20.32. Deleting a Storage Volume's Contents
The
virsh vol-wipe vol pool
command wipes a volume, to ensure data previously on the volume is not accessible to future reads. The command requires a --pool pool
which is the name or UUID of the storage pool the volume is in as well as pool which is the name the name or key or path of the volume to wipe. Note that it is possible to choose different wiping algorithms instead of re-writing volume with zeroes, using the argument --algorithm
and using one of the following supported algorithm types:
zero
- 1-pass all zeroesnnsa
- 4-pass NNSA Policy Letter NAP-14.1-C (XVI-8) for sanitizing removable and non-removable hard disks: random x2, 0x00, verify.dod
- 4-pass DoD 5220.22-M section 8-306 procedure for sanitizing removable and non-removable rigid disks: random, 0x00, 0xff, verify.bsi
- 9-pass method recommended by the German Center of Security in Information Technologies (http://www.bsi.bund.de): 0xff, 0xfe, 0xfd, 0xfb, 0xf7, 0xef, 0xdf, 0xbf, 0x7f.gutmann
- The canonical 35-pass sequence described in Gutmann’s paper.schneier
- 7-pass method described by Bruce Schneier in "Applied Cryptography" (1996): 0x00, 0xff, random x5.pfitzner7
- Roy Pfitzner’s 7-random-pass method: random x7pfitzner33
- Roy Pfitzner’s 33-random-pass method: random x33.random
- 1-pass pattern: random.s
Note
The availability of algorithms may be limited by the version of the "scrub" binary installed on the host.
Example 20.92. How to delete a storage volume's contents (How to wipe the storage volume)
The following example wipes the contents of the storage volume new-vol, which has the storage pool vdisk associated with it:
# virsh vol-wipe new-vol vdisk
vol new-vol wiped