dotfiles/scripts/.local/bin/erase-disk.sh
2022-03-06 16:52:37 +01:00

68 lines
1.7 KiB
Bash
Executable file

#!/usr/bin/env dash
# USAGE: erase-disk.sh <passes> <device>
# Must be run as root
usage() {
echo "Usage: erase-disk.sh PASSES DEVICE"
echo "Securely erase DEVICE with PASSES passes"
echo
echo "Flags:"
echo " -h, --help \t\tDisplay this help message"
echo " -c, --crypt-prep \tPrepare DEVICE for encryption"
echo
echo "Options (must come after flags):"
echo " DEVICE \t\tThe device to erase"
echo " PASSES \t\tHow many times to erase DEVICE"
echo
echo "This script will securely erase a disk device with the specified amount"
echo "of passes (rounds). It does so by overwriting the specified device with"
echo "random data on the first pass, and with zeroes on the other passes."
echo "Due to the nature of disk device access permissions, the script must"
echo "be run as root."
echo
echo "erase-disk.sh is licensed under The Unlicense."
}
CRYPT=0
[ "$1" = "-h" -o "$1" = "--help" ] && usage && exit 0
[ "$1" = "-c" -o "$1" = "--crypt-prep" ] && CRYPT=1 && shift
if [ $# -lt 2 ]; then
echo "=> ERROR: Not enough options!"
echo
usage
exit 1
elif [ $# -gt 2 ]; then
echo "=> ERROR: Too many options!"
echo
usage
exit 1
elif [ $(id -u) -ne 0 ]; then
echo "=> ERROR: Must run as root!"
echo
usage
exit 1
fi
echo "=> Securely erasing the disk device $2"
i=1
while [ $i -le $1 ]; do
[ $i -eq 1 ] && if="/dev/urandom" || if="/dev/zero"
[ $CRYPT -eq 1 -a $i -eq $1 ] && if="/dev/urandom"
echo "\n -> Begin pass $i with $if"
dd if="$if" of="$2" status="progress"
echo "\n -> Syncing I/O"
sync
i=$(( i + 1 ))
done
echo -n "\n=> Done! $2 securely erased"
[ $CRYPT -eq 1 ] && echo -n " and prepared for encryption"
echo "."