!'
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ... ^C
Terminated by signal. Clean exit.

real	73m57.576s
user	0m0.030s
sys	0m0.032s
1

Should test in an environment where I am fine loosing all data.

![image](/attachments/9aeef6b1-15f5-46b2-90ed-69fde7152e2a) Still same output of `time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!'`. ```bash watch ls -lh /oooooooo.ooo ``` <details> <summary>Output:</summary> ``` Every 2.0s: ls -lh /oooooooo.ooo benjamin-loison-framework: Sat Sep 7 22:20:54 2024 -rw------- 1 root root 137G Sep 7 22:20 /oooooooo.ooo ``` </details> Note that after a few minutes it was still having more GB. Maybe `df -h /` is not correct. So how is it able to get additional GB?? So for avoiding possible data erasure I <kbd>ctrl</kbd> + <kbd>c</kbd>: ```bash time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!' ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... ^C Terminated by signal. Clean exit. real 73m57.576s user 0m0.030s sys 0m0.032s 1 ``` </details> Should test in an environment where I am fine loosing all data.
image.png
4.2 MiB
Benjamin_Loison commented 2024-09-08 00:30:09 +02:00
Author
Owner
Copy Link

Could backup a Linux virtual machine with lowest space at all (not free) and proceed with it.

Given maximum size, estimating when file writing will be finished would be interesting.

Pegasus for this long running task seems more appropriate.

Could backup a Linux virtual machine with lowest space at all (not free) and proceed with it. Given maximum size, estimating when file writing will be finished would be interesting. *Pegasus* for this long running task seems more appropriate.
Benjamin_Loison commented 2024-09-09 00:04:26 +02:00
Author
Owner
Copy Link
sudo ls -lh /var/lib/libvirt/images/Debian_not_trust.qcow2

-rw------- 1 root root 37G Sep  8 23:03 /var/lib/libvirt/images/Debian_not_trust.qcow2

sudo cp /var/lib/libvirt/images/Debian_not_trust{,_before_sfill_08_09_24}.qcow2

sudo ls -lh /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2

-rw------- 1 root root 37G Sep  8 23:05 /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2

sudo diff /var/lib/libvirt/images/Debian_not_trust{,_before_sfill_08_09_24}.qcow2

does not return anything.

df -h /
Output: 
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda2        28G   17G   10G  63% /

sudo sfill -v /
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ...

progress

No command currently running: cp, mv, dd, tar, bsdtar, cat, rsync, scp, grep, fgrep, egrep, cut, sort, md5sum, sha1sum, sha224sum, sha256sum, sha384sum, sha512sum, adb, gzip, gunzip, bzip2, bunzip2, xz, unxz, lzma, unlzma, 7z, 7za, zip, unzip, zcat, bzcat, lzcat, coreutils, split, gpg, or wrong permissions.

Related to Benjamin_Loison/pv/issues/2.

ls -l oooooooo.ooo; sleep 10; ls -l oooooooo.ooo
Output: 
-rw------- 1 root root 12206817280 Sep  8 23:44 oooooooo.ooo
-rw------- 1 root root 12206817280 Sep  8 23:45 oooooooo.ooo

sudo sfill -v /
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ... *

* seems to have been added. Maybe it's the first pass, hence is very slow.

sudo sfill -v /
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ... **

ls -l oooooooo.ooo

-rw------- 1 root root 12206817280 Sep  8 23:44 oooooooo.ooo

so it seems to be a * for each pass.

sudo sfill -v /
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ... **^C
Terminated by signal. Clean exit.

ls /oooooooo.ooo

ls: cannot access '/oooooooo.ooo': No such file or directory

df -h /
Output: 
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda2        28G   17G   10G  63% /

sudo rm /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2
```bash sudo ls -lh /var/lib/libvirt/images/Debian_not_trust.qcow2 ``` ``` -rw------- 1 root root 37G Sep 8 23:03 /var/lib/libvirt/images/Debian_not_trust.qcow2 ``` ```bash sudo cp /var/lib/libvirt/images/Debian_not_trust{,_before_sfill_08_09_24}.qcow2 ``` ```bash sudo ls -lh /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2 ``` ``` -rw------- 1 root root 37G Sep 8 23:05 /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2 ``` ```bash sudo diff /var/lib/libvirt/images/Debian_not_trust{,_before_sfill_08_09_24}.qcow2 ``` does not return anything. ```bash df -h / ``` <details> <summary>Output:</summary> ``` Filesystem Size Used Avail Use% Mounted on /dev/vda2 28G 17G 10G 63% / ``` </details> ```bash sudo sfill -v / ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... ``` </details> ```bash progress ``` ``` No command currently running: cp, mv, dd, tar, bsdtar, cat, rsync, scp, grep, fgrep, egrep, cut, sort, md5sum, sha1sum, sha224sum, sha256sum, sha384sum, sha512sum, adb, gzip, gunzip, bzip2, bunzip2, xz, unxz, lzma, unlzma, 7z, 7za, zip, unzip, zcat, bzcat, lzcat, coreutils, split, gpg, or wrong permissions. ``` Related to [Benjamin_Loison/pv/issues/2](https://codeberg.org/Benjamin_Loison/pv/issues/2). ```bash ls -l oooooooo.ooo; sleep 10; ls -l oooooooo.ooo ``` <details> <summary>Output:</summary> ``` -rw------- 1 root root 12206817280 Sep 8 23:44 oooooooo.ooo -rw------- 1 root root 12206817280 Sep 8 23:45 oooooooo.ooo ``` </details> ```bash sudo sfill -v / ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... * ``` </details> `*` seems to have been added. Maybe it's the first pass, hence is very slow. ```bash sudo sfill -v / ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... ** ``` </details> ```bash ls -l oooooooo.ooo ``` ``` -rw------- 1 root root 12206817280 Sep 8 23:44 oooooooo.ooo ``` so it seems to be a `*` for each pass. ```bash sudo sfill -v / ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... **^C Terminated by signal. Clean exit. ``` </details> ```bash ls /oooooooo.ooo ``` ``` ls: cannot access '/oooooooo.ooo': No such file or directory ``` ```bash df -h / ``` <details> <summary>Output:</summary> ``` Filesystem Size Used Avail Use% Mounted on /dev/vda2 28G 17G 10G 63% / ``` </details> ```bash sudo rm /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2 ```
Benjamin_Loison commented 2024-10-08 08:32:51 +02:00
Author
Owner
Copy Link

Cannot use encryption to make it faster? Maybe not retrospectively.

Cannot use encryption *to make it faster*? Maybe not retrospectively.
Benjamin_Loison commented 2024-12-31 19:21:48 +01:00
Author
Owner
Copy Link

Would help Benjamin_Loison/ecryptfs/issues/2.

Would help [Benjamin_Loison/ecryptfs/issues/2](https://codeberg.org/Benjamin_Loison/ecryptfs/issues/2).
Benjamin_Loison commented 2024-12-31 19:55:20 +01:00
Author
Owner
Copy Link

Related to Benjamin_Loison/shred/issues/12.

Related to [Benjamin_Loison/shred/issues/12](https://codeberg.org/Benjamin_Loison/shred/issues/12).
Benjamin_Loison commented 2024-12-31 20:14:12 +01:00
Author
Owner
Copy Link

Related to Benjamin_Loison/shred/issues/1#issuecomment-2557852.

	-l  lessens the security (use twice for total insecure mode).

is unclear what is works on.

Related to [Benjamin_Loison/shred/issues/1#issuecomment-2557852](https://codeberg.org/Benjamin_Loison/shred/issues/1#issuecomment-2557852). ``` -l lessens the security (use twice for total insecure mode). ``` is unclear what is works on.
Benjamin_Loison commented 2024-12-31 20:14:39 +01:00
Author
Owner
Copy Link

Should test getting file back with testdisk.

Should test getting file back with testdisk.
Benjamin_Loison commented 2024-12-31 21:30:29 +01:00
Author
Owner
Copy Link
date && time sudo sfill -vl /
Output: 
Tue Dec 31 08:30:27 PM CET 2024
Using /dev/urandom for random input.
Wipe mode is insecure (two passes [0xff/random])
Wiping now ...
Creating /oooooooo.ooo ...

not finished.

date && du -sh /oooooooo.ooo 

Tue Dec 31 08:32:14 PM CET 2024
798M	/oooooooo.ooo

date && time sudo sfill -vll /
Output: 
Tue Dec 31 08:32:28 PM CET 2024
Using /dev/urandom for random input.
Wipe mode is insecure (one pass [random])
Wiping now ...
Creating /oooooooo.ooo ...

not finished.

date && du -sh /oooooooo.ooo 

Tue Dec 31 08:33:27 PM CET 2024
643M	/oooooooo.ooo

So takes about 2 minutes per GB, so 2,000 minutes per TB that is 33 hours.
So default secure mode with 38 passes would take about 33 * 38 = 1,254 hours that is 52 days...

shred makes 3 passes, so would take about 100 hours, that is 4 days, per TB.

df -h /
Output: 
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda1        55G   38G   15G  72% /

time fallocate -l 13G test
Output: 
real	0m0.024s
user	0m0.000s
sys	0m0.010s

ls -lh test

-rw-r--r-- 1 benjamin_loison benjamin_loison 13G Dec 31 21:09 test

df -h /
Output: 
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda1        55G   51G  1.7G  97% /

ls -lh /oooooooo.ooo

-rw------- 1 root root 702M Dec 31 21:12 /oooooooo.ooo

sudo file /oooooooo.ooo

/oooooooo.ooo: data

sudo head -c 10 /oooooooo.ooo

\ufffd\ufffds-\ufffd\ufffd\ufffd\ufffd

sudo tail -c 10 /oooooooo.ooo

\f\ufffd`l\ufffd<

sudo od --format=x1 --read-bytes=10 /oooooooo.ooo

0000000 b4 19 df 73 2d fe ae 9b e8 0e
000001

Source: the Super User answer 706129

is not much meaningful to me.

ls -lh /oooooooo.ooo

-rw------- 1 root root 2.5G Dec 31 21:16 /oooooooo.ooo

df -h /
Output: 
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda1        55G   53G     0 100% /

ls -l /oooooooo.ooo 

-rw------- 1 root root 2917814272 Dec 31 21:16 /oooooooo.ooo

ls -l /oooooooo.ooo 

-rw------- 1 root root 3204001792 Dec 31 21:17 /oooooooo.ooo

df -h /
Output: 
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda1        55G   54G     0 100% /

df -h
Output: 
Filesystem      Size  Used Avail Use% Mounted on
udev            1.9G     0  1.9G   0% /dev
tmpfs           392M  1.5M  390M   1% /run
/dev/vda1        55G   54G     0 100% /
tmpfs           2.0G     0  2.0G   0% /dev/shm
tmpfs           5.0M  8.0K  5.0M   1% /run/lock
/host_share     731G  580G  115G  84% /mnt/host_share
tmpfs           392M   96K  392M   1% /run/user/1000
/dev/sr0        3.3G  3.3G     0 100% /media/benjamin_loison/d-live 12.5.0 gn amd64

DuckDuckGo and Google search "sfill" while "df" shows 0.

The Ask Ubuntu question 961558 is focused on getting progress.

date && time sudo sfill -vll /
Output: 
Tue Dec 31 09:11:21 PM CET 2024
Using /dev/urandom for random input.
Wipe mode is insecure (one pass [random])
Wiping now ...
Creating /oooooooo.ooo ... * Wiping inodes ... Done ...  Finished

real	9m39.959s
user	0m0.004s
sys	0m0.014s

ls /oooooooo.ooo

ls: cannot access '/oooooooo.ooo': No such file or directory
```bash date && time sudo sfill -vl / ``` <details> <summary>Output:</summary> ``` Tue Dec 31 08:30:27 PM CET 2024 Using /dev/urandom for random input. Wipe mode is insecure (two passes [0xff/random]) Wiping now ... Creating /oooooooo.ooo ... ``` </details> not finished. ```bash date && du -sh /oooooooo.ooo ``` ``` Tue Dec 31 08:32:14 PM CET 2024 798M /oooooooo.ooo ``` ```bash date && time sudo sfill -vll / ``` <details> <summary>Output:</summary> ``` Tue Dec 31 08:32:28 PM CET 2024 Using /dev/urandom for random input. Wipe mode is insecure (one pass [random]) Wiping now ... Creating /oooooooo.ooo ... ``` </details> not finished. ```bash date && du -sh /oooooooo.ooo ``` ``` Tue Dec 31 08:33:27 PM CET 2024 643M /oooooooo.ooo ``` So takes about 2 minutes per GB, so 2,000 minutes per TB that is 33 hours. So default *secure* mode with 38 passes would take about 33 * 38 = 1,254 hours that is 52 days... `shred` makes 3 passes, so would take about 100 hours, that is 4 days, per TB. ```bash df -h / ``` <details> <summary>Output:</summary> ``` Filesystem Size Used Avail Use% Mounted on /dev/vda1 55G 38G 15G 72% / ``` </details> ```bash time fallocate -l 13G test ``` <details> <summary>Output:</summary> ``` real 0m0.024s user 0m0.000s sys 0m0.010s ``` </details> ```bash ls -lh test ``` ``` -rw-r--r-- 1 benjamin_loison benjamin_loison 13G Dec 31 21:09 test ``` ```bash df -h / ``` <details> <summary>Output:</summary> ``` Filesystem Size Used Avail Use% Mounted on /dev/vda1 55G 51G 1.7G 97% / ``` </details> ```bash ls -lh /oooooooo.ooo ``` ``` -rw------- 1 root root 702M Dec 31 21:12 /oooooooo.ooo ``` ```bash sudo file /oooooooo.ooo ``` ``` /oooooooo.ooo: data ``` ```bash sudo head -c 10 /oooooooo.ooo ``` ``` \ufffd\ufffds-\ufffd\ufffd\ufffd\ufffd ``` ```bash sudo tail -c 10 /oooooooo.ooo ``` ``` \f\ufffd`l\ufffd< ``` ```bash sudo od --format=x1 --read-bytes=10 /oooooooo.ooo ``` ``` 0000000 b4 19 df 73 2d fe ae 9b e8 0e 000001 ``` Source: [the Super User answer 706129](https://superuser.com/a/706129) is not much meaningful to me. ```bash ls -lh /oooooooo.ooo ``` ``` -rw------- 1 root root 2.5G Dec 31 21:16 /oooooooo.ooo ``` ```bash df -h / ``` <details> <summary>Output:</summary> ``` Filesystem Size Used Avail Use% Mounted on /dev/vda1 55G 53G 0 100% / ``` </details> ```bash ls -l /oooooooo.ooo ``` ``` -rw------- 1 root root 2917814272 Dec 31 21:16 /oooooooo.ooo ``` ```bash ls -l /oooooooo.ooo ``` ``` -rw------- 1 root root 3204001792 Dec 31 21:17 /oooooooo.ooo ``` ```bash df -h / ``` <details> <summary>Output:</summary> ``` Filesystem Size Used Avail Use% Mounted on /dev/vda1 55G 54G 0 100% / ``` </details> ```bash df -h ``` <details> <summary>Output:</summary> ``` Filesystem Size Used Avail Use% Mounted on udev 1.9G 0 1.9G 0% /dev tmpfs 392M 1.5M 390M 1% /run /dev/vda1 55G 54G 0 100% / tmpfs 2.0G 0 2.0G 0% /dev/shm tmpfs 5.0M 8.0K 5.0M 1% /run/lock /host_share 731G 580G 115G 84% /mnt/host_share tmpfs 392M 96K 392M 1% /run/user/1000 /dev/sr0 3.3G 3.3G 0 100% /media/benjamin_loison/d-live 12.5.0 gn amd64 ``` </details> DuckDuckGo and Google search `"sfill" while "df" shows 0`. [The Ask Ubuntu question 961558](https://askubuntu.com/q/961558) is focused on getting progress. ```bash date && time sudo sfill -vll / ``` <details> <summary>Output:</summary> ``` Tue Dec 31 09:11:21 PM CET 2024 Using /dev/urandom for random input. Wipe mode is insecure (one pass [random]) Wiping now ... Creating /oooooooo.ooo ... * Wiping inodes ... Done ... Finished real 9m39.959s user 0m0.004s sys 0m0.014s ``` </details> ```bash ls /oooooooo.ooo ``` ``` ls: cannot access '/oooooooo.ooo': No such file or directory ```
Benjamin_Loison commented 2025-01-01 14:44:52 +01:00
Author
Owner
Copy Link

Related to Benjamin-Loison/cinnamon/issues/179.

Related to [Benjamin-Loison/cinnamon/issues/179](https://github.com/Benjamin-Loison/cinnamon/issues/179).
Benjamin_Loison commented 2025-01-01 19:13:24 +01:00
Author
Owner
Copy Link

Related to Benjamin-Loison/cinnamon/issues/180.

Related to [Benjamin-Loison/cinnamon/issues/180](https://github.com/Benjamin-Loison/cinnamon/issues/180).
Benjamin_Loison commented 2025-01-03 13:48:10 +01:00
Author
Owner
Copy Link
man sfill
Output: 
       sfill is designed to delete data which lies on available  diskspace  on
       mediums  in  a secure manner
...
       afterwards as many temporary files as possible are  generated  to  wipe
       the  free  inode  space.  After no more temporary files can be created,
       they are removed and sfill is finished.

Does it take into account blocks only accessible by root (it is defined per partition if I remember correctly)? Maybe as need sudo to use /.

```bash man sfill ``` <details> <summary>Output:</summary> ``` sfill is designed to delete data which lies on available diskspace on mediums in a secure manner ... afterwards as many temporary files as possible are generated to wipe the free inode space. After no more temporary files can be created, they are removed and sfill is finished. ``` </details> Does it take into account blocks only accessible by `root` (it is defined per partition if I remember correctly)? Maybe as need `sudo` to use `/`.
Benjamin_Loison commented 2025-01-03 22:37:10 +01:00
Author
Owner
Copy Link

Related to Benjamin-Loison/cinnamon/issues/137.

Related to [Benjamin-Loison/cinnamon/issues/137](https://github.com/Benjamin-Loison/cinnamon/issues/137).
Benjamin_Loison commented 2025-01-04 00:31:00 +01:00
Author
Owner
Copy Link

Related to Benjamin_Loison/bash/issues/14.

Can create files when df -h / claims not having space anymore? It would be nice if could during the process to still be able to have manual low activity in parallel. In theory if only read from disk and use RAM it is fine.

image

on the Linux Mint 22 Cinnamon owned by the person: 
-----BEGIN PGP MESSAGE-----

hF4DTQa9Wom5MBgSAQdAs2NQJyw+1lJ312HxFheLwPhZWGKICvMr0FJCNtEsWXgw
4wbFEpBUNRyw0qZSi9OCTw7vhfwrVlwdLjZTJFSYGVrUsBgfs5vQxg8TRI9YLF+X
1EoBCQIQBV4rYbaOKeAP+qvBz9Gn4xGll1Epn1TOvcTfJkDzjv1st/mdUEWM+0Vm
NR/mnCDBI+iMH+aLyww+9C5War9NuJzZqamgzA==
=9Ff6
-----END PGP MESSAGE-----
Related to [Benjamin_Loison/bash/issues/14](https://codeberg.org/Benjamin_Loison/bash/issues/14). Can create files when `df -h /` claims not having space anymore? It would be nice if could during the process to still be able to have manual low activity in parallel. In theory if only read from disk and use RAM it is fine. ![image](/attachments/c54170d3-5f14-494d-a7bf-66e08207fd3d) <details> <summary>on the Linux Mint 22 Cinnamon owned by the person:</summary> ``` -----BEGIN PGP MESSAGE----- hF4DTQa9Wom5MBgSAQdAs2NQJyw+1lJ312HxFheLwPhZWGKICvMr0FJCNtEsWXgw 4wbFEpBUNRyw0qZSi9OCTw7vhfwrVlwdLjZTJFSYGVrUsBgfs5vQxg8TRI9YLF+X 1EoBCQIQBV4rYbaOKeAP+qvBz9Gn4xGll1Epn1TOvcTfJkDzjv1st/mdUEWM+0Vm NR/mnCDBI+iMH+aLyww+9C5War9NuJzZqamgzA== =9Ff6 -----END PGP MESSAGE----- ``` </details>
image.png
7.8 MiB
Benjamin_Loison commented 2025-01-04 13:24:10 +01:00
Author
Owner
Copy Link

Before:

df -h /

Filesystem      Size  Used Avail Use% Mounted on
/dev/sda2       879G  492G  388G  56% /

After:

df -h /

Filesystem      Size  Used Avail Use% Mounted on
/dev/sda2       879G  483G  396G  55% /

How this process have freed 11 GB according to df -h /?

image

So it took about 12 hours to erase 388 GB, so it erases about 32 GB per hour. So it needs about 31 hours to erase 1 TB.

Before: ```bash df -h / ``` ``` Filesystem Size Used Avail Use% Mounted on /dev/sda2 879G 492G 388G 56% / ``` After: ```bash df -h / ``` ``` Filesystem Size Used Avail Use% Mounted on /dev/sda2 879G 483G 396G 55% / ``` How this process have freed 11 GB according to `df -h /`? ![image](/attachments/91516a81-7f62-43d6-9b4d-047afb853640) So it took about 12 hours to erase 388 GB, so it erases about 32 GB per hour. So it needs about 31 hours to erase 1 TB.
image.png
147 KiB
Benjamin_Loison commented 2025-01-04 13:28:28 +01:00
Author
Owner
Copy Link

Firefox YouTube and KeePassXC unlock work fine after reboot.

Firefox YouTube and KeePassXC unlock work fine after reboot.
Benjamin_Loison commented 2025-01-04 13:29:57 +01:00
Author
Owner
Copy Link

However, then have to keep in mind that notably:

are still in plaintext. As well as temporary operations like zipping?

Related to Benjamin_Loison/ecryptfs/issues/3.

I verified quickly the contents of:

  • /root/
  • /var/www/html/
  • crontab -l

on the given person laptop.

Maybe with sfill can precise /folder/ as / if need to shred now deleted files that were in /folder/.

However, then have to keep in mind that notably: - `/tmp/` should investigate that, see [issues/58#issuecomment-3106](https://gitea.lemnoslife.com/Benjamin_Loison/linux/issues/58#issuecomment-3106) - `/root/` - `/var/www/html/` - `/file.swap` - `/var/spool/cron/crontabs/` are still in plaintext. As well as temporary operations like zipping? Related to [Benjamin_Loison/ecryptfs/issues/3](https://codeberg.org/Benjamin_Loison/ecryptfs/issues/3). I verified quickly the contents of: - `/root/` - `/var/www/html/` - `crontab -l` on the given person laptop. Maybe with `sfill` can precise `/folder/` as `/` if need to shred now deleted files that were in `/folder/`.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Benjamin_Loison
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Benjamin_Loison/linux#22
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?