{"id":1867,"date":"2021-07-22T09:35:53","date_gmt":"2021-07-22T01:35:53","guid":{"rendered":"https:\/\/ramfree17.net\/capsule\/?p=1867"},"modified":"2021-07-22T09:35:53","modified_gmt":"2021-07-22T01:35:53","slug":"tipjar-quickly-wipe-a-file-in-a-linux-shell","status":"publish","type":"post","link":"https:\/\/ramfree17.net\/capsule\/?p=1867","title":{"rendered":"[TipJar] Quickly wipe a file in a Linux shell"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/lh6.googleusercontent.com\/-UMgEp9yYwOE\/SvpQKrjhjLI\/AAAAAAAAEEk\/8kNplkB1gK4\/s800\/tipjar.jpg\" \/><\/p>\n<p>No time to read through contexts? Jump to the <a href=\"#tldr\">TL;DR;<\/a> section.<\/p>\n<p>There are use cases that require the secure wiping or deletion of files. There are already a lot of available utilities available in most modern distributions such as srm, swipe, etc. These however entail installing an additional package which is fine for work machines. The use case I had is to securely delete a transient file after it was generated and used in a Continuous Integration server. Installing the secure-delete package is trivial but a base Linux system already has the tool that can do the job: dd<\/p>\n<p><!--more--><\/p>\n<p><a name=\"tldr\">TL;DR Version<\/a><\/p>\n<p>Gist:  get the byte count of the file, overwrite the file with zeroes and then delete it.<\/p>\n<p><code><br \/>\n$ targetfile=\/tmp\/confidentialfile<br \/>\n$ dd if=\/dev\/zero of=$targetfile bs=1 count=$(wc -c $targetfile | cut -f1 -d' ')<br \/>\n<\/code><\/p>\n<p>The file can optionally be deleted. This is being done in a linux build agent node so it was not necessary for this use case. Below is a sample execution in a local machine which gets the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Inode#POSIX_inode_description\" rel=\"noopener\" target=\"_blank\">inode<\/a> of the file before and after deletion.<\/p>\n<p><code><br \/>\n $ info bash -o - > confidential-file<br \/>\n $ wc -c confidential-file<br \/>\n342130 confidential-file<\/p>\n<p> $ targetfile=confidential-file<br \/>\n $ stat $targetfile<br \/>\n  File: confidential-file<br \/>\n  Size: 342130          Blocks: 672        IO Block: 4096   regular file<br \/>\nDevice: fd00h\/64768d    Inode: 786462      Links: 1<br \/>\nAccess: (0664\/-rw-rw-r--)  Uid: ( 1000\/ vagrant)   Gid: ( 1000\/ vagrant)<br \/>\nAccess: 2021-07-22 09:29:29.803217204 +0800<br \/>\nModify: 2021-07-22 09:29:29.971133216 +0800<br \/>\nChange: 2021-07-22 09:29:29.971133216 +0800<br \/>\n Birth: 2021-07-22 09:29:29.803217204 +0800<\/p>\n<p> $ dd if=\/dev\/zero of=$targetfile bs=1 count=$(wc -c $targetfile | cut -f1 -d' ')<br \/>\n342130+0 records in<br \/>\n342130+0 records out<br \/>\n342130 bytes (342 kB, 334 KiB) copied, 0.414331 s, 826 kB\/s<\/p>\n<p> $ stat $targetfile<br \/>\n  File: confidential-file<br \/>\n  Size: 342130          Blocks: 672        IO Block: 4096   regular file<br \/>\nDevice: fd00h\/64768d    Inode: 786462      Links: 1<br \/>\nAccess: (0664\/-rw-rw-r--)  Uid: ( 1000\/ vagrant)   Gid: ( 1000\/ vagrant)<br \/>\nAccess: 2021-07-22 09:29:29.803217204 +0800<br \/>\nModify: 2021-07-22 09:30:50.454876216 +0800<br \/>\nChange: 2021-07-22 09:30:50.454876216 +0800<br \/>\n Birth: 2021-07-22 09:29:29.803217204 +0800<br \/>\n<\/code> <\/p>\n","protected":false},"excerpt":{"rendered":"<p>No time to read through contexts? Jump to the TL;DR; section. There are use cases that require the secure wiping or deletion of files. There are already a lot of available utilities available in most modern distributions such as srm, swipe, etc. These however entail installing an additional package which is fine for work machines. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12,7],"tags":[84,129,142],"class_list":["post-1867","post","type-post","status-publish","format-standard","hentry","category-floss","category-tipjar","tag-linux","tag-scripting","tag-tipjar"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/ramfree17.net\/capsule\/index.php?rest_route=\/wp\/v2\/posts\/1867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ramfree17.net\/capsule\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ramfree17.net\/capsule\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ramfree17.net\/capsule\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ramfree17.net\/capsule\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1867"}],"version-history":[{"count":0,"href":"https:\/\/ramfree17.net\/capsule\/index.php?rest_route=\/wp\/v2\/posts\/1867\/revisions"}],"wp:attachment":[{"href":"https:\/\/ramfree17.net\/capsule\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ramfree17.net\/capsule\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ramfree17.net\/capsule\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}