wipefreespace

wipefreespace(1) General Commands Manual wipefreespace(1)

NAME

   WipeFreeSpace - Secure cleaning of free space on filesystems.

SYNOPSIS

   wipefreespace [options] /dev/XY ...

DESCRIPTION

   The  WipeFreeSpace  program securely cleans the free space and undelete data on the given ext2/3/4, NTFS, XFS, ReiserFSv3/4, FAT12/16/32, MinixFSv1/2, JFS, HFS+ and OCFS file systems.
   Write permissions are required for the devices (or regular files containing the file system), but the program MUST NOT be setuid(root).

   Each given filesystem is wiped ONLY ONCE, no matter how many times it appears on the command line.  WipeFreeSpace also works for file systems created inside regular files on any  host
   file system.

   WipeFreeSpace wipes the following things (when supported by the backing library):

   - free space (space in unused blocks/clusters)

   - free space in partially used blocks (also called the "slack space")

   - deleted files' names and other data that can be used to undelete a file (like the journal)

   WipeFreeSpace does NOT decrease the amount of available free space when working.

   To perform a command after wiping (like sending e-mail), simply run a program after WipeFreeSpace is finished, for example:

        wipefreespace [options] /dev/XY; mail [options]

   or in a script:

        #!/bin/bash

        wipefreespace [options] /dev/XY

        mail [options]

   To run WipeFreeSpace with a higher or lower priority, simply use the "renice" utility, for example:

        renice +1 $(pidof wipefreespace)

OPTIONS

   Any option affects all filesystems given on the command line, not just the ones following it.

   --all-zeros
          Use only zeros for wiping.

   --background
          Continue work in the background, if possible. This disables verose mode.

   -b|--superblock OFFSET
          Superblock offset on the given filesystems

   -B|--blocksize SIZE
          Block size on the given filesystems

   -f|--force
          Wipe even if the file system has errors

   -h|--help
          Print help

   --last-zero
          Perform additional wiping with zeros

   -l|--license
          Print license information

   -n|--iterations NNN
          Number of passes (greater than 0)

   --method NAME
          Use the given method for wiping (read below).

   --nopart
          Do NOT wipe free space in partially used blocks.

   --nounrm
          Do NOT wipe undelete information

   --nowfs
          Do NOT wipe free space on file system

   --no-wipe-zero-blocks
          Do  NOT  wipe  all-zero blocks on file system (useful for virtual/sparse devices, where empty areas are read as all-zeros and do not take physical space unless actually written
          to).

   --order TYPE
          Use the given order for wiping (read below).

   --use-dedicated
          Use the program dedicated for the given filesystem type if supported. Fallback to WipeFreeSpace if unsupported (currently, only 'ntfswipe' is supported)

   --use-ioctl
          Disable device caching during work (can be DANGEROUS)

   -v|--verbose
          Verbose output. Use twice for more. This also enables progress bars, but be warned: these may not always be accurate or increase at a constant rate.

   -V|--version
          Print version number

WIPING METHODS

   The following method names (case-insensitive) are available:

   Gutmann   - method similar to Gutmann's, the default, 36 passes

   random    - shred-like, 25 passes

   schneier  - Shneier's method, 7 passes, contains ITSG-06

   dod       - DoD, 3 passes, contains NAVSO P-5239-26 and German Federal Office for Information Security

WIPING ORDERS

   WipeFreeSpace supports two wiping orders:

   block     - wipe block by block with all patterns and flush the overwriting data to disk after each pattern (so, each block waits to be wiped until the previous one is done)

   pattern   - wipe the whole filesystem with each pattern (all blocks with the first pattern, then all blocks with the second pattern, and so on), and flushing the overwriting  data  to
             disk after each pattern. This is the default

DIAGNOSTICS

   The program returns with 0 exit code if everything went fine. If there were errors, the program exits with non-zero exit code:

   1:     Only version number, help or licence information was requested and printed, no action.

   -1:    Bad/missing command line syntax.

   -2:    Unable to check if the file system is mounted. Cannot continue.

   -3:    The file system was mounted in read-write mode. Cannot continue.

   -4:    Unable to open the file system.

   -5:    Unable to read block bitmap from the file system (thus, unable to determine, which blocks are unused).

   -6:    Memory allocation failed.

   -7:    The file system contained errors and the option --force was not given.

   -8:    Closing the file system failed.

   -9:    Opening i-node scan failed. Thus, the program was unable to wipe free space in partially used blocks.

   -10:   Iterating over blocks failed. Thus, the program was unable to wipe free space in partially used blocks.

   -11:   I-node read failed. Some undelete data may not have been removed.

   -12:   Directory iterating failed. Thus, the program was unable to remove some of (maybe all) undelete data.

   -13:   The program found out that it has the suid permission bit set and the owner is root. Read the first chapter of the info documentation for an explanation and a solution.

   -14:   Flushing the changes to the filesystem failed.

   -15:   Block writing failed.

   -16:   Failed to open an attribute (mostly on NTFS).

   -17:   Failed runlist on NTFS.

   -18:   Getting name failed.

   -19:   Context error (NTFS).

   -20:   Bad parameter was passed to one of the functions.

   -21:   Pipe error (mostly XFS).

   -22:   Fork error (XFS or ReiserFSv3).

   -23:   Exec error (XFS).

   -24:   Seek error (mostly ReiserFSv4).

   -25:   Block reading failed.

   -26:   I/O control command (ioctl) failed.

   -100:  A signal was caught and the program was forced to exit.

NOTES

   Only the last error is returned. If the last file system was wiped successfully, but the previous weren't, the last error will be returned, but not the previous ones.

   It is best to use this program on un-mounted file systems, which makes sure the journal is committed and there aren't any concurrent modifications.

AUTHOR

   Bogdan 'bogdro' Drozdowski,

   bogdro (at) users . sourceforge . net

   bogdro-soft (at) gmx . com

   https://wipefreespace.sourceforge.io

THANKS

   Theodore Ts'o, for the great ext2fs library and e2fsprogs.

   The linux-ntfs team for their research on NTFS and a great programming library.

   Colin Plumb, for the great 'shred' program, parts of which are used here.

   Patrick R. McDonald 'marlowe' (www.antagonism.org) - for bug reports, testing and promoting WipeFreeSpace.

   Mark Lord (mlord@pobox.com) for the great hdparm utility.

   knightray@gmail.com for The Tiny FAT FS library (on LGPL).

   Gregory Grosse - for bug reports and testing WipeFreeSpace.

   Travis CI (https://www.travis-ci.com/) for providing build environments.

   GitHub (https://github.com/) for providing code versioning, security tests, build environments and integration with Travis CI.