meyerast/DECSEraser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
18011e8865caa4a6fd315c9597b8e39066c7719a
DECSEraser/erase_drive.sh
T

740 lines
28 KiB
Bash
Raw Blame History

#!/bin/bash
#!/usr/bin/env bash
start_time="$(date '+%Y-%m-%d_%H.%M.%S')"
logdir=/tmp
log="$logdir"/log_"$start_time".log
log_x="$logdir"/log_x_"$start_time".log
exec 3>&1 1>>"$log_x" 2>&1
set -x
print="false"
offline="false"
while getopts ":p:o" opt; do
case ${opt} in
p ) print="true" ;;
o ) offline="true" ;;
\? ) echo "Invalid option: -$OPTARG" ;;
: ) echo "Option -$OPTARG requires an argument." ;;
esac
done
loginput() {
echo "$*" >&3;
echo "[INPUT] $(date '+%H:%M:%S') $*" >> "$log";
}
logresponse() {
echo "[RESPONSE] $(date '+%H:%M:%S') $*" >> "$log";
}
loginfo() {
echo "$*" >&3;
echo "[INFO] $(date '+%H:%M:%S') $*" >> "$log";
}
logwarn() {
echo "$*" >&3;
echo "[WARNING] $(date '+%H:%M:%S') $*" >> "$log";
}
logerror() {
echo "$*" >&3;
echo "[ERROR] $(date '+%H:%M:%S') $*" >> "$log";
}
confirm_message () {
local typed=
while [[ ! $typed = "$2" ]];
do
loginput "$1"
read -r typed
logresponse "$typed"
done
}
# shellcheck disable=SC2329
catch_sigint () {
logwarn "Signal Interrupt initiated. Stopping script."
cleanup
kill -INT "$$"
}
# shellcheck disable=SC2329
catch_exit () {
cleanup
kill -INT "$$"
}
# shellcheck disable=SC2329
cleanup () {
loginfo "Cleaning up."
pcie_disable
loginfo "Unmounting drives."
exec 1>/dev/null 2>&1
if [[ ! $offline = "true" ]];
then
umount "/mnt/reinstallbackups"
umount "/mnt/decs"
fi
umount /mnt/"$ticket_number"
rm /tmp/"$ticket_number"/SOFTWARE
rm /tmp/"$ticket_number"/SYSTEM
trap - EXIT
trap - INT
}
trap catch_sigint SIGINT
trap catch_exit EXIT
get_netid () {
netid=
while [[ $netid =~ ^\s*$ ]];
do
loginput "Enter account netid: "
read -r netid
logresponse "$netid"
if [[ $netid =~ ^\s*$ ]];
then
logwarn "Your netid cannot be blank."
else
local ret_value=$(kinit "$netid"@EGR.MSU.EDU >&3; echo $?)
if [[ ! $ret_value = "0" ]]
then
kdestroy
netid=
logwarn "Error when authenticating netid $netid."
else
clear
loginfo "Authenticated as user $netid."
fi
fi
done
}
get_ticket () {
ticket_number=
loginput "Enter ticket number: "
read -r ticket_number
logresponse "$ticket_number"
if [[ ! $ticket_number =~ ^\s*$ ]];
then
if [[ ! $offline = "true" ]];
then
mkdir -p /mnt/reinstallbackups
if ! mount -t cifs -o user="$netid",sec=krb5i "//reinstallbackups/reinstallbackups" /mnt/reinstallbackups
then
logwarn "Failed to mount reinstallbackups, cannot check ticket status."
else
if ! ls /mnt/reinstallbackups | grep -q -E "^$ticket_number"
then
logwarn "Backup does not exist in //reinstallbackups/reinstallbackups/$ticket_number!"
fi
umount /mnt/reinstallbackups
fi
fi
else
ticket_number="UNKNWN"
logwarn "Starting with no ticket number specified."
logwarn "Cannot check for backup in //reinstallbackups/reinstallbackups."
fi
}
mount_remote () {
mkdir -p /mnt/decs
if mount -t cifs -o user="$netid",sec=krb5i "//decs/decs/support/dban_logs" /mnt/decs
then
if ! mkdir -p /mnt/decs/"$ticket_number"; then
logerror "Insufficient permissions to write in //decs/decs/support/dban_logs"
exit
else
logdir=/mnt/decs/"$ticket_number"
cp "$log" "$logdir"/log_"$ticket_number"_"$start_time".log
cp "$log_x" "$logdir"/log_x_"$ticket_number"_"$start_time".log
log="$logdir"/log_"$ticket_number"_"$start_time".log
log_x="$logdir"/log_x_"$ticket_number"_"$start_time".log
exec 1>>"$log_x" 2>&1
set -x
fi
else
logerror "Failed to mount remote DECS drive. Stopping"
exit
fi
}
get_eraselevel () {
eraselevel=
loginput "What level of erase are you performing on the drive? (0 = baseline, 1 = secure erase, 2 = decommission):"
loginfo "Type 'help' for an explanation of each level."
read -r eraselevel
logresponse "$eraselevel"
while [[ ! $eraselevel = "0" ]] && [[ ! $eraselevel = "1" ]] && [[ ! $eraselevel = "2" ]];
do
echo "$eraselevel"
if [[ $eraselevel = "help" ]];
then
loginfo "Level 0 / Baseline: clears the partitions of the drive. Data can still be recovered but this is the optimal level for simple reuse."
loginfo "Level 1 / Secure Erase: HDD: Scrambles the data on the drive over 3 passes. SSD: Sends a signal to the drive to forget the encryption key, making it unreadrable."
loginfo "Level 2 / decommission: Scrambles the data on the drive over 7 passes. Afterward, put the drive in the bin near the Hardware office to have it destroyed."
else
logwarn "Invalid level, correct values can be 0, 1, or 2"
fi
read -r eraselevel
logresponse "$eraselevel"
done
}
get_devicetype () {
devicetype=
loginput "What is the device type? (0 = HDD_SATA, 1 = SSD_NVME, 2 = SSD_SATA):"
loginfo "Type 'help' for an explanation of each type."
read -r devicetype
logresponse "$devicetype"
while [[ ! $devicetype = "0" ]] && [[ ! $devicetype = "1" ]] && [[ ! $devicetype = "2" ]];
do
if [[ $devicetype = "help" ]];
then
loginfo "HDD_SATA: Spinning disk platters on a SATA connection. Typically 3.5 in or 2.5 in."
loginfo "SSD_SATA: Solid State drive on a SATA connection. Typically 2.5 in."
loginfo "SSD_NVME: Solid State drive on a M.2 connection. Looks like a small PCB."
else
logwarn "Invalid type, correct values can be 0 = HDD_SATA, 1 = SSD_NVME, 2 = SSD_SATA."
fi
read -r devicetype
logresponse "$devicetype"
done
case $devicetype in
"0")
devicetype="HDD_SATA"
;;
"1")
devicetype="SSD_NVME"
;;
"2")
devicetype="SSD_SATA"
;;
*)
logerror "Unspecified error when getting device."
exit
;;
esac
}
get_device () {
device=
echo "- - -" | sudo tee /sys/class/scsi_host/host*/scan >/dev/null
loginfo "Listing current attached devices..."
loginfo ""
if [[ $devicetype = "HDD_SATA" ]] || [[ $devicetype = "SSD_SATA" ]];
then
echo 1 | sudo tee /sys/class/block/sd?/device/rescan >/dev/null
loginfo "$(lsblk -o NAME,SIZE,MODEL,VENDOR,ROTA | grep -E '^NAME|sd[a-z]')"
elif [[ $devicetype = "SSD_NVME" ]];
then
pcie_enable
echo 1 | sudo tee /sys/class/block/nvme?/device/rescan >/dev/null
loginfo "$(lsblk -o NAME,SIZE,MODEL,VENDOR,ROTA | grep -E '^NAME|nvme[0-9]')"
fi
loginfo ""
loginput "Which is the device from this list? (Type 'help' for help.)"
while [[ $device =~ ^\s*$ ]];
do
read -r device
logresponse "$device"
while [[ ! $device =~ ^sd[a-z]$ ]] && [[ ! $device =~ ^nvme0n[0-9]$ ]];
do
if [[ $device = "help" ]];
then
loginfo "The UNIX filesystem thinks of storage devices as directories, which are under /dev/"
loginfo "If you have a SATA connection, you will be looking for sd{a-z}."
loginfo "If you have a NVME connection, you will be looking for nvme0n{0-9}."
else
logwarn "Invalid format, device should follow naming conventions. (i.e. sd{a-z}, nvme0n{0-9})"
fi
read -r device
logresponse "$device"
done
if [[ $devicetype = "HDD_SATA" ]] || [[ $devicetype = "SSD_SATA" ]];
then
if [[ $device =~ ^nvme0n[0-9]$ ]];
then
logwarn "Device was specified to be a SATA HDD or SSD, but a NVME device was chosen."
device=
fi
elif [[ $devicetype = "SSD_NVME" ]];
then
if [[ $device =~ ^sd[a-z]$ ]];
then
logwarn "Device was specified to be a NVME SSD, but a SATA device was chosen. Please ensure the device is plugged into the motherboard via PCIe slot and not SATA."
device=
fi
fi
if [ -e /dev/"$device" ];
then
if [[ $devicetype = "HDD_SATA" ]] || [[ $devicetype = "SSD_SATA" ]];
then
if [[ $devicetype = "HDD_SATA" ]] && [[ $(cat /sys/block/"$device"/queue/rotational) = "0" ]];
then
logwarn "Device was specified to be a SATA HDD, but a SATA SSD device was chosen."
device=
elif [[ $devicetype = "SSD_SATA" ]] && [[ $(cat /sys/block/"$device"/queue/rotational) = "1" ]];
then
logwarn "Device was specified to be a SATA SSD, but a SATA HDD device was chosen."
device=
else
loginfo "Picking device /dev/$device."
fi
fi
else
logwarn "/dev/$device does not exist, please ensure you are typing the device name correctly."
device=
fi
done
}
make_infolog () {
loginfo "Reading drive to create a log."
infolog="$logdir"/info_"$ticket_number"_"$start_time".log
{
echo "DETAILS"
echo "Start Time: $start_time"
echo "NetID: $netid"
echo "Ticket number: $ticket_number"
echo ""
echo "ERASE DETAILS"
echo "Type/Device: $devicetype : $device"
echo "Erase Level: $eraselevel"
echo ""
echo "DEVICE DETAILS"
lsblk -o NAME,LABEL,PARTLABEL,FSTYPE,SIZE,MODEL,VENDOR,UUID,SERIAL | grep "NAME\|$device"
echo ""
smartctl -i -A /dev/"$device"
echo ""
echo "PARTITION DETAILS"
echo "Count: $(lsblk -n -l -o TYPE /dev/"$device" | grep -c "part")"
} >> "$infolog"
if [[ ! "$(lsblk -n -l -o TYPE /dev/"$device" | grep -c "part")" = 0 ]];
then
local fstype=
for i in $(seq 1 "$(lsblk -n -l -o TYPE /dev/"$device" | grep -c "part")");
do
fstype=$(lsblk -n -o FSTYPE /dev/"$device""$i")
loginfo "Reading $device$i : $fstype."
echo "" >> "$infolog"
echo "$device$i : $fstype" >> "$infolog"
case $fstype in
"ext4"|"ext3"|"ext2"|"xfs"|"btrfs")
mkdir -p /mnt/"$ticket_number"
if mount -t "$fstype" /dev/"$device""$i" /mnt/"$ticket_number"
then
if find /mnt/"$ticket_number" -maxdepth 3 -ipath "*/etc/os-release" | grep "."
then
loginfo "Linux install detected on $device$i."
echo "Linux install detected on $device$i." >> "$infolog"
echo "" >> "$infolog"
{
echo "LINUX DETAILS"
cat "$(find /mnt/"$ticket_number" -maxdepth 3 -ipath "*/etc/os-release")"
echo "Hostname: $(cat "$(find /mnt/"$ticket_number" -maxdepth 3 -ipath "*/etc/hostname")")"
cat "$(find /mnt/"$ticket_number" -maxdepth 3 -ipath "*/etc/passwd")" | grep -E '.+:x:[0-9]{4,}:[0-9]{4,}:.+,,,.*' | sed -E 's/.+:x:[0-9]{4,}:[0-9]{4,}:(.+),,,.*/User: \1/'
echo ""
tree -r -a -t -L 1 -D "$(find /mnt/"$ticket_number" -maxdepth 3 -type d -ipath "*/home")"
echo ""
} >> "$infolog"
else
echo "Non Linux Unix partition detected on $device$i." >> "$infolog"
loginfo "Non Linux Unix partition detected on $device$i."
tree -a -L 2 -D /mnt/"$ticket_number" >> "$infolog"
fi
umount /mnt/"$ticket_number"
else
echo "Failed to mount $device$i." >> "$infolog"
logwarn "There was an issue mounting $device$i."
fi
;;
"zfs")
echo "zfs filesystem detected, this cannot be mounted." >> "$infolog"
logwarn "zfs filesystem detected on $device$i, this cannot be mounted."
;;
"ntfs")
mkdir -p /tmp/"$ticket_number"
mkdir -p /mnt/"$ticket_number"
if mount -t "$fstype" /dev/"$device""$i" /mnt/"$ticket_number"
then
if find /mnt/"$ticket_number" -maxdepth 3 -ipath "*System32/config" -not -ipath "*Windows.old*" | grep "."
then
winpath=$(find /mnt/"$ticket_number" -maxdepth 3 -ipath "*System32/config" -not -ipath "*Windows.old*")
loginfo "Windows install detected on $device$i."
echo "Windows install detected on $device$i." >> "$infolog"
echo "" >> "$infolog"
winsoftwarepath=$(find "$winpath" -maxdepth 2 -ipath "*System32/config/SOFTWARE" -not -ipath "*Windows.old*")
winsystempath=$(find "$winpath" -maxdepth 2 -ipath "*System32/config/SYSTEM" -not -ipath "*Windows.old*")
cp "$winsoftwarepath" /tmp/"$ticket_number"/SOFTWARE
cp "$winsystempath" /tmp/"$ticket_number"/SYSTEM
CurrentVersion=$(hivexregedit --export --unsafe-printable-strings --max-depth 1 --prefix \\HKEY_LOCAL_MACHINE\\SOFTWARE /tmp/"$ticket_number"/SOFTWARE '\Microsoft\Windows NT\CurrentVersion')
ComputerName=$(hivexregedit --export --unsafe-printable-strings --max-depth 1 --prefix \\HKEY_LOCAL_MACHINE\\SYSTEM /tmp/"$ticket_number"/SYSTEM '\ControlSet001\Control\ComputerName\ComputerName')
Parameters=$(hivexregedit --export --unsafe-printable-strings --max-depth 1 --prefix \\HKEY_LOCAL_MACHINE\\SYSTEM /tmp/"$ticket_number"/SYSTEM '\ControlSet001\Services\Tcpip\Parameters')
LogonUI=$(hivexregedit --export --unsafe-printable-strings --max-depth 1 --prefix \\HKEY_LOCAL_MACHINE\\SOFTWARE /tmp/"$ticket_number"/SOFTWARE '\Microsoft\Windows\CurrentVersion\Authentication\LogonUI')
ProfileList=$(hivexregedit --export --unsafe-printable-strings --max-depth 2 --prefix \\HKEY_LOCAL_MACHINE\\SOFTWARE /tmp/"$ticket_number"/SOFTWARE '\Microsoft\Windows NT\CurrentVersion\ProfileList')
{
echo "WINDOWS DETAILS"
echo ""
echo "$ComputerName" | grep -E '"ComputerName"=str\(1\):".+"' | sed -E 's/"ComputerName"=str\(1\):"(.+)"/Host Name: \1/'
echo "$CurrentVersion" | grep -E '"DisplayVersion"=str\(1\):".+"' | sed -E 's/"DisplayVersion"=str\(1\):"(.+)"/Windows Version: \1/'
echo "$CurrentVersion" | grep -E '"CurrentBuild"=str\(1\):".+"' | sed -E 's/"CurrentBuild"=str\(1\):"(.+)"/Current Build: \1/'
echo "$CurrentVersion" | grep -E '"EditionID"=str\(1\):".+"' | sed -E 's/"EditionID"=str\(1\):"(.+)"/Windows Edition: \1/'
echo "$CurrentVersion" | grep -E '"ProductName"=str\(1\):".+"' | sed -E 's/"ProductName"=str\(1\):"(.+)"/Product Name: \1/'
echo "$CurrentVersion" | grep -E '"RegisteredOrganization"=str\(1\):".+"' | sed -E 's/"RegisteredOrganization"=str\(1\):"(.+)"/Registered Organization: \1/'
echo "$CurrentVersion" | grep -E '"RegisteredOwner"=str\(1\):".+"' | sed -E 's/"RegisteredOwner"=str\(1\):"(.+)"/Registered Owner: \1/'
echo "$Parameters" | grep -E '"Domain"=str\(1\):".+"' | sed -E 's/"Domain"=str\(1\):"(.+)"/Domain: \1/'
echo "$LogonUI" | grep -E '"LastLoggedOnUser"=str\(1\):".+"' | sed -E 's/"LastLoggedOnUser"=str\(1\):"(.+)"/Last Logged On User: \1/'
echo "$LogonUI" | grep -E '"LastLoggedOnDisplayName"=str\(1\):".+"' | sed -E 's/"LastLoggedOnDisplayName"=str\(1\):"(.+)"/Last Logged On User: \1/'
echo "$ProfileList" | grep -E '"ProfileImagePath"=str\(2\):".+"' | sed -E 's/"ProfileImagePath"=str\(2\):"(.+)"/User: \1/'
echo ""
if find /mnt/UNKNWN -maxdepth 2 -type d -ipath "*/Users" -not -ipath "*Windows.old*" | grep "."
then
tree -r -a -t -L 1 -D "$(find /mnt/UNKNWN/ -maxdepth 2 -type d -ipath "*/Users" -not -ipath "*Windows.old*" | head -1)"
fi
if find /mnt/UNKNWN -maxdepth 2 -type d -ipath "*/Documents and Settings" -not -ipath "*Windows.old*" | grep "."
then
tree -r -a -t -L 1 -D "$(find /mnt/UNKNWN/ -maxdepth 2 -type d -ipath "*/Documents and Settings" -not -ipath "*Windows.old*" | head -1)"
fi
echo ""
} >> "$infolog"
rm /tmp/"$ticket_number"/SOFTWARE
rm /tmp/"$ticket_number"/SYSTEM
else
loginfo "Non Windows NTFS partition detected on $device$i."
echo "Non Windows NTFS partition detected on $device$i." >> "$infolog"
tree -a -L 2 -D /mnt/"$ticket_number" >> "$infolog"
fi
umount /mnt/"$ticket_number"
else
echo "Failed to mount $device$i." >> "$infolog"
logwarn "There was an issue mounting $device$i."
fi
;;
"apfs")
mkdir -p /mnt/"$ticket_number"
loginfo "Apple install detected on $device$i."
echo "Apple install detected on $device$i." >> "$infolog"
if mount -t "$fstype" /dev/"$device""$i" /mnt/"$ticket_number"
then
echo "¯\_(ツ)_/¯" >> "$infolog"
tree -a -L 1 -D /mnt/"$ticket_number"/Users >> "$infolog"
umount /mnt/"$ticket_number"
else
echo "Failed to mount $device$i." >> "$infolog"
logwarn "There was an issue mounting $device$i."
fi
;;
"vfat"|"fat32")
loginfo "Boot/Recovery partition detected."
echo "Boot/Recovery partition detected." >> "$infolog"
mkdir -p /mnt/"$ticket_number"
if mount -t "$fstype" /dev/"$device""$i" /mnt/"$ticket_number"
then
tree -a -R -D /mnt/"$ticket_number" >> "$infolog"
umount /mnt/"$ticket_number"
else
echo "Failed to mount $device$i." >> "$infolog"
logwarn "There was an issue mounting $device$i."
fi
;;
*)
logwarn "Unknown partition type '$fstype'."
echo "Unknown partition type '$fstype'." >> "$infolog"
;;
esac
done
else
logwarn "No partitions detected, device is likely empty."
fi
echo "END OF LOG" >> "$infolog"
if [[ $print = "true" ]];
then
echo "" >&3
cat "$infolog" >&3
echo "" >&3
fi
}
erase_device_lv0 () {
loginfo "Wiping partition tables of $devicetype : $device."
local ret_value=$(sgdisk -g -Z /dev/"$device" &> /dev/null; echo $?)
if [[ ! $ret_value = "0" ]]
then
case $ret_value in
"1")
logerror "There was an issue with the argument. Ensure you typed the drive name correctly."
;;
"2")
logerror "An error occurred while reading the partition table."
;;
"3")
logerror "Non-GPT disk detected and no -g option, but operation requires a write action."
;;
"4")
logerror "An error prevented saving changes."
;;
"5")
logerror "An error occurred while readring standard input."
;;
"8")
logerror "Disk replication operation (-R) failed."
;;
*)
logerror "Unspecified error."
;;
esac
exit
else
loginfo "Partition tables wiped. Device is ready for reuse."
fi
}
erase_device_lv1 () {
#HDD = 3-Pass DOD Short
#SSD Sata = hdparm secure erase
#SSD NVMe = nvme secure erase
if [[ $devicetype = "HDD_SATA" ]] && [[ ! $eraselevel = "2" ]];
then
loginfo "Running 3-Pass DOD Short on ${devicetype} : ${device}."
loginfo "This may take a while!"
local ret_value=$(nwipe -m dodshort --autonuke --nogui /dev/"$device" &> /dev/null; echo $?)
if [[ ! $ret_value = "0" ]]
then
case $ret_value in
"-1")
logerror "Unspecified error while nwiping disk."
;;
*)
logerror "Unspecified error while nwiping disk."
;;
esac
exit
else
loginfo "Finished wiping data with nwipe."
fi
elif [[ $devicetype = "SSD_SATA" ]];
then
loginfo "Running hdparm format on $devicetype : $device."
loginfo "Setting security pass to NULL."
#Set the password of the drive to NULL
local ret_value=$(hdparm --user-master m --security-set-pass NULL /dev/"$device" &> /dev/null; echo $?)
if [[ ! $ret_value = "0" ]];
then
hdparm_check_error "$ret_value"
logwarn "Failed to set password of drive. Attempting to continue."
else
loginfo "Set password of drive to NULL."
fi
#Attempt a secure erase.
local ret_value=$(hdparm --user-master m --security-erase-enhanced NULL /dev/"$device" &> /dev/null; echo $?)
if [[ ! $ret_value = "0" ]];
then
hdparm_check_error "$ret_value"
logwarn "Enhanced Secure Erase failed. This is not unexpected depending on the drive type."
loginfo "Attempting Secure Erase instead."
#Attempt a secure erase, less enhanced.
local ret_value2=$(hdparm --user-master m --security-erase NULL /dev/"$device" &> /dev/null; echo $?)
if [[ ! $ret_value2 = "0" ]];
then
hdparm_check_error "$ret_value2"
logerror "Failed to Secure Erase. Please contact your supervisor."
exit
else
loginfo "Secure Erase success."
fi
else
loginfo "Enhanced Secure Erase success."
fi
elif [[ $devicetype = "SSD_NVME" ]];
then
loginfo "Running nvme_cli format on $devicetype : $device."
#Erase using nvme cli to send secure erase command to drop the crypto stuff.
local ret_value=$(nvme format --force -r -s 2 /dev/"$device" &> /dev/null; echo $?)
if [[ ! $ret_value = "0" ]]
then
logwarn "Failed to cryptographically erase drive, blanket erasing instead."
#Sad, can't do it. Blank out drive instead using the drive controller.
local ret_value=$(nvme format --force -r -s 1 /dev/"$device" &> /dev/null; echo $?)
if [[ ! $ret_value = "0" ]]
then
logerror "Failed to cryptographically erase or blanket erase. Please contact your supervisor."
exit
else
loginfo "Blanket erased drive."
fi
else
loginfo "Cryptographically erased drive."
fi
else
logerror "There was an issue with the device type: $devicetype. Ensure you typed the drive name correctly."
exit
fi
}
erase_device_lv2 () {
#7-Pass DOD Wipe through nwipe.
loginfo "Running 7-Pass DOD on $devicetype : $device."
loginfo "This may take a while!"
local ret_value=$(nwipe -m dod --autonuke --nogui /dev/"$device" &> /dev/null; echo $?)
if [[ ! $ret_value = "0" ]]
then
case $ret_value in
"-1")
logerror "Unspecified error while nwiping disk."
;;
*)
logerror "Unspecified error while nwiping disk."
;;
esac
exit
else
loginfo "Finished wiping data with nwipe."
loginfo "Please put device in decommission bin in the hardware room."
fi
}
hdparm_check_error () {
case $1 in
"1")
logerror "Operation not permitted."
;;
"2")
logerror "No such file or directory."
;;
"5")
logerror "I/O error."
;;
"16")
logerror "Device or resource busy."
;;
"22")
logerror "Invalid argument."
;;
*)
logerror "Unspecified error."
;;
esac
}
#Rescan for PCIe devices
pcie_enable (){
echo 1 > /sys/bus/pci/rescan
loginfo "Enabled PCIe card, sleeping for 5 seconds."
sleep 5
}
#Remove the PCIe NVMe readrer
# shellcheck disable=SC2329
pcie_disable (){
echo 1 > /sys/bus/pci/devices/0000:02:00.0/remove
echo 1 > /sys/bus/pci/devices/0000:03:00.0/remove
loginfo "Disabled PCIe card."
}
main (){
if [[ ! $offline = "true" ]];
then
get_netid
loginfo ""
fi
get_ticket
loginfo ""
if [[ ! $offline = "true" ]];
then
mount_remote
loginfo ""
fi
get_eraselevel #sets $eraselevel to 0-2 based on how to erase. Higher levels include lower levels.
loginfo ""
get_devicetype #sets $devicetype to HDD_SATA/SSD_SATA/SSD_NVME
loginfo ""
get_device #sets $device to one of the /dev/xyz devices.
loginfo ""
make_infolog #Logs a bunch of details to a info log file from the system.
loginfo ""
loginfo "Starting process for erasing $devicetype : $device with erase level $eraselevel."
if [[ $eraselevel = "1" ]] || [[ $eraselevel = "2" ]];
then
local randomconf=$(shuf -i 10000-99999 -n 1)
confirm_message "This level is destructive and irreversible. Please type $randomconf to continue" "$randomconf"
else
confirm_message "Please type 'confirm' to begin." "confirm"
fi
loginfo ""
case $eraselevel in
"0")
erase_device_lv0 #Wipe partition
;;
"1")
erase_device_lv1 #Secure Erase
erase_device_lv0 #Wipe partition
;;
"2")
erase_device_lv1 #Secure Erase (skips nwipe for HDDs)
erase_device_lv2 #7-Pass nwipe
erase_device_lv0 #Wipe partition
;;
*)
logerror "Invalid Erase Level"
exit
;;
esac
loginfo ""
loginfo "Finished erasing $devicetype : $device with erase level $eraselevel."
loginfo ""
cleanup
}
main
Reference in New Issue View Git Blame Copy Permalink