Mail List wrote:
On Wednesday 01 August 2007 12:57:33 pm Adalbert Prokop wrote:
The file /etc/init.d/halt calls /sbin/halt.local if it exists. But it does
so rather late in the shutdown process - maybe too late for your needs...
* Thank you very much - this may be just what I need *
For my needs this will be perfect - I have encrypted /home but I did not
have luck getting encrypted / like my ubuntu friends - so I need to
cryptographically clean /tmp and /var/tmp on shutdown on my laptop for
security purposes. I plan to use a script which uses shred and tmpwatch to
clear them out.
Thank you ... I will try this.
Make sure your /tmp isn't journaled or shred won't really work well.
From man shred
CAUTION: Note that shred relies on a very important assumption: that
the file system overwrites data in place. This is the traditional way
to do things, but many modern file system designs do not satisfy this
assumption. The following are examples of file systems on which shred
is not effective, or is not guaranteed to be effective in all file sys-
tem modes:
* log-structured or journaled file systems, such as those supplied with
AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)
* file systems that write redundant data and carry on even if some
writes
fail, such as RAID-based file systems
* file systems that make snapshots, such as Network Appliance’s NFS
server
* file systems that cache in temporary locations, such as NFS
version 3 clients
* compressed file systems
In the case of ext3 file systems, the above disclaimer applies (and
shred is thus of limited effectiveness) only in data=journal mode,
which journals file data in addition to just metadata. In both the
data=ordered (default) and data=writeback modes, shred works as usual.
Ext3 journaling modes can be changed by adding the data=something
option to the mount options for a particular file system in the
/etc/fstab file, as documented in the mount man page (man mount).
--
Due to the move to Exchange Server,
anything that is a priority, please phone.
Robin Laing
