123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114 |
- #!/usr/bin/env bash
- #variables:
- random_pass=7
- zeroing_pass=1
- prereq_list="pv smartmontools"
- #check that a disk has been provided:
- if [ -z "$1" ]
- then
- echo "Usage: \"./wiper.sh diskname\", for example: \"./wiper.sh sdb\""
- exit
- fi
- #check the disk exists:
- if [ ! -e "/dev/$1" ]; then
- echo "/dev/$1 does not exists. exiting."
- exit
- fi
- #prerequisites:
- for prereq in $prereq_list; do
- REQUIRED_PKG="$prereq"
- PKG_OK=$(dpkg-query -W --showformat='${Status}\n' $REQUIRED_PKG|grep "install ok installed")
- #echo Checking for $REQUIRED_PKG: $PKG_OK
- if [ "" = "$PKG_OK" ]; then
- echo "$REQUIRED_PKG is not present. Setting up $REQUIRED_PKG."
- sudo apt-get --yes install $REQUIRED_PKG
- fi
- done
- #collect data about disk type:
- disk_type=$(smartctl -a /dev/$1 | grep -i "Rotation Rate:" | cut -d':' -f2 | tr -d " ")
- #store if the disk is an ssd:
- if [[ $disk_type == *"SolidStateDevice"* ]]; then
- disk_ssd=1
- # echo "disk is ssd"
- elif [[ $disk_type == *"rpm"* ]]; then
- disk_ssd=0
- # echo "disk is not ssd"
- else
- echo "disk type unknown, exiting"
- exit
- fi
- #check for disk errors, differntiating by device type since smart output is different between sata and sas drives:
- if smartctl -a /dev/$1 | grep -q "SATA"; then
- #echo "Type of disk: SATA"
- if smartctl -a /dev/$1 | grep -q "No Errors Logged"; then
- echo "SATA no errors, conitnuing"
- else
- sata_model=$(smartctl -a /dev/$1 | grep -i "Device Model:" | cut -d':' -f2 | tr -d " ")
- sata_serial=$(smartctl -a /dev/$1 | grep -i "Serial number:" | cut -d':' -f2 | tr -d " ")
- echo "!!! ERRORS !!!"
- echo "SATA errors, aborting!!!"
- echo "NO WIPING NEEDED, JUST DESTROY THE DISK MECHANICALLY"
- echo "!!! EXITING !!!"
- echo ""
- echo "Model: $sata_model"
- echo "Serial: $sata_serial"
- exit
- fi
- elif smartctl -a /dev/$1 | grep -q "SAS"; then
- #echo "Type of disk: SAS"
- sas_errors=$(smartctl -a /dev/$1 | grep "Elements in grown defect list" | cut -d':' -f2 | tr -d " ")
- if [ "$sas_errors" -gt 0 ]; then
- sas_vendor=$(smartctl -a /dev/$1 | grep -i "Vendor:" | cut -d':' -f2 | tr -d " ")
- sas_model=$(smartctl -a /dev/$1 | grep -i "Product:" | cut -d':' -f2 | tr -d " ")
- sas_serial=$(smartctl -a /dev/$1 | grep -i "Serial number:" | cut -d':' -f2 | tr -d " ")
- echo "!!! ERRORS !!!"
- echo "Elements in grown defect list: " $sas_errors
- echo "NO WIPING NEEDED, JUST DESTROY THE DISK MECHANICALLY"
- echo "!!! EXITING !!!"
- echo ""
- echo "Vendor: $sas_vendor"
- echo "Model: $sas_model"
- echo "Serial: $sas_serial"
- exit
- else
- echo "SAS no errors, continuing"
- fi
- else
- echo "the disk type is none of the expected ones, exiting"
- exit
- fi
- #warning if is an ssd
- if [ "$disk_ssd" -eq 1 ]; then
- echo "WARNING, DISK IS AN SSD, Remember that sectors are reallocated thus unwanted data might remain on the sectors"
- #TODO: ATA Secure erase? https://grok.lsu.edu/article.aspx?articleid=16716
- fi
- #calculate disk bytes:
- disk_blocks=$(cat /proc/partitions | grep -w $1 | tr -s ' ' | cut -d " " -f4);
- disk_bytes=$(( 1024*disk_blocks ))
- #wipe:
- #see: https://serverfault.com/questions/6440/is-there-an-alternative-to-dev-urandom
- echo "wiping $1"
- for r_pass in $(seq 1 $random_pass); do
- echo "random pass $r_pass of $random_pass :"
- openssl enc -pbkdf2 -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt </dev/zero | pv --progress --eta --rate --bytes --size $disk_bytes | dd of=/dev/$1 bs=2M oflag=direct iflag=fullblock
- done
- for z_pass in $(seq 1 $zeroing_pass); do
- echo "zeroing pass $z_pass of $zeroing_pass :"
- dd if=/dev/zero | pv --progress --eta --rate --bytes --size $disk_bytes | dd of=/dev/$1 bs=2M oflag=direct iflag=fullblock
- done
- echo "!!! FINISHED wiping $1 !!!"
|