[Pkg-libvirt-commits] [libguestfs] 170/233: sysprep: Add --scrub option.
Hilko Bengen
bengen at moszumanska.debian.org
Wed Feb 19 21:12:04 UTC 2014
This is an automated email from the git hooks/post-receive script.
bengen pushed a commit to branch experimental
in repository libguestfs.
commit 5db1a28461cc42f09532e8b98150e716040d3aa0
Author: Richard W.M. Jones <rjones at redhat.com>
Date: Wed Jan 29 14:38:50 2014 +0000
sysprep: Add --scrub option.
This works like the option in virt-builder with the same name.
---
sysprep/sysprep_operation_delete.ml | 27 +++++++++++++++++++++------
sysprep/virt-sysprep.pod | 7 ++++---
2 files changed, 25 insertions(+), 9 deletions(-)
diff --git a/sysprep/sysprep_operation_delete.ml b/sysprep/sysprep_operation_delete.ml
index e521f91..047bd39 100644
--- a/sysprep/sysprep_operation_delete.ml
+++ b/sysprep/sysprep_operation_delete.ml
@@ -23,33 +23,48 @@ open Common_gettext.Gettext
module G = Guestfs
let paths = ref []
-let add_paths path = paths := path :: !paths
+let add_paths ?(scrub = false) path = paths := (scrub, path) :: !paths
let path_perform g root side_effects =
let paths = List.rev !paths in
if paths <> [] then (
- List.iter (fun glob -> Array.iter g#rm_rf (g#glob_expand glob)) paths
+ List.iter (
+ function
+ | false, glob -> Array.iter g#rm_rf (g#glob_expand glob)
+ | true, path -> g#scrub_file path
+ ) paths
)
let op = {
defaults with
name = "delete";
enabled_by_default = true;
- heading = s_"Delete specified files or directories";
+ heading = s_"Delete or scrub specified files or directories";
pod_description = Some (s_"\
-Delete specified files or directories.
-
Use the I<--delete> option to specify a path to remove.
You can use shell glob characters in the specified path; note that such
metacharacters might require proper escape. For example:
- virt-sysprep --delete '/var/log/*.log'.");
+ virt-sysprep --delete '/var/log/*.log'
+
+An alternative option, I<--scrub>, can be used to scrub files. This
+only works for files (not directories) and cannot use globs.
+
+You can use both options as many times as you want.");
extra_args = [
{ extra_argspec = ("--delete", Arg.String add_paths, s_"path" ^ " " ^ s_"File or directory to be removed on guest");
extra_pod_argval = Some "PATHNAME";
extra_pod_description = s_"\
Delete (recursively) the specified C<PATHNAME> in the guest.";
+ };
+
+ { extra_argspec = ("--scrub", Arg.String (add_paths ~scrub:true), s_"path" ^ " " ^ s_"File to be scrubbed");
+ extra_pod_argval = Some "PATHNAME";
+ extra_pod_description = s_"\
+Scrub (aggressively overwrite then remove) the specified
+file called C<PATHNAME> in the guest. Only single files can
+be specified using this argument.";
}
];
diff --git a/sysprep/virt-sysprep.pod b/sysprep/virt-sysprep.pod
index a042db4..89f15b9 100644
--- a/sysprep/virt-sysprep.pod
+++ b/sysprep/virt-sysprep.pod
@@ -495,9 +495,10 @@ the L</OPERATIONS> above and the guest afterwards.
Sensitive files are simply removed. The data they contained may still
exist on the disk, easily recovered with a hex editor or undelete
-tool. Use L<virt-sparsify(1)> as one way to remove this content. See
-also the L<scrub(1)> command to get rid of deleted content in
-directory entries and inodes.
+tool. The I<--scrub> option can be used to scrub files instead of
+just deleting them. L<virt-sparsify(1)> is another way to remove this
+content. See also the L<scrub(1)> command to get rid of deleted
+content in directory entries and inodes.
=head2 RANDOM SEED
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-libvirt/libguestfs.git
More information about the Pkg-libvirt-commits
mailing list