secure remove from BTrFS

mudere · July 27, 2022, 11:29am

On HDD, my partition has been snapshotted, how to secure remove a file from all snapshots? or making CoW feature disable at this second.

arvidjaar · July 27, 2022, 2:06pm

a) you cannot delete single file from read-only snapshot. You can delete the whole snapshot.
b) if “secure erase” means “overwrite file with random content” - that is generally not possible on btrfs which is redirect-on-write (existing data is never overwritten).

dcurtisfra · July 27, 2022, 2:13pm

@mudere:

There’s a SUSE Support document: <https://www.suse.com/support/kb/doc/?id=000019594>.
And, a StackExchange “superuser” article: <https://superuser.com/questions/863588/how-to-delete-a-file-in-all-snapshots-on-a-btrfs-system>.

Unfortunately, nothing in the openSUSE documentation …
The “btrfs-property” man page also, isn’t much help …

arvidjaar · July 27, 2022, 2:16pm

This is very bad advice unless user fully understands all potential effects in which case user does not need this document.

karlmistelberger · July 27, 2022, 2:37pm

The command itself shows:

**6700K:~ #** btrfs property list /backup-home/backup_6  
ro                  read-only status of a subvolume 
compression         compression algorithm for the file or directory 
**6700K:~ #** btrfs property set /backup-home/backup_6 ro false 
ERROR: cannot flip ro->rw with received_uuid set, use force if you really want that 
**6700K:~ #**

You may want to be consistent and change the original subvolume too. But obviously changing ro works:

**6700K:~ #** btrfs property get /home/backup_6 
ro=false 
**6700K:~ #**

You may want to do some exercises before touching the real thing.

dcurtisfra · July 27, 2022, 8:10pm

The user has to understand that, Btrfs Snapshots aren’t meant to be used for backups –


 # btrfs property list /.snapshots/1/snapshot/
ro                  read-only status of a subvolume
compression         compression algorithm for the file or directory
 #

If the hardware medium where the snapshots are stored fails, the snapshots will be lost and therefore the data which was supposed to be backed up will also be lost …
[HR][/HR]IMNSHO, using Btrfs Snapshots as a means to backup user files, is not reliable.

I could be persuaded that, system directories where a snapshot was taken before patches and updates were installed, can be a means of restoring the system if, the patches and/or updates were bad, could be a means to quickly bring the affected systems back into service.
But, I’m absolutely not convinced that, taking snapshots of user directories is a reliable means of performing user backups – it is only a possible means of retrieving files which have been “accidentality” deleted – with the emphasis on possible
…