Historically, the command line interface provided a way to manipulate a computer over simple, text-based connections. In the modern era, in spite of the ability to transmit graphical user interfaces over the Internet, the command line remains a powerful tool for performing certain types of tasks.
As described previously in Before You Begin, most users interact with a command-line environment using the Terminal application, though you may also use a remote connection method such as secure shell (SSH). Each Terminal window or SSH connection provides access to the input and output of a shell process. A shell is a special command-line tool that is designed specifically to provide text-based interactive control over other command-line tools.
In addition to running individual tools, most shells provide some means of combining multiple tools into structured programs, called shell scripts (the subject of this book).
Different shells feature slightly different capabilities and scripting syntax. Although you can use any shell of your choice, the examples in this book assume that you are using the standard OS X shell. The standard shell is
bash if you are running OS X v10.3 or later and tcsh if you are running an earlier version of the operating system.
The following sections provide some basic information and tips about using the command-line interface more effectively; they are not intended as an exhaustive reference for using the shell environments.
Dec 11, 2018 SDelete is a command line utility that takes a number of options. In any given use, it allows you to delete one or more files and/or directories, or to cleanse the free space on a logical disk. In any given use, it allows you to delete one or more files and/or directories, or to cleanse the free space on a logical disk. Attempting to secure delete a file with multiple hard links results in a warning from srm stating that the current access path has been unlinked, but the data itself was not overwritten or truncated. This is an undocumented feature of srm 1.2.8 on Mac OS X 10.9, 1 and is erroneously documented in 1.2.11 as a behaviour activated by the. The Secure Empty Trash feature was removed in OS X 10.11 because Apple felt that it could not guarantee secure deletion on the fast flash (SSD) drives that most of its modern models now use. If you use a traditional hard drive with OS X 10.11, and are comfortable with the command line, you can use the Mac's srm command to overwrite the file. Delete Your APFS Partition the Right Way If you use Disk Utility to erase an APFS volume and format it HFS+, you’ll find that the old APFS container sticks around. The same thing happens if you. Aug 09, 2019 The command line used to include the “srm” command that allowed you to securely delete files and folders. Apple removed this command in macOS Sierra for the same reason they removed the Secure.
Note: This appendix was originally part of Mac Technology Overview.
Basic Shell Concepts
Before you start working in any shell environment, there are some basic features of shell scripting that you should understand. Some of these features are specific to OS X, but most are common to all platforms that support shell scripting.
Running Your First Command-Line Tool
In general, you run command-line tools that OS X provides by typing the name of the tool. (The syntax for running tools that you’ve added is described later in this appendix.)
For example, if you run the
ls command, by default, it lists the files in your home directory. To run this command, type ls and press Return.
Most tools also can take a number of flags (sometimes called switches). For example, you can get a “long” file listing (with additional information about every file) by typing
ls -l and pressing Return. The -l flag tells the ls command to change its default behavior.
Similarly, most tools take arguments. For example, to show a long listing of the files on your OS X desktop, type
ls -l Desktop and press Return. In that command, the word Desktop is an argument that is the name of the folder that contains the contents of your OS X desktop.
In addition, some tools have flags that take flag-specific arguments in addition to the main arguments to the tool as a whole.
Specifying Files and Directories
Most commands in the shell operate on files and directories, the locations of which are identified by paths. The directory names that make up a path are separated by forward-slash characters. For example, the Terminal program is in the
Utilities folder within the Applications folder at the top level of your hard drive. Its path is /Applications/Utilities/Terminal.app .
The shell (along with, for that matter, all other UNIX applications and tools) also has a notion of a current working directory. When you specify a filename or path that does not start with a slash, that path is assumed to be relative to this directory. For example, if you type
cat foo , the cat command prints the contents of the file foo in the current directory. You can change the current directory using the cd command.
Finally, the shell supports a number of directory names that have a special meaning.
Table A-1 lists some of the standard shortcuts used to represent specific directories in the system. Because they are based on context, these shortcuts eliminate the need to type full paths in many situations.
File and directory names traditionally include only letters, numbers, hyphens, the underscore character (
_ ), and often a period (. ) followed by a file extension that indicates the type of file (.txt , for example). Most other characters, including space characters, should be avoided because they have special meaning to the shell.
Although some OS X file systems permit the use of these other characters, including spaces, you must do one of the following:
For example, the path name
My Disk can be written as 'My Disk' , 'My Disk' , or My Disk .
Single quotes are safer than double quotes because the shell does not do any interpretation of the contents of a single-quoted string. However, double quotes are less likely to appear in a filename, making them slightly easier to use. When in doubt, use a backslash before the character in question, or two backslashes to represent a literal backslash.
For more detailed information, see Quoting Special Characters in Flow Control, Expansion, and Parsing.
Accessing Files on Additional Volumes
On a typical UNIX system, the storage provided by local disk drives is presented as a single tree of files descending from a single root directory. This differs from the way the Finder presents local disk drives, which is as one or more volumes, with each volume acting as the root of its own directory hierarchy. To satisfy both worlds, OS X includes a hidden directory,
Volumes , at the root of the local file system. This directory contains all of the volumes attached to the local computer.
To access the contents of other local (and many network) volumes, you prefix the volume-relative path with
/Volumes/ followed by the volume name. For example, to access the Applications directory on a volume named MacOSX , you would use the path /Volumes/MacOSX/Applications .
Note: To access files on the boot volume, you are not required to add volume information, since the root directory of the boot volume is
/ . Including the volume information still works, though, so if you are interacting with the shell from an application that is volume-aware, you may want to add it, if only to be consistent with the way you access other volumes. You must include the volume information for all volumes other than the boot volume.
Input And Output
Most tools take text input from the user and print text out to the user’s screen. They do so using three standard file descriptors, which are created by the shell and are inherited by the program automatically. These standard file descriptors are listed in Table A-2.
To learn more about working with these descriptors, including redirecting the output of one tool to the input of another, read Shell Input and Output.
Terminating Programs
To terminate the currently running program from the command line, press Control-C. This keyboard shortcut sends an abort (
ABRT ) signal to the currently running process. In most cases this causes the process to terminate, although some tools may install signal handlers to trap this signal and respond differently. (See Trapping Signals in Advanced Techniques for details.)
In addition, you can terminate most scripts and command-line tools by closing a Terminal window or SSH connection. This sends a hangup (
HUP ) signal to the shell, which it then passes on to the currently running program. If you want a program to continue running after you log out, you should run it using the nohup command, which catches that signal and does not pass it on to whatever command it invokes.
Frequently Used Commands
Shell scripting involves a mixture of built-in shell commands and standard programs that run in all shells. Although most shells offer the same basic set of commands, there are often variations in the syntax and behavior of those commands. In addition to the shell commands, OS X also provides a set of standard programs that run in all shells.
Table A-3 lists some commands that are commonly used interactively in the shell. Most of the items in this table are not specific to any given shell. For syntax and usage information for each command, see the corresponding man page. For a more in-depth list of commands and their accompanying documentation, see OS X Man Pages.
Environment Variables
Some programs require the use of environment variables for their execution. Environment variables are variables inherited by all programs executed in the shell’s context. The shell itself uses environment variables to store information such as the name of the current user, the name of the host computer, and the paths to any executable programs. You can also create environment variables and use them to control the behavior of your program without modifying the program itself. For example, you might use an environment variable to tell your program to print debug information to the console.
To set the value of an environment variable, you use the appropriate shell command to associate a variable name with a value. For example, to set the environment variable
MYFUNCTION to the value MyGetData in the global shell environment you would type the following command in a Terminal window:
When you launch an application from a shell, the application inherits much of its parent shell’s environment, including any exported environment variables. This form of inheritance can be a useful way to configure the application dynamically. For example, your application can check for the presence (or value) of an environment variable and change its behavior accordingly. Different shells support different semantics for exporting environment variables, so see the man page for your preferred shell for further information.
Child processes of a shell inherit a copy of the environment of that shell. Shells do not share their environments with one another. Thus, variables you set in one Terminal window are not set in other Terminal windows. Once you close a Terminal window, any variables you set in that window are gone.
If you want the value of a variable to persist between sessions and in all Terminal windows, you must either add it to a login script or add it to your environment property list. See Before You Begin for details.
Similarly, environment variables set by tools or subshells are lost when those tools or subshells exit.
Running User-Added Commands
As mentioned previously, you can run most tools by typing their name. This is because those tools are located in specific directories that the shell searches when you type the name of a command. The shell uses the
PATH environment variable to control where it searches for these tools. It contains a colon-delimited list of paths to search--/usr/bin:/bin:/usr/sbin:/sbin , for example.
If a tool is in any other directory, you must provide a path for the program to tell it where to find that tool. (For security reasons, when writing scripts, you should always specify a complete, absolute path.)
For security reasons, the current working directory is not part of the default search path (
PATH ), and should not be added to it. If it were, then another user on a multi-user system could trick you into running a command by adding a malicious tool with the same name as one you would typically run (such as the ls command) or a common misspelling thereof.
For this reason, if you need to run a tool in the current working directory, you must explicitly specify its path, either as an absolute path (starting from
/ ) or as a relative path starting with a directory name (which can be the . directory). For example, to run the MyCommandLineProgram tool in the current directory, you could type ./MyCommandLineProgram and press Return.
With the aforementioned security caveats in mind, you can add new parts (temporarily) to the value of the
PATH environment variable by doing the following:
If you want the additional path components to persist between sessions and in all Terminal windows, you must either add it to a login script or add it to your environment property list. See Before You Begin for details.
Running Applications
To launch an application, you can generally either:
Note: As a general rule, if you launch a GUI application from a script, you should run that script only within Terminal or another GUI application. You cannot necessarily launch an GUI application when logged in remotely (using SSH, for example). In general, doing so is possible only if you are also logged in using the OS X GUI, and in some versions of OS X, it is disallowed entirely.
Learning About Other Commands
At the command-line level, most documentation comes in the form of man pages (short for manual). Man pages provide reference information for many shell commands, programs, and POSIX-level concepts. The manual page
manpages describes the organization of manual, and the format and syntax of individual man pages.
To access a man page, type the
man command followed by the name of the thing you want to look up. For example, to look up information about the bash shell, you would type man bash . The man pages are also included in the OS X Developer Library (OS X Man Pages).
You can also search the manual pages by keyword using the
apropos command.
Note: Not all commands and programs have man pages. For a list of available man pages, look in the
/usr/share/man directory or see OS X Man Pages in the OS X Developer Library.
Most shells have a command or man page that displays the list of commands that are built into the shell (builtins). Table A-4 lists the available shells in OS X along with the ways you can access the list of builtins for the shell.
Secure Delete Tool For Mac Os X Command Line Basics
Copyright © 2003, 2014 Apple Inc. All Rights Reserved. Terms of Use | Privacy Policy | Updated: 2014-03-10
-->
Secure Delete Tool For Mac Os X Command Line Free
By Mark Russinovich
Published: December 11, 2018
Download SDelete(221 KB)
Introduction
One feature of Windows NT/2000's (Win2K) C2-compliance is that itimplements object reuse protection. This means that when an applicationallocates file space or virtual memory it is unable to view data thatwas previously stored in the resources Windows NT/2K allocates for it.Windows NT zero-fills memory and zeroes the sectors on disk where a fileis placed before it presents either type of resource to an application.However, object reuse does not dictate that the space that a fileoccupies before it is deleted be zeroed. This is because Windows NT/2Kis designed with the assumption that the operating system controlsaccess to system resources. However, when the operating system is notactive it is possible to use raw disk editors and recovery tools to viewand recover data that the operating system has deallocated. Even whenyou encrypt files with Win2K's Encrypting File System (EFS), a file'soriginal unencrypted file data is left on the disk after a new encryptedversion of the file is created.
The only way to ensure that deleted files, as well as files that youencrypt with EFS, are safe from recovery is to use a secure deleteapplication. Secure delete applications overwrite a deleted file'son-disk data using techiques that are shown to make disk dataunrecoverable, even using recovery technology that can read patterns inmagnetic media that reveal weakly deleted files. SDelete (SecureDelete) is such an application. You can use SDelete both to securelydelete existing files, as well as to securely erase any file data thatexists in the unallocated portions of a disk (including files that youhave already deleted or encrypted). SDelete implements the Departmentof Defense clearing and sanitizing standard DOD 5220.22-M, to give youconfidence that once deleted with SDelete, your file data is goneforever. Note that SDelete securely deletes file data, but not filenames located in free disk space.
Using SDelete
SDelete is a command line utility that takes a number of options. Inany given use, it allows you to delete one or more files and/ordirectories, or to cleanse the free space on a logical disk. SDeleteaccepts wild card characters as part of the directory or file specifier.
Usage: sdelete [-p passes] [-s] [-q] <file or directory>...
sdelete [-p passes] [-z|-c] [drive letter] ... ![]()
How SDelete Works
Securely deleting a file that has no special attributes is relativelystraight-forward: the secure delete program simply overwrites the filewith the secure delete pattern. What is more tricky is securely deletingWindows NT/2K compressed, encrypted and sparse files, and securelycleansing disk free spaces.
Compressed, encrypted and sparse are managed by NTFS in 16-clusterblocks. If a program writes to an existing portion of such a file NTFSallocates new space on the disk to store the new data and after the newdata has been written, deallocates the clusters previously occupied bythe file. NTFS takes this conservative approach for reasons related todata integrity, and in the case of compressed and sparse files, in casea new allocation is larger than what exists (the new compressed data isbigger than the old compressed data). Thus, overwriting such a file willnot succeed in deleting the file's contents from the disk.
To handle these types of files SDelete relies on the defragmentationAPI. Using the defragmentation API, SDelete can determine preciselywhich clusters on a disk are occupied by data belonging to compressed,sparse and encrypted files. Once SDelete knows which clusters containthe file's data, it can open the disk for raw access and overwrite thoseclusters.
Cleaning free space presents another challenge. Since FAT and NTFSprovide no means for an application to directly address free space,SDelete has one of two options. The first is that it can, like it doesfor compressed, sparse and encrypted files, open the disk for raw accessand overwrite the free space. This approach suffers from a big problem:even if SDelete were coded to be fully capable of calculating the freespace portions of NTFS and FAT drives (something that's not trivial), itwould run the risk of collision with active file operations taking placeon the system. For example, say SDelete determines that a cluster isfree, and just at that moment the file system driver (FAT, NTFS) decidesto allocate the cluster for a file that another application ismodifying. The file system driver writes the new data to the cluster,and then SDelete comes along and overwrites the freshly written data:the file's new data is gone. The problem is even worse if the cluster isallocated for file system metadata since SDelete will corrupt the filesystem's on-disk structures.
The second approach, and the one SDelete takes, is to indirectlyoverwrite free space. First, SDelete allocates the largest file itcan. SDelete does this using non-cached file I/O so that the contentsof the NT file system cache will not be thrown out and replaced withuseless data associated with SDelete's space-hogging file. Becausenon-cached file I/O must be sector (512-byte) aligned, there might besome left over space that isn't allocated for the SDelete file evenwhen SDelete cannot further grow the file. To grab any remaining spaceSDelete next allocates the largest cached file it can. For both ofthese files SDelete performs a secure overwrite, ensuring that all thedisk space that was previously free becomes securely cleansed.
Secure Delete Tool For Mac Os X Command Line Tool
On NTFS drives SDelete's job isn't necessarily through after itallocates and overwrites the two files. SDelete must also fill anyexisting free portions of the NTFS MFT (Master File Table) with filesthat fit within an MFT record. An MFT record is typically 1KB in size,and every file or directory on a disk requires at least one MFT record.Small files are stored entirely within their MFT record, while filesthat don't fit within a record are allocated clusters outside the MFT.All SDelete has to do to take care of the free MFT space is allocatethe largest file it can - when the file occupies all the available spacein an MFT Record NTFS will prevent the file from getting larger, sincethere are no free clusters left on the disk (they are being held by thetwo files SDelete previously allocated). SDelete then repeats theprocess. When SDelete can no longer even create a new file, it knowsthat all the previously free records in the MFT have been completelyfilled with securely overwritten files.
To overwrite file names of a file that you delete, SDelete renames thefile 26 times, each time replacing each character of the file's namewith a successive alphabetic character. For instance, the first renameof 'foo.txt' would be to 'AAA.AAA'.
The reason that SDelete does not securely delete file names whencleaning disk free space is that deleting them would require directmanipulation of directory structures. Directory structures can have freespace containing deleted file names, but the free directory space is notavailable for allocation to other files. Hence, SDelete has no way ofallocating this free space so that it can securely overwrite it.
Download SDelete(151 KB)
Secure Delete Tool For Mac Os X Command Lines
Runs on:
Secure Delete Tool For Mac Os X Command Line Download
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2020
Categories |