Secure delete of directories

**ozzlawrence** · 11-21-2011

Hi, how do you secure delete (erase) directories?

I tried "shred" but could only erase files. This makes a sometimes long and laborious task if you have to erase multiple files in multiple directories as each file has to be added to the terminal - or am I making a mistake here?

I tried this in Linux Mint 11 (32 bit), ubuntu 11-04 and 11-10 in both 32 and 64 bit and always the same result - "shred" won't erase directories (folders).

**atreyu** · 11-22-2011

I think if you combine shred with find, you'll get what you want, e.g.:

Code:

# recursively find all files in the given dir and shred them
find $DIR -type f -execdir shred -u '{}' \;

# now remove the dir itself (and all empty subdirs that may be in it)
rm -rf $DIR

You could put the above into a script called /usr/local/bin/shreddir, if you wanted.

Edit: more on this is here

**ozzlawrence** · 11-22-2011

Hi atreyu,

Thanks for this info. I shall try it tonight.

Do I replace the "DIR" with the directory name? Do I retain the "$"? Also, do the curly brackets inside the quotes replace the original file names with blanks?

When I used shred in the past I used -f -u -z which I understand removed the original file names and replaced them with zeros.

ozzlawrence

**atreyu** · 11-23-2011

yes, the $DIR is a Bash variable. It gets expanded to the variable that has been assigned to it, if any. I did not show any such variable assignment in my kind - it is just kind of a short-hand technique used around here a lot.

The second part (curly braces and single quotes) is a built-in variable passed to the find command that represents each file found. So the command is saying "find all files in some directory, recursively, and execute the shred command on each".

You could create a script and pass the directory name as the first argument to the script. Something more robust and complete would go like this (includes user interaction to get the okay to continue with shred process):

Code:

#!/bin/bash

# get directory name from command line args
[ $# -ne 1 ] && echo "Usage: $0 </path/to/directory>" && exit 1
dir="$1"

# make sure the directory exists
! [ -d $dir ] && echo "$dir: No such directory" && exit 1

# prompt to make sure
echo "Directory name: \"$dir\""
echo "If you proceed, all files in the directory will be deleted."
until [ "$answer" == 'y' -o "$answer" == 'n' ]; do
  printf "Do you wish to continue? [y|n] "
  read answer
done
echo $answer|grep -q ^n$ && echo Aborting && exit 0

# recursively find all files in the given dir and shred them
printf "Removing files..."
shredout=$(find $dir -type f -exec shred -fuzv '{}' \; 2>&1)
if [ $? -ne 0 ]; then
  echo FAILED
  printf "$shredout\n"
  exit 1
else
  echo OK

  # count number of files removed
  cnt=$(printf "$shredout\n"|grep removed$|wc -l)
  printf "Number of files removed: $cnt\n"
fi

# now remove the dir itself (and all empty subdirs that may be in it)
printf "Removing directory..."
rmout=$(rm -rf $dir 2>&1)
if [ $? -ne 0 ]; then
  echo FAILED
  printf "$rmout\n"
  exit 1
else
  echo OK
fi

exit 0

Edit: Note you'd need to make a minor modification to the script to handle files/directories with spaces in them (just change the Bash IFS)

Thread Tools

Display

Secure delete of directories

Posting Permissions