Deleting files from vault

Hello,

I normally use secure-delete to remove files. When deleting files within the vault, they get moved to a .Trash-1000 folder. Using srm -rvz .Trash-1000/ returns permission denied.

What is the proper method for securely deleting files from the vault in Linux please?

Thanks

Using Ubuntu 20.10 this works on my device as expected:

❯ tree /home/julian/.local/share/Cryptomator/mnt/test_vault/.Trash-1000
/home/julian/.local/share/Cryptomator/mnt/test_vault/.Trash-1000
├── files
│   └── lala.txt
└── info
    └── lala.txt.trashinfo

2 directories, 2 files
❯ srm -vzr /home/julian/.local/share/Cryptomator/mnt/test_vault/.Trash-1000
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping /home/julian/.local/share/Cryptomator/mnt/test_vault/.Trash-1000 DIRECTORY (going recursive now)
Wiping files DIRECTORY (going recursive now)
Wiping lala.txt ************************************** Removed file lala.txt ... Done
Removed directory files ... Done
Wiping info DIRECTORY (going recursive now)
Wiping lala.txt.trashinfo ************************************** Removed file lala.txt.trashinfo ... Done
Removed directory info ... Done
Removed directory /home/julian/.local/share/Cryptomator/mnt/test_vault/.Trash-1000 ... Done
❯ tree /home/julian/.local/share/Cryptomator/mnt/test_vault/.Trash-1000
/home/julian/.local/share/Cryptomator/mnt/test_vault/.Trash-1000 [error opening dir]

0 directories, 0 files

Which permission has your .Trash-1000 folder?

❯ getfacl .Trash-1000
# file: .Trash-1000
# owner: julian
# group: julian
user::rwx
group::rwx
other::r-x
1 Like
dave@dave-pc:~/.local/share/Cryptomator/mnt/D5cOYyhzRDX__1$ sudo srm -rvz .Trash-1000/
[sudo] password for dave: 
Using /dev/urandom for random input.
Wipe mode is secure (38 special passes)
Wiping .Trash-1000/ Error: File .Trash-1000/ - Permission denied
dave@dave-pc:~/.local/share/Cryptomator/mnt/D5cOYyhzRDX__1$  getfacl .Trash-1000# file: .Trash-1000
# owner: dave
# group: dave
user::rwx
group::r-x
other::r-x

The encrypted vault is stored on a USB drive, could this be causing problems?

Ah that’s the difference, I tried it with user privileges…What happens when you execute the command with user privileges (without sudo)?

We’re currently looking into why commands executed as root lead to Permission denied in the vault. This can be reproduced using any command, e.g. ls:

❯ ls
foo/ bar/ baz/
❯ sudo ls
ls: cannot open directory '.': Permission denied
1 Like

Aha, it works. No sudo, no problem. Thanks for your help :grinning:

1 Like