A A
RSS

Adding a Secure Delete Option to Nautilus File Manager in Linux

Wed, Jul 7, 2010

Tweet this!

I’ve previously written about how to securely and permanently delete files in Linux and Windows. The programs I mentioned in those tutorials were all command-line baed, but this tutorial will show you how to add a secure-delete option to the contextual menu in Ubuntu and Fedora Linux.

  1. Install the Nautilus Actions Configuration utility
  2. First, install the nautilus-actions package, which provides a graphical utility for editing the Nautilus right-click menu. We’ll use this utility to add the secure delete option. You can install the nautilus-actions package by using the following command:

    Fedora Ubuntu
    sudo yum install nautilus-actions sudo apt-get install nautilus-actions

    Once installed, you can configure the new menu option.

  3. Configure the new menu option
  4. Now you should have an option in the Preferences menu called “Nautilus Actions Configuration.” This will allow you to specify the new option for securely deleting files from the file manager. Click the “define new action” button (or select it from the file menu). Specify the information as shown below (feel free to use whatever text you want as the label and tooltip; this is up to you!):

    Next, click the “Command” tab. This is where you’ll specify what the new menu item will actually do when it’s clicked. As you see below, I am using the shred program as my secure-delete method, which is located at /usr/bin/shred. For the paramters, I need to specify -u in order to have shred delete the file once it’s been overwritten.

    Clicking the “legend” button shows that the option to pass a list of files to the commandline is %M. So my full paramters string becomes “-u %M”. You should feel free to customize the command however you like, by reading the manpage for the command you are using, and by referencing the legend to figure out which substitution strings to use. For example, you might want to use the “-z” option for shred, which will use a final pass of zeros, to “hide” that the file has been shredded, or the “-n” option to specify the number of passes to use.

    Finally, you’ll want to set the conditions under which the menu item appears. In the “Conditions” tab, I’ve selected for the secure delete option to appear only when files are selected, and to allow it to be used on multiple files at once. Here is how my Conditions tab looks:

    With that, double-check that you’ve entered everything correctly, and click “Save” in the file menu.

  5. Test it out
  6. That’s all you need to do — the only thing left is to test that it works. Find some files you want to shred, or create a few dummy files (obviously don’t use this on data you need to keep!). I used a bash “for” loop to create a few test files, and then opened Nautilus to the directory where I put them.

    Selecting them all and right-clicking, I see the secure deletion option. Clicking it and watching in “top” shows that it is working correctly. Those files are gone!

  7. You can use this for anything!
  8. The nautilus-actions utility can be used for more than just adding secure-deletion options to the file manager; you can use it to execute any command-line operation you want. What are some things that you might add to the Nautilus menu? What other file manager hacks do you find useful? Leave your ideas in the comments below!

    8SQHVUP4GCZ8

Like this post?

25 Responses to “Adding a Secure Delete Option to Nautilus File Manager in Linux”

  1. Ian MacGregor says:

    Thanks! I have successfully converted several old nautilus scripts to nautilus actions because of this tutorial.

  2. I R A Darth Aggie says:

    Nice. Only gotcha is that shred doesn’t have a “-i” switch, but it does have “-n N” or “–iterations=N” switches if you want to specify more data writing passes than the default of 3.

  3. iguest says:

    Is this still valid?
    CAUTION: Note that shred relies on a very important assumption: that the filesystem overwrites data in place. This is the traditional way to do things, but many modern filesystem designs do not satisfy this assumption. The following are examples of filesystems on which shred is not effective:

    * log-structured or journaled filesystems, such as those supplied with

    AIX and Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)

    Source: http://linux.about.com/library/cmd/blcmdl1_shred.htm

    • Jonathan DePrizio says:

      Take a look at Larry’s post below, and my response (#4916 and #4921)

      Thanks for commenting!

  4. theshwam says:

    Neat, just did this and it appears to work like a charm. Thanks for the tip!

  5. theshwam says:

    I think another useful one would be the standard “open a terminal at this location”. I think there is some other way to do this, but this seems like a more flexible way to achieve the same thing.

  6. Chris says:

    I followed it, went back and double check, cmd didn’t appear, could I have missed something…. I like the idea of this so I really want it to work.

    • Jonathan DePrizio says:

      Hi Chris,

      Can you close the Nautilus Actions program, re-open it, and then check that all your settings appear exactly like they are in the screenshots?

    • theshwam says:

      Yeah I had to open up a terminal and do

      pkill nautilus

      and reopening a folder first.

  7. Larry Thiel says:

    Please be sure to look at the man page for shred. Specifically the CAUTION toward the end which I quote here:

    CAUTION: Note that shred relies on a very important assumption: that the file
    system overwrites data in place. This is the traditional way to do things, but
    many modern file system designs do not satisfy this assumption. The following
    are examples of file systems on which shred is not effective, or is not guaran‐
    teed to be effective in all file system modes:

    * log-structured or journaled file systems, such as those supplied with AIX and
    Solaris (and JFS, ReiserFS, XFS, Ext3, etc.)

    * file systems that write redundant data and carry on even if some writes fail,
    such as RAID-based file systems

    * file systems that make snapshots, such as Network Appliance’s NFS server

    * file systems that cache in temporary locations, such as NFS version 3 clients

    * compressed file systems

    In the case of ext3 file systems, the above disclaimer applies (and shred is
    thus of limited effectiveness) only in data=journal mode, which journals file
    data in addition to just metadata. In both the data=ordered (default) and
    data=writeback modes, shred works as usual. Ext3 journaling modes can be
    changed by adding the data=something option to the mount options for a particu‐
    lar file system in the /etc/fstab file, as documented in the mount man page (man
    mount).

    In addition, file system backups and remote mirrors may contain copies of the
    file that cannot be removed, and that will allow a shredded file to be recovered
    later.

    • Jonathan DePrizio says:

      Hi Larry,

      Yes, this is true. But it’s important to point out that by default, an Ubuntu and a Fedora installation will use data=ordered mode, which means that shred will work just fine, for security purposes.

      But it is important to point out that it is not entirely secure in all circumstances, thanks.

  8. Maisey says:

    Hey thanks for this tutorial, it’s the first time I have found your site it looks cool.

    On ubuntu 10.04 (nb I’m not that techie) it seems to work for me when I try it out but what do you mean by ‘watching in “top”’ and what was the black and red text screenshot of next to the nautilus screenshot??

    • Jonathan DePrizio says:

      Hi Maisely,

      Glad you enjoyed the article. Let met blatantly plug the RSS feed… subscribe to the RSS feed to get posts sent straight to your inbox or feedreader!

      Ok, now that I’ve done that… to answer your questions, try opening a terminal and running ‘top’. Just open the terminal, type top and press enter. You’ll see the processes on your computer that are doing things; the higher in the list, the more CPU the process is using.

      So, by “watching in top” you can see what programs are doing things on your machine. So, with this tutorial for example, by “watching top” you can make sure your command is actually being executed.

      Press ‘z’ to get the colors… they’re just for fun.

  9. appleandsandwich says:

    Hello,

    I followed the instructions to the letter and successfully installed nautilus-actions in my Edubuntu 10.04 i386 system.
    However, there is no “Actions” tab in the nautilus file manager preferences. I reinstalled nautilus-actions, reboot, log-on and log-off but still no actions tab.

    Could this be related to the fact that I am running not the usual nautilus but nautilus-elementary with breadcrumbs?

    Thanks for your help.

  10. Chris says:

    Thankyou for this, really helpful and clear instructions for a newbie convert like myself. Likewise to theschwam above I had to do pkill before it appeared (now I learnt about pkill-can’t be bad)

    cheers

    Chris

  11. Rigel says:

    Just a note, this does not work in Nautilus 2.30.0
    running on Ubuntu netbook i386 ver 10.04. ext4 fs
    (EeePC 1000)

    Ubuntu 2.6.32-24.42 generic 2.6.32.15+drm33.5

    The option in the “Preferences” menu does not appear.

    regards, r

  12. gringo guy says:

    But there are cases where shred will not work as expected, yes?

    As a Ubuntu noob, I had no idea about ‘data=ordered mode’ or how to check this. Perhaps better to use a TrueCrypt volume for sensitive files, and then add the ‘Delete’ command to Nautilus which will avoid sending files from an encrypted folder to the Trash (as shown here: http://www.liberiangeek.net/2010/09/bypass-trash-bin-enable-delete-nautilus-context-menu-ubuntu-10-0410-10-maverick-meerkat/).

  13. Matthew says:

    Thanks, it worked good. Like a few other commenters, the “Nautilus Action Configuration” did not show up in the “Preferences” after installation. I found out through another post that this is *not* the Nautilus menu item “Preferences”, it is the System Preferences. The Nautilus Action Configuration was installed there – I was just looking at the wrong preferences.

  14. Richard says:

    Very nice! Unfortunately I can’t figure it out to run on 11.04 Natty. Can’t wait to read your update. Thank you.

Trackbacks/Pingbacks

  1. Add secure deletion to Nautilus « 0ddn1x: tricks with *nix - 09. Jul, 2010

    [...] deletion to Nautilus Filed under: Linux,Security — 0ddn1x @ 2010-07-09 22:09:09 +0000 http://techthrob.com/2010/07/07/adding-a-secure-delete-option-to-nautilus-file-manager-in-linux/ Leave a Comment TrackBack [...]

Leave a Reply

Weekly Poll

What's the best Linux distribution for desktops?

View Results

Loading ... Loading ...

Search TechThrob

Advertisement