sg_sanitize
(1m)
Name
sg_sanitize - remove all use data from a SCSI disk
Synopsis
sg_sanitize [--block] [--count=OC] [--crypto] [--early]
[--help] [--invert] [--ipl=LEN] [--overwrite] [--pattern=PF]
[--quick] [--verbose] [--version] [--wait] DEVICE
Description
SG3_UTILS SG_SANITIZE(8)
NAME
sg_sanitize - remove all use data from a SCSI disk
SYNOPSIS
sg_sanitize [--block] [--count=OC] [--crypto] [--early]
[--help] [--invert] [--ipl=LEN] [--overwrite] [--pattern=PF]
[--quick] [--verbose] [--version] [--wait] DEVICE
DESCRIPTION
This utility invokes the SCSI SANITIZE command. This command
was first introduced in the SBC-3 revision 27 draft. The
purpose of the sanitize operation is to alter the informa-
tion in the cache and on the medium of a logical unit (e.g.
a disk) so that the recovery of user data is not possible.
If that user data cannot be erased, or is in the process of
being erased, then the sanitize operation prevents access to
that user data.
Once a SCSI SANITIZE command has successfully started, then
user data from that disk is no longer available. Even if the
disk is power cycled, the sanitize operation will continue
after power is re-instated until it is complete.
This utility requires either the --block, --crypto or
--overwrite option. If the --quick option is not given then
the user if given 15 seconds to reconsider whether they wish
to erase all the data on a disk. The disk's INQUIRY response
strings are printed out just in case the wrong DEVICE has
been given.
If the --early option is given this utility will exit soon
after starting the SANITIZE command with the IMMED bit set.
The user can monitor the progress of the sanitize operation
with the "sg_request --num=9999 --progress" which sends a
REQUEST SENSE command every 30 seconds. Otherwise if the
--wait option is given then this utility will wait until the
SANITIZE command completes (or fails) and that can be many
hours.
If neither the --early nor --wait option is given then the
SANITIZE command is started with the IMMED bit set. After
that this utility sends a REQUEST SENSE command every 60
seconds until there are no more progress indications.
OPTIONS
Arguments to long options are mandatory for short options as
well. The options are arranged in alphabetical order based
on the long option name.
-B, --block
perform a "block erase" sanitize operation.
sg3_utils-1.32 Last change: June 2011 1
SG3_UTILS SG_SANITIZE(8)
-c, --count=OC
where OC is the "overwrite count" associated with the
"overwrite" sanitize operation. OC can be a value
between 1 and 31 and 1 is the default.
-C, --crypto
perform a "cryptographic erase" sanitize operation.
-e, --early
the default action of this utility is to poll the disk
every 60 seconds to fetch the progress indication until
the sanitize is finished. When this option is given
this utility will exit "early" as soon as the sanitize
has commenced. This option and --wait cannot both be
given.
-h, --help
print out the usage information then exit.
-i, --ipl=LEN
set the initialization pattern length to LEN bytes. By
default it is set to the length of the pattern file
(PF). Only active when the --overwrite option is also
given. It is the number of bytes from the PF file that
will be used as the initialization pattern. The minimum
size is 1 byte and the maximum is the logical block
size of the DEVICE (and not to exceed 65535). If LEN
exceeds the PF file size then the initialization pat-
tern is padded with zeros.
-I, --invert
set the INVERT bit in the overwrite service action
parameter list. This only affects the "overwrite" sani-
tize operation. The default is a clear INVERT bit. When
the INVERT bit is set then the initialization pattern
is inverted between consecutive overwrite passes.
-O, --overwrite
perform an "overwrite" sanitize operation. When this
option is given then the --pattern=PF option is
required.
-p, --pattern=PF
where PF is the filename of a file containing the ini-
tialization pattern required by an "overwrite" sanitize
operation. The length of this file will be used as the
length of the initialization pattern unless the
--ipl=LEN option is given. The length of the initial-
ization pattern must be from 1 to the logical block
size of the DEVICE.
-Q, --quick
sg3_utils-1.32 Last change: June 2011 2
SG3_UTILS SG_SANITIZE(8)
the default action (i.e. when the option is not given)
is to give the user 15 seconds to reconsider doing a
sanitize operation on the DEVICE. When this option is
given that step (i.e. the 15 second warning period) is
skipped.
-v, --verbose
increase the level of verbosity, (i.e. debug output).
-V, --version
print the version string and then exit.
-w, --wait
the default action (i.e. without this option and the
--early option) is to start the SANITIZE command with
the IMMED bit set then poll for the progress indication
with the REQUEST SENSE command until the sanitize oper-
ation is complete (or fails). When this option is given
(and the --early option is not given) then the SANITIZE
command is started with the IMMED bit clear. For a
large disk this might take hours. [A cryptographic
erase operation could potentially be very quick.]
ATTRIBUTES
See attributes(5) for descriptions of the following
attributes:
+---------------+--------------------------+
|ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+---------------+--------------------------+
|Availability | system/storage/sg3_utils |
+---------------+--------------------------+
|Stability | Uncommitted |
+---------------+--------------------------+
NOTES
The SCSI SANITIZE command is closely related to the ATA SAN-
ITIZE command, both are relatively new with the ATA command
being the first one defined. It is likely that a SCSI to
ATA Translation (SAT) definition will soon appear for the
SCSI SANITIZE command (most likely in SAT-3).
The SCSI SANITIZE command is related to the SCSI FORMAT UNIT
command. It is likely that a block erase sanitize operation
would take a similar amount of time as a format on the same
disk (e.g. 9 hours for a 2 Terabyte disk). The primary goal
of a format is the configuration of the disk at the end of a
format (e.g. different logical block size or protection
information added). Removal of user data is only a side
effect of a format. With the SCSI SANITIZE command, removal
of user data is the primary goal. If a sanitize operation
is interrupted (e.g. the disk is power cycled) then after
sg3_utils-1.32 Last change: June 2011 3
SG3_UTILS SG_SANITIZE(8)
power up any remaining user data will not be available and
the sanitize operation will continue. When a format is
interrupted (e.g. the disk is power cycled) the drafts say
very little about the state of the disk. In practice some of
the original user data may remain and the format may need to
be restarted.
EXAMPLES
These examples use Linux device names. For suitable device
names in other supported Operating Systems see the
sg3_utils(8) man page.
As a precaution if this utility is called with no options
then apart from printing a usage message, nothing happens:
sg_sanitize /dev/sdm
To do a "block erase" sanitize the --block option is
required. The user will be given a 15 second period to
reconsider, the SCSI SANITIZE command will be started with
the IMMED bit set, then this utility will poll for a
progress indication with a REQUEST SENSE command until the
sanitize operation is finished:
sg_sanitize --block /dev/sdm
To start a "block erase" sanitize and return from this util-
ity once it is started (but not yet completed) use the
--early option:
sg_sanitize --block --early /dev/sdm
If the 15 second reconsideration time is not required add
the --quick option:
sg_sanitize --block --quick --early /dev/sdm
To do an "overwrite" sanitize a pattern file is required:
sg_sanitize --overwrite --pattern=rand.img /dev/sdm
If the length of that "rand.img" is 512 bytes (a typically
logical block size) then to use only the first 17 bytes
(repeatedly) in the "overwrite" sanitize operation:
sg_sanitize --overwrite --pattern=rand.img --ipl=17
/dev/sdm
EXIT STATUS
The exit status of sg_sanitize is 0 when it is successful.
Otherwise see the sg3_utils(8) man page. Unless the --wait
option is given, the exit status may not reflect the success
sg3_utils-1.32 Last change: June 2011 4
SG3_UTILS SG_SANITIZE(8)
of otherwise of the format.
AUTHORS
Written by Douglas Gilbert.
REPORTING BUGS
Report bugs to <dgilbert at interlog dot com>.
COPYRIGHT
Copyright (C) 2011 Douglas Gilbert
This software is distributed under a FreeBSD license. There
is NO warranty; not even for MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE.
SEE ALSO
sg_requests(8), sg_format(8)
This software was built from source available at
https://java.net/projects/solaris-userland. The original
community source was downloaded from
http://sg.danny.cz/sg/p/sg3_utils-1.33.tgz
Further information about this software can be found on the
open source community website at
http://sg.danny.cz/sg/sg3_utils.html.
sg3_utils-1.32 Last change: June 2011 5