From da7cf3670fe60301beeb175ff6c284b737d5b7f4 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Tue, 23 Jun 2009 15:53:21 +0100
Subject: Added 'scrub-*' commands for securely scrubbing filesystems.

---
 daemon/Makefile.am |   1 +
 daemon/scrub.c     | 114 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 115 insertions(+)
 create mode 100644 daemon/scrub.c

(limited to 'daemon')

diff --git a/daemon/Makefile.am b/daemon/Makefile.am
index 7ef2a6b8..c84a563b 100644
--- a/daemon/Makefile.am
+++ b/daemon/Makefile.am
@@ -46,6 +46,7 @@ guestfsd_SOURCES = \
 	ntfs.c \
 	pingdaemon.c \
 	proto.c \
+	scrub.c \
 	sfdisk.c \
 	sleep.c \
 	stat.c \
diff --git a/daemon/scrub.c b/daemon/scrub.c
new file mode 100644
index 00000000..9b6d49df
--- /dev/null
+++ b/daemon/scrub.c
@@ -0,0 +1,114 @@
+/* libguestfs - the guestfsd daemon
+ * Copyright (C) 2009 Red Hat Inc. 
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+#include "daemon.h"
+#include "actions.h"
+
+int
+do_scrub_device (char *device)
+{
+  char *err;
+  int r;
+
+  IS_DEVICE (device, -1);
+
+  r = command (NULL, &err, "scrub", device, NULL);
+  if (r == -1) {
+    reply_with_error ("scrub_device: %s: %s", device, err);
+    free (err);
+    return -1;
+  }
+
+  free (err);
+
+  return 0;
+}
+
+int
+do_scrub_file (char *file)
+{
+  char *buf;
+  int len;
+  char *err;
+  int r;
+
+  NEED_ROOT (-1);
+  ABS_PATH (file, -1);
+
+  /* Make the path relative to /sysroot. */
+  len = strlen (file) + 9;
+  buf = malloc (len);
+  if (!buf) {
+    reply_with_perror ("malloc");
+    return -1;
+  }
+  snprintf (buf, len, "/sysroot%s", file);
+
+  r = command (NULL, &err, "scrub", "-r", buf, NULL);
+  free (buf);
+  if (r == -1) {
+    reply_with_error ("scrub_file: %s: %s", file, err);
+    free (err);
+    return -1;
+  }
+
+  free (err);
+
+  return 0;
+}
+
+int
+do_scrub_freespace (char *dir)
+{
+  char *buf;
+  int len;
+  char *err;
+  int r;
+
+  NEED_ROOT (-1);
+  ABS_PATH (dir, -1);
+
+  /* Make the path relative to /sysroot. */
+  len = strlen (dir) + 9;
+  buf = malloc (len);
+  if (!buf) {
+    reply_with_perror ("malloc");
+    return -1;
+  }
+  snprintf (buf, len, "/sysroot%s", dir);
+
+  r = command (NULL, &err, "scrub", "-X", buf, NULL);
+  free (buf);
+  if (r == -1) {
+    reply_with_error ("scrub_freespace: %s: %s", dir, err);
+    free (err);
+    return -1;
+  }
+
+  free (err);
+
+  return 0;
+}
-- 
cgit