diff options
| author | Richard W.M. Jones <rjones@redhat.com> | 2009-06-23 15:53:21 +0100 |
|---|---|---|
| committer | Richard W.M. Jones <rjones@redhat.com> | 2009-06-23 15:53:21 +0100 |
| commit | da7cf3670fe60301beeb175ff6c284b737d5b7f4 (patch) | |
| tree | 0ba5fd77eee61373ab500d46740a3aa4eb5571c2 /src | |
| parent | 69a481362c20b0ac3985d3003a0078a349ace0a2 (diff) | |
| download | libguestfs-da7cf3670fe60301beeb175ff6c284b737d5b7f4.tar.gz libguestfs-da7cf3670fe60301beeb175ff6c284b737d5b7f4.tar.xz libguestfs-da7cf3670fe60301beeb175ff6c284b737d5b7f4.zip | |
Added 'scrub-*' commands for securely scrubbing filesystems.
Diffstat (limited to 'src')
| -rwxr-xr-x | src/generator.ml | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/src/generator.ml b/src/generator.ml index f8e3934f..f1a9a45f 100755 --- a/src/generator.ml +++ b/src/generator.ml @@ -1982,7 +1982,9 @@ This command writes zeroes over the first few blocks of C<device>. How many blocks are zeroed isn't specified (but it's I<not> enough to securely wipe the device). It should be sufficient to remove -any partition tables, filesystem superblocks and so on."); +any partition tables, filesystem superblocks and so on. + +See also: C<guestfs_scrub_device>."); ("grub_install", (RErr, [String "root"; String "device"]), 86, [], [InitBasicFS, Always, TestOutputTrue ( @@ -2402,6 +2404,44 @@ It is just a wrapper around the C L<glob(3)> function with flags C<GLOB_MARK|GLOB_BRACE>. See that manual page for more details."); + ("scrub_device", (RErr, [String "device"]), 114, [DangerWillRobinson], + [InitNone, Always, TestRun ( (* use /dev/sdc because it's smaller *) + [["scrub_device"; "/dev/sdc"]])], + "scrub (securely wipe) a device", + "\ +This command writes patterns over C<device> to make data retrieval +more difficult. + +It is an interface to the L<scrub(1)> program. See that +manual page for more details."); + + ("scrub_file", (RErr, [String "file"]), 115, [], + [InitBasicFS, Always, TestRun ( + [["write_file"; "/file"; "content"; "0"]; + ["scrub_file"; "/file"]])], + "scrub (securely wipe) a file", + "\ +This command writes patterns over a file to make data retrieval +more difficult. + +The file is I<removed> after scrubbing. + +It is an interface to the L<scrub(1)> program. See that +manual page for more details."); + + ("scrub_freespace", (RErr, [String "dir"]), 116, [], + [], (* XXX needs testing *) + "scrub (securely wipe) free space", + "\ +This command creates the directory C<dir> and then fills it +with files until the filesystem is full, and scrubs the files +as for C<guestfs_scrub_file>, and deletes them. +The intention is to scrub any free space on the partition +containing C<dir>. + +It is an interface to the L<scrub(1)> program. See that +manual page for more details."); + ] let all_functions = non_daemon_functions @ daemon_functions |