Benjamin_Loison/linux
1
0
Code Issues 41 Packages Projects Wiki

How to shred free disk slots? #22

New Issue
Open
opened 2024-05-09 02:44:00 +02:00 by Benjamin_Loison · 10 comments
Benjamin_Loison commented 2024-05-09 02:44:00 +02:00
Owner
Copy Link

Tracked at Benjamin_Loison/shred/issues/5.

Tracked at [Benjamin_Loison/shred/issues/5](https://codeberg.org/Benjamin_Loison/shred/issues/5).
Benjamin_Loison commented 2024-09-05 13:48:44 +02:00
Author
Owner
Copy Link
Related to the issue: 
-----BEGIN PGP MESSAGE-----

hF4DTQa9Wom5MBgSAQdAqXiRwz0du96gb/HpXsudOg6KGQnZvFRRdFIhz+bgFDsw
SY9bUxZ9AWNo+U3Syz3zeMwyJTOtuc35po9pfDs3qOP4BzICsRv73dG4ZCoH4zlg
0nsBFhofaRHciz9B48DbhjnyaMxVyrtYSPQ5wUUEN82N2HYK0ZWLSqRh21ADvgwA
QXUP0Tiy+yKnNnJoOEJS+Mvs8gCqDTXy4p69R8PDz2I6X2y1h1VJ48wHfdTmA2EP
B/jNmM7RoTJFdiKS0yktfmtHqiueBdY5ldO37vI=
=7zxM
-----END PGP MESSAGE-----
<details> <summary>Related to the issue:</summary> ``` -----BEGIN PGP MESSAGE----- hF4DTQa9Wom5MBgSAQdAqXiRwz0du96gb/HpXsudOg6KGQnZvFRRdFIhz+bgFDsw SY9bUxZ9AWNo+U3Syz3zeMwyJTOtuc35po9pfDs3qOP4BzICsRv73dG4ZCoH4zlg 0nsBFhofaRHciz9B48DbhjnyaMxVyrtYSPQ5wUUEN82N2HYK0ZWLSqRh21ADvgwA QXUP0Tiy+yKnNnJoOEJS+Mvs8gCqDTXy4p69R8PDz2I6X2y1h1VJ48wHfdTmA2EP B/jNmM7RoTJFdiKS0yktfmtHqiueBdY5ldO37vI= =7zxM -----END PGP MESSAGE----- ``` </details>
Benjamin_Loison commented 2024-09-07 01:27:02 +02:00
Author
Owner
Copy Link

Related to Benjamin-Loison/vim/issues/14.

Related to [Benjamin-Loison/vim/issues/14](https://github.com/Benjamin-Loison/vim/issues/14).
Benjamin_Loison commented 2024-09-07 14:57:26 +02:00
Author
Owner
Copy Link

The Super User answer 19377:

sfill
Output: 
Command 'sfill' not found, but can be installed with:
sudo apt install secure-delete
[The Super User answer 19377](https://superuser.com/a/19377): ```bash sfill ``` <details> <summary>Output:</summary> ``` Command 'sfill' not found, but can be installed with: sudo apt install secure-delete ``` </details>
Benjamin_Loison commented 2024-09-07 15:00:55 +02:00
Author
Owner
Copy Link
sudo apt install secure-delete -y
Output: 
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  secure-delete
0 upgraded, 1 newly installed, 0 to remove and 14 not upgraded.
Need to get 74.0 kB of archives.
After this operation, 165 kB of additional disk space will be used.
Get:1 http://mirrors.ircam.fr/pub/ubuntu/archive noble/universe amd64 secure-delete amd64 3.1-8 [74.0 kB]
Fetched 74.0 kB in 0s (623 kB/s)         
Selecting previously unselected package secure-delete.
(Reading database ... 962055 files and directories currently installed.)
Preparing to unpack .../secure-delete_3.1-8_amd64.deb ...
Unpacking secure-delete (3.1-8) ...
Setting up secure-delete (3.1-8) ...
Processing triggers for man-db (2.12.0-4build2) ...

sfill
Output: 
Warning: you are not root. You might not be able to wipe the whole filesystem.
sfill v3.1 (c) 1997-2003 by van Hauser / THC <vh@thc.org>

Syntax: sfill [-fiIlvz] directory

Options:
	-f  fast (and insecure mode): no /dev/urandom, no synchronize mode.
	-i  wipe only inodes in the directory specified
	-I  just wipe space, not inodes
	-l  lessens the security (use twice for total insecure mode).
	-v  is verbose mode.
	-z  last wipe writes zeros, not random data.

sfill does a secure overwrite of the free space on the partition the specified
directory resides and all free inodes of the directory specified.
Default is secure mode (38 writes).
You can find updates at http://www.thc.org

sudo sfill -v
Output: 
sfill v3.1 (c) 1997-2003 by van Hauser / THC <vh@thc.org>

Syntax: sfill [-fiIlvz] directory

Options:
	-f  fast (and insecure mode): no /dev/urandom, no synchronize mode.
	-i  wipe only inodes in the directory specified
	-I  just wipe space, not inodes
	-l  lessens the security (use twice for total insecure mode).
	-v  is verbose mode.
	-z  last wipe writes zeros, not random data.

sfill does a secure overwrite of the free space on the partition the specified
directory resides and all free inodes of the directory specified.
Default is secure mode (38 writes).
You can find updates at http://www.thc.org
```bash sudo apt install secure-delete -y ``` <details> <summary>Output:</summary> ``` Reading package lists... Done Building dependency tree... Done Reading state information... Done The following NEW packages will be installed: secure-delete 0 upgraded, 1 newly installed, 0 to remove and 14 not upgraded. Need to get 74.0 kB of archives. After this operation, 165 kB of additional disk space will be used. Get:1 http://mirrors.ircam.fr/pub/ubuntu/archive noble/universe amd64 secure-delete amd64 3.1-8 [74.0 kB] Fetched 74.0 kB in 0s (623 kB/s) Selecting previously unselected package secure-delete. (Reading database ... 962055 files and directories currently installed.) Preparing to unpack .../secure-delete_3.1-8_amd64.deb ... Unpacking secure-delete (3.1-8) ... Setting up secure-delete (3.1-8) ... Processing triggers for man-db (2.12.0-4build2) ... ``` </details> ```bash sfill ``` <details> <summary>Output:</summary> ``` Warning: you are not root. You might not be able to wipe the whole filesystem. sfill v3.1 (c) 1997-2003 by van Hauser / THC <vh@thc.org> Syntax: sfill [-fiIlvz] directory Options: -f fast (and insecure mode): no /dev/urandom, no synchronize mode. -i wipe only inodes in the directory specified -I just wipe space, not inodes -l lessens the security (use twice for total insecure mode). -v is verbose mode. -z last wipe writes zeros, not random data. sfill does a secure overwrite of the free space on the partition the specified directory resides and all free inodes of the directory specified. Default is secure mode (38 writes). You can find updates at http://www.thc.org ``` </details> ```bash sudo sfill -v ``` <details> <summary>Output:</summary> ``` sfill v3.1 (c) 1997-2003 by van Hauser / THC <vh@thc.org> Syntax: sfill [-fiIlvz] directory Options: -f fast (and insecure mode): no /dev/urandom, no synchronize mode. -i wipe only inodes in the directory specified -I just wipe space, not inodes -l lessens the security (use twice for total insecure mode). -v is verbose mode. -z last wipe writes zeros, not random data. sfill does a secure overwrite of the free space on the partition the specified directory resides and all free inodes of the directory specified. Default is secure mode (38 writes). You can find updates at http://www.thc.org ``` </details>
Benjamin_Loison commented 2024-09-07 20:45:00 +02:00
Author
Owner
Copy Link

Related to Benjamin_Loison/coreutils/issues/1.

Related to [Benjamin_Loison/coreutils/issues/1](https://codeberg.org/Benjamin_Loison/coreutils/issues/1).
Benjamin_Loison commented 2024-09-07 21:05:22 +02:00
Author
Owner
Copy Link

On my Linux Mint 22 Cinnamon Framework 13:

df -h /
Output: 
Filesystem               Size  Used Avail Use% Mounted on
/dev/mapper/vgmint-root  1.8T  1.6T  117G  94% /

time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!'
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ...

ls -lh /oooooooo.ooo

-rw------- 1 root root 2.7G Sep  7 21:09 /oooooooo.ooo

ls -lh /oooooooo.ooo

-rw------- 1 root root 2.8G Sep  7 21:09 /oooooooo.ooo

watch ls -lh /oooooooo.ooo
Output: 
Every 2.0s: ls -lh /oooo...  benjamin-loison-framework: Sat Sep  7 21:18:36 2024

-rw------- 1 root root 18G Sep  7 21:18 /oooooooo.ooo

Unclear if when will reach 117G it will be finished or it will only be the first pass.

On my Linux Mint 22 Cinnamon Framework 13: ```bash df -h / ``` <details> <summary>Output:</summary> ``` Filesystem Size Used Avail Use% Mounted on /dev/mapper/vgmint-root 1.8T 1.6T 117G 94% / ``` </details> ```bash time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!' ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... ``` </details> ```bash ls -lh /oooooooo.ooo ``` ``` -rw------- 1 root root 2.7G Sep 7 21:09 /oooooooo.ooo ``` ```bash ls -lh /oooooooo.ooo ``` ``` -rw------- 1 root root 2.8G Sep 7 21:09 /oooooooo.ooo ``` ```bash watch ls -lh /oooooooo.ooo ``` <details> <summary>Output:</summary> ``` Every 2.0s: ls -lh /oooo... benjamin-loison-framework: Sat Sep 7 21:18:36 2024 -rw------- 1 root root 18G Sep 7 21:18 /oooooooo.ooo ``` </details> Unclear if when will reach 117G it will be finished or it will only be the first pass.
Benjamin_Loison commented 2024-09-07 22:21:38 +02:00
Author
Owner
Copy Link

image

Still same output of time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!'.

watch ls -lh /oooooooo.ooo
Output: 
Every 2.0s: ls -lh /oooooooo.ooo                                                        benjamin-loison-framework: Sat Sep  7 22:20:54 2024

-rw------- 1 root root 137G Sep  7 22:20 /oooooooo.ooo

Note that after a few minutes it was still having more GB. Maybe df -h / is not correct.

So how is it able to get additional GB??

So for avoiding possible data erasure I ctrl + c:

time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!'
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ... ^C
Terminated by signal. Clean exit.

real	73m57.576s
user	0m0.030s
sys	0m0.032s
1

Should test in an environment where I am fine loosing all data.

![image](/attachments/9aeef6b1-15f5-46b2-90ed-69fde7152e2a) Still same output of `time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!'`. ```bash watch ls -lh /oooooooo.ooo ``` <details> <summary>Output:</summary> ``` Every 2.0s: ls -lh /oooooooo.ooo benjamin-loison-framework: Sat Sep 7 22:20:54 2024 -rw------- 1 root root 137G Sep 7 22:20 /oooooooo.ooo ``` </details> Note that after a few minutes it was still having more GB. Maybe `df -h /` is not correct. So how is it able to get additional GB?? So for avoiding possible data erasure I <kbd>ctrl</kbd> + <kbd>c</kbd>: ```bash time sudo sfill -v /; echo $?; matrix-commander -m 'sfill finished!' ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... ^C Terminated by signal. Clean exit. real 73m57.576s user 0m0.030s sys 0m0.032s 1 ``` </details> Should test in an environment where I am fine loosing all data.
image.png
4.2 MiB
Benjamin_Loison commented 2024-09-08 00:30:09 +02:00
Author
Owner
Copy Link

Could backup a Linux virtual machine with lowest space at all (not free) and proceed with it.

Given maximum size, estimating when file writing will be finished would be interesting.

Pegasus for this long running task seems more appropriate.

Could backup a Linux virtual machine with lowest space at all (not free) and proceed with it. Given maximum size, estimating when file writing will be finished would be interesting. *Pegasus* for this long running task seems more appropriate.
Benjamin_Loison commented 2024-09-09 00:04:26 +02:00
Author
Owner
Copy Link
sudo ls -lh /var/lib/libvirt/images/Debian_not_trust.qcow2

-rw------- 1 root root 37G Sep  8 23:03 /var/lib/libvirt/images/Debian_not_trust.qcow2

sudo cp /var/lib/libvirt/images/Debian_not_trust{,_before_sfill_08_09_24}.qcow2

sudo ls -lh /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2

-rw------- 1 root root 37G Sep  8 23:05 /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2

sudo diff /var/lib/libvirt/images/Debian_not_trust{,_before_sfill_08_09_24}.qcow2

does not return anything.

df -h /
Output: 
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda2        28G   17G   10G  63% /

sudo sfill -v /
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ...

progress

No command currently running: cp, mv, dd, tar, bsdtar, cat, rsync, scp, grep, fgrep, egrep, cut, sort, md5sum, sha1sum, sha224sum, sha256sum, sha384sum, sha512sum, adb, gzip, gunzip, bzip2, bunzip2, xz, unxz, lzma, unlzma, 7z, 7za, zip, unzip, zcat, bzcat, lzcat, coreutils, split, gpg, or wrong permissions.

Related to Benjamin_Loison/pv/issues/2.

ls -l oooooooo.ooo; sleep 10; ls -l oooooooo.ooo
Output: 
-rw------- 1 root root 12206817280 Sep  8 23:44 oooooooo.ooo
-rw------- 1 root root 12206817280 Sep  8 23:45 oooooooo.ooo

sudo sfill -v /
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ... *

* seems to have been added. Maybe it's the first pass, hence is very slow.

sudo sfill -v /
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ... **

ls -l oooooooo.ooo

-rw------- 1 root root 12206817280 Sep  8 23:44 oooooooo.ooo

so it seems to be a * for each pass.

sudo sfill -v /
Output: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping now ...
Creating /oooooooo.ooo ... **^C
Terminated by signal. Clean exit.

ls /oooooooo.ooo

ls: cannot access '/oooooooo.ooo': No such file or directory

df -h /
Output: 
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda2        28G   17G   10G  63% /

sudo rm /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2
```bash sudo ls -lh /var/lib/libvirt/images/Debian_not_trust.qcow2 ``` ``` -rw------- 1 root root 37G Sep 8 23:03 /var/lib/libvirt/images/Debian_not_trust.qcow2 ``` ```bash sudo cp /var/lib/libvirt/images/Debian_not_trust{,_before_sfill_08_09_24}.qcow2 ``` ```bash sudo ls -lh /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2 ``` ``` -rw------- 1 root root 37G Sep 8 23:05 /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2 ``` ```bash sudo diff /var/lib/libvirt/images/Debian_not_trust{,_before_sfill_08_09_24}.qcow2 ``` does not return anything. ```bash df -h / ``` <details> <summary>Output:</summary> ``` Filesystem Size Used Avail Use% Mounted on /dev/vda2 28G 17G 10G 63% / ``` </details> ```bash sudo sfill -v / ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... ``` </details> ```bash progress ``` ``` No command currently running: cp, mv, dd, tar, bsdtar, cat, rsync, scp, grep, fgrep, egrep, cut, sort, md5sum, sha1sum, sha224sum, sha256sum, sha384sum, sha512sum, adb, gzip, gunzip, bzip2, bunzip2, xz, unxz, lzma, unlzma, 7z, 7za, zip, unzip, zcat, bzcat, lzcat, coreutils, split, gpg, or wrong permissions. ``` Related to [Benjamin_Loison/pv/issues/2](https://codeberg.org/Benjamin_Loison/pv/issues/2). ```bash ls -l oooooooo.ooo; sleep 10; ls -l oooooooo.ooo ``` <details> <summary>Output:</summary> ``` -rw------- 1 root root 12206817280 Sep 8 23:44 oooooooo.ooo -rw------- 1 root root 12206817280 Sep 8 23:45 oooooooo.ooo ``` </details> ```bash sudo sfill -v / ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... * ``` </details> `*` seems to have been added. Maybe it's the first pass, hence is very slow. ```bash sudo sfill -v / ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... ** ``` </details> ```bash ls -l oooooooo.ooo ``` ``` -rw------- 1 root root 12206817280 Sep 8 23:44 oooooooo.ooo ``` so it seems to be a `*` for each pass. ```bash sudo sfill -v / ``` <details> <summary>Output:</summary> ``` Using /dev/urandom for random input. Wipe mode is secure (38 special passes) Wiping now ... Creating /oooooooo.ooo ... **^C Terminated by signal. Clean exit. ``` </details> ```bash ls /oooooooo.ooo ``` ``` ls: cannot access '/oooooooo.ooo': No such file or directory ``` ```bash df -h / ``` <details> <summary>Output:</summary> ``` Filesystem Size Used Avail Use% Mounted on /dev/vda2 28G 17G 10G 63% / ``` </details> ```bash sudo rm /var/lib/libvirt/images/Debian_not_trust_before_sfill_08_09_24.qcow2 ```
Benjamin_Loison commented 2024-10-08 08:32:51 +02:00
Author
Owner
Copy Link

Cannot use encryption to make it faster?

Cannot use encryption *to make it faster*?
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Benjamin_Loison/linux#22
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?