dm-linear like target which provides discard, but replaces it with write of random data to a discarded region. Thus, discarded data is securely deleted. Because of abstract nature it could support many file-systems which support discard (such as ext3, ext4, xfs, btrfs).
Create mapped device with
secdelsetup tool. Make sure file-system is mounted
from that device and not from underlying device. Make sure file-system is
-o discard option. Do not enable data journaling (such as
-o data=journal do not enable it). Note, that when you
rm files discard
and, thus, erasing will go asynchronously, so, to make sure data is already
sync or mount file-system with
-o sync option before
If you wish that filenames are wiped too - delete directory itself, so its
blocks are discarded and erased. If you issue
fstrim all free blocks of
file-system will be discarded and thus erased too (make sure that file-system
is still mounted with
-o discard though.)
secdelsetup /dev/sda5 [/dev/mapper/secdel5]
- will map
secdel5. Then, file-system on
secdel5should be mounted with
secdeltab --all or secdeltab --list
- show current maps.
- save current maps to
/etc/secdeltabwhich will be automatically activated after reboot (by
- detach all active maps.
Based on the code of
dm-linear from Linux kernel of their respective authors.
(C) 2018 email@example.com; License GPLv2.