Per-slot wipe tool for ps1raf data disks (slots 1..5 → /dev/sdb..sdf). nwipe for HDD, hdparm ATA secure-erase for SSD.
- Python 94.9%
- Shell 5.1%
db908bb404
The mounted-check parses /proc/mounts looking for /dev/sdX-prefixed entries, but for an LVM-backed root the mount line shows the dm/mapper path (/dev/mapper/vg-root), not /dev/sdX. So on this VM where /dev/sdb is the LVM PV that backs '/', the previous gate let pre-flight reach the HDD-detected stage. Wipe would still have been blocked by the missing-nwipe gate on this host, but on a host with nwipe installed the OS disk would have been wiped. Added device_holders() — walks /sys/block/<dev>/holders and the holders/ of every partition. Non-empty holders means the disk is underneath a kernel layer (LVM PV, dm-crypt, mdadm member, multipath). Abort with exit 1 and a note explaining the layer must be torn down first. Verified: 'sudo ps1-wipe 1 --yes --dry-run' on this VM now reports '/dev/sdb is in use by another layer (LVM/...): sdb held by dm-0' and exits 1 before the rotational check. Without this fix, the same command on a host with nwipe installed would have wiped the OS disk. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| install.sh | ||
| ps1-wipe | ||
| README.md | ||
ps1-wiper
Wipe one of the data-disk slots (1..5) on ps1raf with a single command.
Slot → device mapping is fixed:
| Slot | Device |
|---|---|
| 1 | /dev/sdb |
| 2 | /dev/sdc |
| 3 | /dev/sdd |
| 4 | /dev/sde |
| 5 | /dev/sdf |
/dev/sda is the OS disk and is refused by the script — there is no slot 0.
Install
git clone https://ps1raf.tn.ps1.at:3300/raf/ps1-wiper.git
cd ps1-wiper
sudo ./install.sh # apt installs nwipe + hdparm and copies ps1-wipe to /usr/local/bin/
Use
sudo ps1-wipe <slot> # interactive confirm: type the device name
sudo ps1-wipe <slot> --yes # skip confirm (scripted use)
sudo ps1-wipe <slot> --dry-run # show what would run, do nothing
What it does
- Resolve slot → device, refuse anything that isn't /dev/sdb..sdf, refuse /dev/sda outright.
- Verify the block device exists and is not mounted (any partition counts).
- Read
/sys/block/<dev>/queue/rotationalto decide:- HDD (rotational=1):
nwipe --nogui --autonuke --method=zero --rounds=1 --nowait --verify=off /dev/sdX— 1 round of zeros, no UI, no prompts. - SSD (rotational=0): ATA Secure Erase via
hdparm.- Refuses if drive reports
SECURITY FROZEN(kernel blocks erase; needs host suspend/resume). - Uses
--security-erase-enhancedwhen the drive supports it, else--security-erase. - Sets user password
ps1wipe, erases, drive clears password on success.
- Refuses if drive reports
- HDD (rotational=1):
- Every step (start, success, abort, error) is mirrored via
myntfy "note: ps1-wipe: ..."so progress lands on the RAF channel.note:prefix is mandatory — without it the RAF cmd-daemon would re-queue the notification as a new loop task (see corrections in llmwiki).
Exit codes
| Code | Meaning |
|---|---|
| 0 | Wipe completed successfully. |
| 1 | Pre-flight abort (bad slot, no disk, mounted, frozen, tool missing). |
| 2 | The wipe itself failed (nwipe/hdparm returned non-zero). |
Safety notes
- The script never wipes silently. If
myntfyis missing, the status still goes to stderr/journal. - The interactive confirm requires typing the device name back;
--yesis the only way to skip it. - After SSD erase, if
hdparmfails between password-set and erase, recovery hint is logged:hdparm --user-master u --security-disable ps1wipe /dev/sdX. - The ps1raf VM has only /dev/sda + /dev/sdb in the QEMU layout; slots 2..5 are for the real hardware that this script is shipped to. On the VM, slot 1 is the only one that resolves to an actual device — useful for end-to-end testing on a disposable disk.
Stdlib only
ps1-wipe is a single Python file using only the standard library. No venv, no pip,
no shebang fiddling — python3 on Debian 13 is enough.