Unusual Question

Heikki Lindholm holindho at saunalahti.fi
Fri Jul 14 08:30:39 UTC 2017


On 14.07.2017 09:11, Doug Hardie wrote:
> 
>> On 13 July 2017, at 21:44, David Christensen <dpchrist at holgerdanske.com> wrote:
>>
>> On 07/09/17 02:57, Doug Hardie wrote:
>>> I have a FreeBSD 9.3 remote server that needs to be purged.  I know that rm -rf / will remove all the directory entries, but I need to write over the drive.  I thought that dd if=/dev/zero of=/dev/ada0 might do the trick, but it gives an not permitted error.  The whole thing can crash and burn at the end.  This is an unmanned site so moving drives is not viable.
>>
>> If the machine has BIOS and the system drive isn't too large, write an assembly program that fits into the MBR bootstrap code area to wipe the rest of the drive, assemble the program, write it into the MBR, and reboot.
>>
>>
>> Bonus: the program deletes the MBR when done wiping the rest of the drive.
> 
> Neat idea, but I have a number of these systems and they all use different disk drives.  That would be a lot of work writing drivers for each type.

I tried clearing the root partition of fbsd 11 under virtualbox. The 
root was 3 gigabytes and ZFS format. The process was to disable 
services, disable swap and make a script that does a sync, sleep and the 
whole disk dd, and then disable sshd and run the script.

I then did an ACPI shutdown after waiting enough time for the dd to 
complete. I thought it would show what the kernel could still flush to 
disk after the dd. The outcome was that there was about 700k data left 
on the device. I think something should be done to ZFS ARC to make this 
work better. The kernel did not crash because of the dd.

---- The steps I took in more detail ----
* remove GEOM MBR protection
  # sysctl kern.geom.debugflags=0x10
* test disk access
  # dd if=/dev/ada0 of=mbr bs=512 count=1
  # dd if=mbr of=/dev/ada0 bs=512 count=1
* list services
  # service -e
* stop services (just an example; check with ps -A)
  # service mixer stop
  # service cron stop
  # service sendmail stop
  # service ntpd stop
  # service dmesg stop
  # service savecore stop
  # service syslogd stop
* disable swap
  # swapoff /dev/ada0p2
  # swapctl -l
* make selfdestruct script
  # cat selfdestruct.sh
#!/bin/csh
sync
sleep 10s
nohup dd if=/dev/zero of=/dev/ada0 bs=20m > & /dev/null < /dev/zero &
* run script
  # ./selfdestruct.sh
* kill sshd
  # service sshd stop



More information about the freebsd-questions mailing list