dd (Unix)
The program dd is a Unix command which is used for the block-oriented copying or conversion of any files . The size of each "data block" is typically between a single byte and a multiple of the block size of a file system .
history
The utility dd
was already in circulation in the 1970s and has since proven to be indispensable on Unix operating systems. As an important standard tool, the program has become part of the core utilities of the GNU project . There are various further developments under the GPL for data recovery such as B. gddrescue are available, which try to restore as much data as possible despite read errors occurring. For data backup , Restore and Rescue and tasks of forensic developed more programs like dcfldd and dc3dd , based on the concept of build and expand it. For Windows , various open source - ports of available example of. Cygwin and chrysocome.net.
dd
dd
The origin of the program name dd is not completely clear and there are numerous possibilities in various sources:
- In the Job Control Language (JCL) of the IBM S / 360 mainframe computer there is the instruction
DD
for " D ataset D efinition". - Originally intended
cc
as an abbreviation for " c opy and c have been planned onvert", this was however already for the C compiler awarded. - In addition,
dd
“ d uplicate d ata”, “ d isk d ump”, “ d ata d ump”, “ d uplicate d evice”, “ d irect d isc” or any other combination of two of these words can be understood.
Ironic ascription of the acronym
- Because of the frequent use of hardware-based access to the device interfaces of hard drives or their partitions , which is acronym as " d estroy d isk" or " d elete d spelled ata" because typos lead in specifying the input or output devices to complete data loss can.
Working method
According to the Unix principle “ everything is a file ” , dd
both block-oriented and character-based devices can be processed. The block devices use a buffer memory for input and output , which transmits the data to be transmitted in blocks of fixed size (English chunks ). The preset block size is usually 512 bytes , but can be changed using options. All other devices, in particular "raw devices" such as tape drives , are considered unbuffered in the meaning used here, but this has no effect on the function of .
dd
Conversion
dd
can also convert the data when copying, e.g. B. from ASCII to EBCDIC , in lower or upper case letters, swap the byte order or convert data records of fixed length into data records of variable length and vice versa.
Status display
According to the POSIX standard , outputs a status message to STDERRdd
both after the file operations have been completed and when the SIGINT signal is received . In order to enable a progress display when copying large amounts of data , the signal SIGUSR1 (user defined signal 1, cf. ) is used for the BSD and GNU variants . In the example, the program is started in the background in a Bourne-like shell and the process ID is saved in a variable. The second line then outputs status information without terminating the copy process.
dd
kill
dd
dd if=/dev/urandom of=/dev/null bs=1M count=1K & pid=$! # schreibt 1024^2 Byte große Zufalls-Blöcke 1024 mal nach /dev/null (1 GiB Gesamtgröße)
while kill -USR1 $pid; do sleep 1; done # sendet jede Sekunde das Signal SIGUSR1 an den DD-Prozess solange dieser existiert
The dd implementation of the GNU Coreutils from version 8.24 offers the option status=progress
to display the status or progress of the copying process continuously.
dd if=eingabedatei of=ausgabedatei bs=1M count=1K status=progress
Also dcfldd extended dd
to a status display.
Examples
Typical tasks for the use of dd
are e.g. B .:
Back up and restore a partition
dd
An exact copy of a partition can be stored as a normal image file in the existing file system. The device file of the partition is expediently not mounted. Write processes running in parallel in the file system could otherwise lead to an inconsistent image.
dd if=/dev/sda1 of=/tmp/sda1_image
Then, for example, an “undelete” can be attempted on an ext2 / ext3 / ext4 file debugfs -w /dev/sda1
system. To restore the initial state, swap input and output files:
dd of=/dev/sda1 if=/tmp/sda1_image
Make the data carrier illegible
Irrevocable deletion of an entire magnetic hard drive/dev/sda
including all partition information with /dev/urandom
or /dev/zero
under GNU / Linux :
dd if=/dev/urandom of=/dev/sda
oder
dd if=/dev/zero of=/dev/sda
While the information on modern flash drives can be made illegible with this command, in many cases the original data can be restored there. This method is therefore not a safe data destruction method for flash drives. For details, see the main article on solid-state drives .
See also
Web links
-
dd(1)
: convert and copy a file - Open Group Base Specification -
dd(1)
: convert and copy a file - OpenBSD General Commands Manual -
dd(1)
: Converting and Copying a File - Debian GNU / Linux Executable Programs or Shell Commands Manual page
Remarks
- ↑ a b DD Command. Dr. Nikolai Bezroukov, softpanorama.org, accessed on June 13, 2014 (English): "It is jokingly said that dd stands for" destroy disk "or" delete data ", since, being used for low-level operations on hard disks, a small mistake, such as reversing the if and of parameters, may accidentally render the entire disk unusable. "
- ↑ Ddrescue - Data recovery tool. stack exchange inc, November 4, 2012, accessed June 29, 2014 .
- ↑ What's the difference between ddrescue, gddrescue, and dd_rescue? Retrieved July 5, 2014 .
- ↑ a b dcfldd. June 16, 2014, accessed on June 29, 2014 (English): “An Enhanced version of gnu dd with features useful for forensics and security. Key features include on-the-fly hashing, status output and faster disk wiping. "
- ↑ dc3dd. April 22, 2013, accessed on June 29, 2014 (English): "A patch to the GNU dd program, this version has several features intended for forensic acquisition of data. Highlights include hashing on-the-fly, split output files, pattern writing, a progress meter, and file verification. "
- ↑ Linux 'dd' basics. Forensic Focus, accessed June 13, 2014 .
- ↑ dd for windows. chrysocome.net, July 17, 2010, accessed June 29, 2014 .
- ^ A b Prof. Jürgen Plate: Lecture "UNIX". Retrieved June 14, 2014 : “Section 10.3 The UNIX Acrony List: (opinion 1) Dataset Definition (named after the OS / 3x0 JCL DD command who's syntax it also ripped off as a joke); (opinion 2) copy and convert (called `dd 'because` cc' is the C compiler); (opinions 3-n) data, device, disk, dump in various combinations "
- ^ Peter Funk: The Unix Acronym List. Wolfram Rösler, accessed on June 14, 2014 : “Actually` Copy and Convert 'and only renamed to `dd' because` cc 'was already occupied by the `C Compiler'! In any case, that is the authentic information that I took from the man pages of our UNIX-V7 on our Uni PDP-11 . "
- ↑ Mike Shema: Anti-Hacker Tool Kit , 4th Edition, McGraw-Hill Education, 2014, ISBN 978-0-07-180014-3 . P. 536
- ↑ dd according to Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition. The IEEE and The Open Group, 2004, accessed June 18, 2014 .
- ↑ DD (1) - OpenBSD Reference Manual. OpenBSD.org, accessed on June 18, 2014 (English): "If dd receives a SIGINFO (see the" status "argument for stty (1) ) signal, the current input and output block counts will be written to the standard error output in the same format as the standard completion message. "
- ↑ a b dd invocation. gnu.org, accessed on June 18, 2014 (English): “Sending an 'INFO' signal to a running dd process makes it print I / O statistics to standard error and then resume copying. ... On systems lacking the 'INFO' signal dd responds to the 'USR1' signal instead, unless the POSIXLY_CORRECT environment variable is set. "
- ↑ dd: Convert and copy a file. Free Software Foundation, 2016, accessed April 30, 2016 .