SitefinderOracle and Sun
Secure Search

BigAdmin System Administration Portal
Community-Submitted Tech Tip
Print-friendly VersionPrint-friendly Version
This content is submitted by a BigAdmin user. It has not been reviewed for technical accuracy by Sun Microsystems, though it may have been lightly edited to improve readability. If you find an error or would like to comment on the article, please contact the submitter or use the comment field at the bottom of the article. Community submissions may not follow Sun trademark guidelines. For information on Sun trademarks, please see http://www.sun.com/suntrademarks/.
 
 

A Simple Way to Wipe Multiple Disks Using the Solaris OS

Eric Straavaldsen, April 2007


Introduction

This tech tip provides two procedures to securely wipe large numbers of disks when you are running the Solaris Operating System.

The Trusted Solaris disk wiping guidelines provide a simple procedure for wiping disks. However, I found that it takes so long to wipe a disk, that it can be painful to implement the procedure on 143-Gbyte disks. Even implementing the procedure on two boot disks can be quite a chore.

But a feature of the format command allows you to automate the wiping process, so you can set up the process once and then direct the system to wipe all the disks you want without further intervention.

Note: The following procedures have been tried only on Solaris 8 and 10 boot CDs on the following SPARC systems:

  • Sun Fire 280R server
  • Sun Enterprise 250, 450, and 420R servers
  • Sun Blade 100/150 workstation
  • Ultra 60/80 workstation
  • Sun Enterprise E5500 server with an attached Sun StorEdge D1000 array (although the Sun Enterprise E4500 is the same as the Sun Enterprise E5500 without the rack frame, so the process should work on a Sun Enterprise E4500 also)

Creating a File to Use as Input to the format Command

You can use this procedure to wipe two boots disks. If you need to wipe more than two disks, or you want to use a shell script to further automate the process, see the next procedure: Using a Script to Further Automate the Process.

1. First, create a file that contains contents similar to the following example, which will wipe two boot disks. 

disk
0
defect
primary
quit
analyze
purge
quit
defect
both
quit
analyze
purge
quit
disk
1
defect
primary
quit
analyze
purge
quit
defect
both
quit
analyze
purge
quit

It will take a very long time to run the file. Consider doing it over a weekend.

Alternatively, you could create the following file instead. This file will take less time to wipe two disks, but it will miss items on the defect list:

Caution: Using the following file might expose some sensitive data. So be aware of the risk.

disk
0
analyze
purge
quit
disk
1
analyze
purge
quit

2. Then simply use the following command, which instructs format to use the file you created as a set of commands. Using this command lets you ignore the system until all the listed disks are wiped. 

format -f <path_to_file>

Using a Script to Further Automate the Process

Since I rapidly got tired of creating files to wipe boot drives, I worked out the following script, which can be run from the command line of a Solaris boot CD or DVD.

Caution:

  • With the Solaris 10 Operating system, remember to unhook your SAN before running the script unless you want to wipe each path you can see to the SAN volumes. I primarily use this script only for local disks and single-pathed disks.
  • The following script might expose some sensitive data. So be aware of the risk.
/bin/ksh
touch /tmp/wipescript
DISKS=`prtconf | grep sd,\ instance | grep -v "driver not attached" | wc -l`
DISKS=$(($DISKS-2))

while [ $DISKS -ge 0 ]
do
  echo disk >> /tmp/wipescript
  echo $DISKS >> /tmp/wipescript
  echo analyze >> /tmp/wipescript
  echo purge >> /tmp/wipescript
  echo quit >> /tmp/wipescript
  DISKS=$(($DISKS-1))
done

Alternatively, if you want a more secure version of the script that takes longer but does a more complete cleaning of the disk, use the following script instead:

/bin/ksh
touch /tmp/wipescript
DISKS=`prtconf | grep sd,\ instance | grep -v "driver not attached" | wc -l`
DISKS=$(($DISKS-2))

while [ $DISKS -ge 0 ]
do
  echo disk >> /tmp/wipescript
  echo $DISKS >> /tmp/wipescript
  defect >> /tmp/wipescript
  primary >> /tmp/wipescript
  quit >> /tmp/wipescript
  analyze >> /tmp/wipescript
  purge >> /tmp/wipescript
  quit >> /tmp/wipescript
  defect >> /tmp/wipescript
  both >> /tmp/wipescript
  quit >> /tmp/wipescript
  analyze >> /tmp/wipescript
  purge >> /tmp/wipescript
  quit >> /tmp/wipescript
  disk >> /tmp/wipescript
  DISKS=$(($DISKS-1))
done
format -f /tmp/wipescript

Unless otherwise licensed, code in all technical manuals herein (including articles, FAQs, samples) is provided under this License.


BigAdmin
  
»  Search the HCL
 
BigAdmin Solaris 10 Survey
BigAdmin Subscriptions
BigAdmin Areas
BigAdmin Sun Center
BigAdmin Topics
 
Oracle - The Information Company
About Oracle | Oracle and Sun | Oracle RSS Feeds | Subscribe | Careers | Contact Us | Site Maps | Legal Notices | Terms of Use | Your Privacy Rights