防止`dd`破坏SSD或HDD
我有两个SSD和HDD。
当我使用sudo dd if=/dev/zero of=/dev/sdd count=1000好事就会发生,我从USB闪存盘擦除分区。
当我使用sudo dd if=/dev/zero of=/dev/sdb count=1000会发生坏事,我从500 GB硬盘中丢失了Windows 7和Ubuntu 14.04分区。
坏事发生过一次。 我怎样才能阻止dd再次这样做?
即检查of=不包含sda , sdb或sdc 。
创建dd包装器脚本
使用Ctrl + Alt + T打开终端。 然后使用以下命令调用gedit :
gksu gedit /usr/local/bin/dd
并复制并粘贴这些命令:
#!/bin/bash # Who called this script? PARENT_COMMAND="$(ps -o comm= $PPID)" if [[ $(id -u) != 0 ]]; then # Only non-root processes enter password (ie "sudo dd ..." is ok) echo dd must be called with sudo powers exit 1 fi # log dd usage for audit trails # log-file '"$PARENT_COMMAND"" - ""$@"' "/var/log/dd-usage" # Display hints & arguments. Get any key to proceed or +C to abort echo "╔════════════════════════════════════════════════════════════════╗" echo "║ ║" echo "║ dd - Data Duplicator ║" echo "║ ║" echo "╚════════════════════════════════════════════════════════════════╝" echo echo " Parameter 1 hint: if=/dev/zero" echo " Parameter 2 hint: of=/dev/sdY where Y cannot be a, b or c" echo " Parms >2 hints: bs=512 is default block size" echo " Parms >2 hints: count=100 will process 100 blocks" echo echo " Use /bin/dd --help for more info (don't use dd --help)" echo # Display drive letterss, names and sizes without partitions for guide lsblk -ido KNAME,TYPE,SIZE,MODEL echo echo " Current parameters: "”$@” echo echo " Press to continue or +C to abort." read ANYKEY if [[ "$2" != of=* ]]; then echo -e "\a" # PC speaker beep or pleasant bell with PulseAudio hooks echo "ERROR! Parameter 2 must start with 'of=' (output file=)" exit 2 fi if [[ "$2" =~ "sda" ]]; then echo -e "\a" # PC speaker beep or pleasant bell with PulseAudio hooks echo "ERROR! Output file (of=) cannot be /dev/sda" exit 2 fi if [[ "$2" =~ "sdb" ]]; then echo -e "\a" # PC speaker beep or pleasant bell with PulseAudio hooks echo "ERROR! Output file (of=) cannot be /dev/sdb" exit 2 fi if [[ "$2" =~ "sdc" ]]; then echo -e "\a" # PC speaker beep or pleasant bell with PulseAudio hooks echo "ERROR! Output file (of=) cannot be /dev/sdc" exit 2 fi # Call REAL dd command with parameters passed to this wrapper sript /bin/dd "$@" exit 0
保存文件并退出gedit 。
最后将新的dd标记为可执行文件:
sudo chmod +x /usr/local/bin/dd
它看起来像什么
下面是在不使用受保护的驱动器的情况下调用新的dd脚本时它在终端屏幕上的显示方式。
$ sudo dd if=/dev/zero of=/dev/sdd bs=512 count=100 ╔════════════════════════════════════════════════════════════════╗ ║ ║ ║ dd - Data Duplicator ║ ║ ║ ╚════════════════════════════════════════════════════════════════╝ Parameter 1 hint: if=/dev/zero Parameter 2 hint: of=/dev/sdY where Y cannot be a, b or c Parms >2 hints: bs=512 is default block size Parms >2 hints: count=100 will process 100 blocks Use /bin/dd --help for more info (don't use dd --help) KNAME TYPE SIZE MODEL sda disk 223.6G KINGSTON SHSS37A sdb disk 465.8G ST9500423AS sdc disk 119.2G KingFast sdd disk 29.8G USB Flash Drive sr0 rom 1024M DVD+-RW GT80N Current parameters: 'if=/dev/zero of=/dev/sdd bs=512 count=100' Press to continue or +C to abort. 100+0 records in 100+0 records out 51200 bytes (51 kB, 50 KiB) copied, 0.00339331 s, 15.1 MB/s
笔记
因为包装器脚本位于/usr/local/bin所以在常规命令存储在/bin之前调用它。
第二个参数必须以of=开头,并且不能包含sda , sdb或sdc ,根据您的安装添加更多驱动器来保护或减去驱动器。
线条绘制字符可能无法在较旧的平台或不同的字符集上使用。 使用“+ — +”表示顶行和底行以及“|” 中间线或完全删除它们。
log-file是用于将命令记录到审计文件的脚本。 您可以使用自己的命令替换它,并通过删除前导#取消注释该行。