IBM Support

How to Securely Erase Internal rootvg Disks

Question & Answer


Question

I am de-commissioning my server.  How can I scrub the contents of the rootvg disks?

 

Answer

This technote is a corollary to Scrubbing, Shredding or Sanitizing your Disks to Remove All Data via a small C program (A) which presents general methods of scrubbing disks. In order to scrub rootvg disks, it is necessary to boot the server/partition into maintenance mode and start a shell before mounting filesystems. By default only a limited set of AIX commands are available in maintenance mode, and this technote shows how to run the commands needed for scrubbing while in this mode.

Additionally, if you have a NIM environment you can copy (into the SPOT) any scrub utility such as the "small C program" described in the above technote, and run that from the NIM client.

  1. Boot the server or partition into maintenance mode.  If needed, follow technote Booting AIX into Maintenance Mode Using the HMC
  2. At the menu, select option 2) Access this Volume Group and start a shell before mounting filesystems
  3. At the shell prompt you should see the RAM filesystem and SPOT mounted:
    # mount
      node       mounted        mounted over    vfs       date        options
    -------- ---------------  ---------------  ------ ------------ ---------------
             /dev/ram0        /                jfs    Jan 22 08:33 rw
    mynim    /export/spot/S_71c_TL5_SP3/usr /SPOT/usr     nfs3   Dec 16 23:52              
             /proc            /proc            procfs Dec 16 23:53 rw
  4. Run the following commands to set up the environment:
    # /SPOT/usr/lib/methods/cfg64
    # export LIBPATH=/SPOT/usr/lib
    # mkdir /usr/lib/drivers
    # ln -s /SPOT/usr/lib/drivers/random /usr/lib/drivers
    # randomctl -l
  5. Check the disk names:
    # lspv
    hdisk0          00abcdefdb8b395f                    None
    hdisk1          00abcdef6df2a7e5                    rootvg          active

Now you can run the dd commands described in technote (A) above to scrub the disks. If you wish to use the nshred64 program, place a copy in the SPOT directory on the NIM server, and run it from the NIM client. For example:

# /SPOT/usr/bin/nshred64 /dev/rhdisk1

END OF PROCEDURE

SUPPORT

If you require more assistance, use the following step-by-step instructions to contact IBM to open a case for software with an active and valid support contract. 

1. Document (or collect screen captures of) all symptoms, errors, and messages related to your issue.

2. Capture any logs or data relevant to the situation.

3. Contact IBM to open a case:

   -For electronic support, see the IBM Support Community:
     https://www.ibm.com/mysupport
   -If you require telephone support, see the web page:
      https://www.ibm.com/planetwide/

4. Provide a clear, concise description of the issue.

 - For guidance, see: Working with IBM AIX Support: Describing the problem.

5. If the system is accessible, collect a system snap, and upload all of the details and data for your case.

 - For guidance, see: Working with IBM AIX Support: Collecting snap data

[{"Line of Business":{"code":"LOB08","label":"Cognitive Systems"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG10","label":"AIX"},"ARM Category":[{"code":"a8m0z000000cvzhAAA","label":"Security"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Document Information

Modified date:
21 January 2021

UID

ibm16406608

Page Feedback