wipefs Linux command tutorial with examples

The wipefs Linux command utility can be used to erase various types of signatures from a device (partition tables, filesystem signatures, etc…). It is available in the repository of all the most used Linux distributions, and it is usually installed by default as part of of the util-linux package, which contains also other essentials utilities aimed at system maintenance, so we should never have to install it explicitly. In this tutorial we will see how to use wipefs to gather information about the existing signatures and how to erase them.

In this tutorial you will learn:

  • How to obtain a list of the existing signatures without erasing them
  • How to erase all signatures or only some of them by their offset or type
  • How to create and restore a backup of the erased signatures
  • How to simulate an erasing operation
wipefs Linux command tutorial with examples
wipefs Linux command tutorial with examples

Software requirements and conventions used

Software Requirements and Linux Command Line Conventions
Category Requirements, Conventions or Software Version Used
System Distribution-independent
Software wipefs (part of the util-linux package)
Other Administrative privileges in order to install software globally
Conventions # – requires given linux-commands to be executed with root privileges either directly as a root user or by use of sudo command
$ – requires given linux-commands to be executed as a regular non-privileged user

Looking for signatures

Wipefs can be used not only to erase existing signatures on a device, but also to create a report which includes them without performing any modification. In order to do so, all we have to do is to launch the utility without specifying any option, but just passing the device we want to analyze as argument. Let’s make an example. To obtain the list of all the signatures existing on the /dev/sda device, we would run:

$ sudo wipefs /dev/sda

The above command generates an output similar to the following:

DEVICE OFFSET TYPE UUID LABEL
sda    0x1fe  dos

The output is organized in columns which, by default, report information about:

  • The block DEVICE name
  • The OFFSET of the signature
  • The TYPE of the signature
  • The UUID
  • The LABEL

In this case what the utility shows is the signature of the dos partition table found on the device. As you can see, the offset of the signature is expressed in hexadecimal (base 16) form. The 0x1fe value corresponds to 510 bytes. The output of the program, however, can be modified so to include only the information we need. To check the list of the supported columns, all we have to do is to invoke wipefs with the --help option:

$ wipefs --help

At the end of the “help” message we can find what we are looking for:

Available output columns:
     UUID  partition/filesystem UUID
    LABEL  filesystem LABEL
   LENGTH  magic string length
     TYPE  superblok type
   OFFSET  magic string offset
    USAGE  type description
   DEVICE  block device name

The USAGE column can be very useful, since it explicitly inform us what the signature is related to. To choose what information we want to include in the output of wipefs, we invoke the utility with the -O option (--output) and provide the comma separated list of the columns we want to include. For example to include only the DEVICE, OFFSET and USAGE columns, we would write:

$ sudo wipefs --output DEVICE,OFFSET,USAGE /dev/sda

Here is the output of the command above:

DEVICE OFFSET USAGE
sda    0x1fe  partition-table

We can also change the format of the output. If we want to obtain the output in the JSON format, for example to be able to easily parse it later, perhaps with our programming language of choice, we should use the -J option (short for --json). Here is what we would obtain:

$ sudo wipefs -J --output DEVICE,OFFSET,USAGE /dev/sda
{
   "signatures": [
      {"device":"sda", "offset":"0x1fe", "usage":"partition-table"}
   ]
}

Finally, as you may have notice, the utility doesn’t work recursively: if invoked, as we did in the example above, on a whole block device (e.g /dev/sda) it doesn’t include the signatures it finds on each partition of the device itself, so in order for it to find and erase all the signatures on a device we can use a glob:

$ sudo wipefs /dev/sda*

As you can see the output now includes also the signature found at the beginning of the first partition of the device, which, in this case, is a LUKS container:

DEVICE OFFSET TYPE        UUID                                 LABEL
sda    0x1fe  dos
sda1   0x0    crypto_LUKS 1e286e68-b1a9-40d5-af99-58929a480679

Erasing signatures

We just saw how, when invoked without specific options, wipefs just prints the found signatures. In order to be able to actually erase them, we can proceed in three ways. If we want to remove all signatures we can invoke the utility with the corresponding option (-a or --all). To erase all signatures on /dev/sda we would run:

$ sudo wipefs -a /dev/sda*

If we want to remove a specific signature, instead, we have to use the -o option, which is the short for --offset and pass the offset of the signature as argument. By default the number used for the offset is interpreted as bytes, however, if it includes the 0x prefix, it is interpreted as a hexadecimal value. It’s even possible to use common suffixes to specify how the argument should be interpreted, for example KiB, MiB, GiB and so on. Let’s see an example. To remove only the first signature found on /dev/sda, which has the 0x1fe offset value, we would run:

$ sudo wipefs -o 0x1fe /dev/sda

The command should return the following output:

/dev/sda: 2 bytes were erased at offset 0x000001fe (dos): 55 aa
/dev/sda: calling ioctl to re-read partition table: Success

A third method to delete specific signatures is to select them by their type which can be specified using the -t option (--types). The option accepts a comma-separated list as argument. To delete all the signature of type “dos”, for example, we would write:

$ sudo wipefs -a -t dos /dev/sda

By default wipefs Linux command only works on unmounted devices and will refuse to remove signatures from a device which is in use.

Performing a “dry run”

If we want to check how wipefs would behave but don’t want to actually remove the signatures, we can perform a “simulation” (dry run) by using the utility with the -n option (--no-act). As stated in the manual using this option will cause everything to be done except for the final write.

Creating a backup before erasing signatures

Creating backups is always a good idea, especially when performing dangerous operation like in this case. The wipefs utility has a dedicated option which makes so that a backup of each signature is created in a file created using the following template path:

$HOME/wipefs--.bak

Each signature is stored in its own file. To create a backup of all the signatures on /dev/sda, for example, we would write:

$ sudo wipefs --all --backup /dev/sda*

The files that would be created, in this case is /root/wipefs-sda-0x000001fe.bak. Notice that the --backup option can be invoked only when performing an actual erasing, otherwise the utility will notify us that the operation is “meaningless” in the context. The created backups can be easily restored by using dd. To restore the signature in this example we would run:

$ sudo dd if=/root/wipefs-sda-0x000001fe.bak of=/dev/sda seek=$((0x000001fe)) bs=1

In the above command, with if we specify the input file, which in this case is the file containing the signature backup, with of, instead, we provide the output_file (/dev/sda), and establish where the data should be written. With seek we specify the offset which should be used: the data should be provided in bytes, so to convert the hexadecimal value, we use the shell arithmetic expansion ($(())) . Finally, with bs we specify the amount of bytes that dd should read and write at a time.

Conclusions

In this tutorial we learned how to use the wipefs linux command utility in order to remove signatures from filesystems and raw block devices. We saw how the utility can be used to obtain a list of the signature existing on a given device, how to actually erase all of them or only specific ones by their offset or
their type. We also see how it’s possible to create a backup of the signatures before erasing them and how to eventually restore it using dd.



Comments and Discussions
Linux Forum