From owner-freebsd-questions@freebsd.org  Fri Jul 14 08:30:39 2017
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 85737D9AA13
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Fri, 14 Jul 2017 08:30:39 +0000 (UTC)
 (envelope-from holindho@saunalahti.fi)
Received: from vs23.mail.saunalahti.fi (vs23.mail.saunalahti.fi
 [193.64.193.199])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "vs23.mail.saunalahti.fi",
 Issuer "vs23.mail.saunalahti.fi" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 46E2381AD1
 for <freebsd-questions@freebsd.org>; Fri, 14 Jul 2017 08:30:38 +0000 (UTC)
 (envelope-from holindho@saunalahti.fi)
Received: from vs23.mail.saunalahti.fi (localhost [127.0.0.1])
 by vs23.mail.saunalahti.fi (Postfix) with ESMTP id 09FF1200B7;
 Fri, 14 Jul 2017 11:30:30 +0300 (EEST)
Received: from gw02.mail.saunalahti.fi (gw02.mail.saunalahti.fi
 [195.197.172.116])
 by vs23.mail.saunalahti.fi (Postfix) with ESMTP id 0918D2008C;
 Fri, 14 Jul 2017 11:30:30 +0300 (EEST)
Received: from [10.0.0.7] (62-78-248-13.bb.dnainternet.fi [62.78.248.13])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by gw02.mail.saunalahti.fi (Postfix) with ESMTPSA id F05A940171;
 Fri, 14 Jul 2017 11:30:27 +0300 (EEST)
Subject: Re: Unusual Question
To: freebsd-questions@freebsd.org
References: <888578F8-AD68-4993-823C-152789F3C929@mail.sermon-archive.info>
 <b5b8a49e-804d-15be-25b7-ff7c29a5ae8a@holgerdanske.com>
 <B63B13F0-D5E4-4C32-AD9B-B9D505AFDAA2@mail.sermon-archive.info>
From: Heikki Lindholm <holindho@saunalahti.fi>
Message-ID: <65a4d725-cc3d-4702-77f9-0bb6d57605ce@saunalahti.fi>
Date: Fri, 14 Jul 2017 11:30:28 +0300
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <B63B13F0-D5E4-4C32-AD9B-B9D505AFDAA2@mail.sermon-archive.info>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jul 2017 08:30:39 -0000

On 14.07.2017 09:11, Doug Hardie wrote:
> 
>> On 13 July 2017, at 21:44, David Christensen <dpchrist@holgerdanske.com> wrote:
>>
>> On 07/09/17 02:57, Doug Hardie wrote:
>>> I have a FreeBSD 9.3 remote server that needs to be purged.  I know that rm -rf / will remove all the directory entries, but I need to write over the drive.  I thought that dd if=/dev/zero of=/dev/ada0 might do the trick, but it gives an not permitted error.  The whole thing can crash and burn at the end.  This is an unmanned site so moving drives is not viable.
>>
>> If the machine has BIOS and the system drive isn't too large, write an assembly program that fits into the MBR bootstrap code area to wipe the rest of the drive, assemble the program, write it into the MBR, and reboot.
>>
>>
>> Bonus: the program deletes the MBR when done wiping the rest of the drive.
> 
> Neat idea, but I have a number of these systems and they all use different disk drives.  That would be a lot of work writing drivers for each type.

I tried clearing the root partition of fbsd 11 under virtualbox. The 
root was 3 gigabytes and ZFS format. The process was to disable 
services, disable swap and make a script that does a sync, sleep and the 
whole disk dd, and then disable sshd and run the script.

I then did an ACPI shutdown after waiting enough time for the dd to 
complete. I thought it would show what the kernel could still flush to 
disk after the dd. The outcome was that there was about 700k data left 
on the device. I think something should be done to ZFS ARC to make this 
work better. The kernel did not crash because of the dd.

---- The steps I took in more detail ----
* remove GEOM MBR protection
  # sysctl kern.geom.debugflags=0x10
* test disk access
  # dd if=/dev/ada0 of=mbr bs=512 count=1
  # dd if=mbr of=/dev/ada0 bs=512 count=1
* list services
  # service -e
* stop services (just an example; check with ps -A)
  # service mixer stop
  # service cron stop
  # service sendmail stop
  # service ntpd stop
  # service dmesg stop
  # service savecore stop
  # service syslogd stop
* disable swap
  # swapoff /dev/ada0p2
  # swapctl -l
* make selfdestruct script
  # cat selfdestruct.sh
#!/bin/csh
sync
sleep 10s
nohup dd if=/dev/zero of=/dev/ada0 bs=20m > & /dev/null < /dev/zero &
* run script
  # ./selfdestruct.sh
* kill sshd
  # service sshd stop