[Pkg-privacy-commits] [libgsecuredelete] 133/168: Add workaround testing procedure

Ulrike Uhlig u-guest at moszumanska.debian.org
Thu Jul 7 20:06:47 UTC 2016 

This is an automated email from the git hooks/post-receive script.

u-guest pushed a commit to branch master
in repository libgsecuredelete.

commit e57400eef924be1d63b6fb92318c322ce7e39c2d
Author: Colomban Wendling <ban at herbesfolles.org>
Date:   Mon Jun 11 23:40:58 2012 +0200

    Add workaround testing procedure
---
 test/TESTING          | 100 ++++++++++++++++++++++++++++++++++++++++++++++++++
 test/fill_test.sh     |  20 ++++++++++
 test/hexdump_full.sh  |  13 +++++++
 test/hexdump_light.sh |  16 ++++++++
 4 files changed, 149 insertions(+)

diff --git a/test/TESTING b/test/TESTING
new file mode 100644
index 0000000..51e3dfe
--- /dev/null
+++ b/test/TESTING
@@ -0,0 +1,100 @@
+Testing secure-delete limitation workarounds using libvirt
+
+
+Preparation
+===========
+
+Setup a Debian wheezy virtual machine.
+
+Install libgsecuredelete and nautilus-wipe.
+
+Create a file 'testfile' containing some MB of "test " pattern, e.g.
+using:
+
+    while true; do echo "test " >> testfile ; done
+
+Testing wiping above max file size
+==================================
+
+VFAT allows only 4G files, thus making regular sfill failing to wipe
+VFAT FS > 4G.  Thus testing the workaround.
+
+Create a virtio device of 5G.
+
+Create a VFAT FS on it.
+
+    # mkfs.vfat /dev/vdb
+
+Fill it by testing patterns with test/fill_test.sh.
+
+    :test# ./fill_test.sh /dev/vdb
+
+Have a look at the result to check with test/hexdump_light.sh.
+
+    :test# ./hexdump_light.sh
+
+Start Nautilus.  Open the drive.  Right-click and select "Wipe available
+diskspace".  Keep default options and confirm.  When finished, unmount
+the volume with nautilus.
+
+Have a look at the result:
+
+    :test# ./hexdump_light.sh /dev/vdb
+
+You should see the INodes at the beginning, then random data.
+
+Dump result and count lines matching pattern:
+
+    :test# ./hexdump_full.sh /dev/vdb | grep "test " | wc -l
+
+This gets the lines matching the pattern.  Each line contains 16 bytes.
+So unwiped bytes is roughly 16 times that number.
+
+You should get 0 matches.
+
+Try again but select "One pass" and "Last pass with zeros".
+
+Dump result:
+
+    :test# ./hexdump_full.sh /dev/vdb
+
+You should have only INodes, then zeros, thus a small output.
+
+Testing reserved blocs
+======================
+
+ext reserves blocs for the superuser.  libgsecuredelete tries to become
+root to wipe them.
+
+Create a virtio device of 1G.
+
+Create a ext3 FS on it.
+
+    # mkfs.ext3 /dev/vdb
+
+Fill it by testing patterns with test/fill_test.sh.
+
+    :test# ./fill_test.sh /dev/vdb
+
+Have a look at the result to check with test/hexdump_light.sh.
+
+    :test# ./hexdump_light.sh
+
+Start Nautilus.  Open the drive.  Right-click and select "Wipe available
+diskspace".  Keep default options and confirm.  Don't give admin
+password.  When finished, unmount the volume with Nautilus.
+
+Have a look at the result:
+
+    :test# ./hexdump_light.sh /dev/vdb
+
+Dump result and count lines matching pattern:
+
+    :test# ./hexdump_full.sh /dev/vdb | grep "test " | wc -l
+
+This gets the lines matching the pattern.  Each line contains 16 bytes.
+So unwiped bytes is roughly 16 times that number.
+
+You should get 5% of 1G (~ 53687091)
+
+Try again, but give a root password.  You should get 0 matches.
diff --git a/test/fill_test.sh b/test/fill_test.sh
new file mode 100755
index 0000000..aaa7118
--- /dev/null
+++ b/test/fill_test.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+if [ $UID -ne 0 ] ; then
+	echo "You must be root"
+	exit 1
+fi
+
+echo "Mounting $1"
+mount "$1" /mnt
+echo "Filling 1st file"
+while true ; do cat testfile >> /mnt/testfile1 || break ; done
+echo "Filling 2nd file"
+while true ; do cat testfile >> /mnt/testfile2 || break ; done
+echo "Free space:"
+df /mnt
+echo "Removing files"
+rm /mnt/testfile1
+rm /mnt/testfile2
+echo "Unmounting"
+umount /mnt
diff --git a/test/hexdump_full.sh b/test/hexdump_full.sh
new file mode 100755
index 0000000..d4686b1
--- /dev/null
+++ b/test/hexdump_full.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+if [ $UID -ne 0 ] ; then
+	echo "You must be root"
+	exit 1
+fi
+
+set -x
+hexdump -n $(( 1024**3)) -C -s 0x00000000 "$1"
+hexdump -n $(( 1024**3)) -C -s 0x40000000 "$1"
+hexdump -n $(( 1024**3)) -C -s 0x80000000 "$1"
+hexdump -n $(( 1024**3)) -C -s 0xc0000000 "$1"
+hexdump -n $(( 1024**3)) -C -s 0x100000000 "$1"
diff --git a/test/hexdump_light.sh b/test/hexdump_light.sh
new file mode 100755
index 0000000..801e1de
--- /dev/null
+++ b/test/hexdump_light.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+if [ $UID -ne 0 ] ; then
+	echo "You must be root"
+	exit 1
+fi
+
+set -x
+hexdump -n 1024 -C -s 0xa00000 "$1"
+hexdump -n 128 -C -s 0x00a00fe0 "$1"
+hexdump -n 128 -C -s $(( 1*1024**3 )) "$1"
+hexdump -n 128 -C -s 0x40000000 "$1"
+hexdump -n 128 -C -s 0x80000000 "$1"
+hexdump -n 128 -C -s 0xc0000000 "$1"
+hexdump -n 128 -C -s 0x100000000 "$1"
+hexdump -n 128 -C -s 0x13fffffa0 "$1"

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/libgsecuredelete.git

More information about the Pkg-privacy-commits mailing list