Hi Everyone, When providing Xen guests to cutomers, it is important to make sure that the LVM LV is "zeroed" before use. What is the correct syntax to do this? I''ve tried: dd if=/dev/zero of=/dev/vg0/lvname however this seems to go on forever (unless my test machine is just slow!) Any ideas? Thanks _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
Hi Jonathan, On 12/6/10 5:24 PM, Jonathan Tripathy wrote:> Hi Everyone, > > When providing Xen guests to cutomers, it is important to make sure > that the LVM LV is "zeroed" before use. What is the correct syntax to > do this? > > I''ve tried: > > dd if=/dev/zero of=/dev/vg0/lvname > > however this seems to go on forever (unless my test machine is just > slow!) > > Any ideas?That command will use a default block size of 512 bytes which takes, indeed, forever. Try: dd if=/dev/zero of=/dev/vg0/lvname bs=1M Regards, Thomas _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On Mon, Dec 6, 2010 at 6:24 PM, Jonathan Tripathy <jonnyt@abpni.co.uk> wrote:> Hi Everyone, > > When providing Xen guests to cutomers, it is important to make sure that the > LVM LV is "zeroed" before use. What is the correct syntax to do this? >What do you mean it should be "zero''d" ?> I''ve tried: > > dd if=/dev/zero of=/dev/vg0/lvname > > however this seems to go on forever (unless my test machine is just slow!) > > Any ideas? > > Thanks > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-users >-- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On 06/12/10 16:45, Rudi Ahlers wrote:> On Mon, Dec 6, 2010 at 6:24 PM, Jonathan Tripathy<jonnyt@abpni.co.uk> wrote: >> Hi Everyone, >> >> When providing Xen guests to cutomers, it is important to make sure that the >> LVM LV is "zeroed" before use. What is the correct syntax to do this? >> > What do you mean it should be "zero''d" ?Most regular file systems do not actually remove files from disk when using standard commands such as rm or del. They block are simply marked as "ignore". This means that if you delete an LV, then create a new one, you run the risk of using the same physical portions of the physical disk...which still contains data (marked as "ignore). This means that your new customer could just simple do a disk dump and view all of this data. By zero''ing, you write 00000.... to the whole LV before placing your OS on top, so no data from past customers is available Hope this helps Cheers Jonathan _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On 06/12/10 16:39, Thomas Ronner wrote:> Hi Jonathan, > > On 12/6/10 5:24 PM, Jonathan Tripathy wrote: >> Hi Everyone, >> >> When providing Xen guests to cutomers, it is important to make sure >> that the LVM LV is "zeroed" before use. What is the correct syntax to >> do this? >> >> I''ve tried: >> >> dd if=/dev/zero of=/dev/vg0/lvname >> >> however this seems to go on forever (unless my test machine is just >> slow!) >> >> Any ideas? > > That command will use a default block size of 512 bytes which takes, > indeed, forever. Try: > > dd if=/dev/zero of=/dev/vg0/lvname bs=1M > >Thanks for that! I''m now getting No space left on device. I''m guessing I have to use a count parameter. What value would I set it at? Thanks _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On 12/6/10 5:52 PM, Jonathan Tripathy wrote:> dd if=/dev/zero of=/dev/vg0/lvname bs=1M> Thanks for that! > > I''m now getting No space left on device. I''m guessing I have to use a > count parameter. What value would I set it at?That''s because it tries to write beyond the last block. Don''t worry, that''s normal if not specifying count, which works just fine. When scripting this I think it''s best to use the count parameter to get a zero exit status. count is the amount of blocks. In this case, a block is 1M, so count is the total amount of megabytes of your lv. To know exactly how big your lv is, here an example from my machine: # pvdisplay --- Physical volume --- PV Name /dev/md2 VG Name vg PV Size 463.71 GB / not usable 3.00 MB Allocatable yes PE Size (KByte) 4096 Total PE 118710 Free PE 4552 Allocated PE 114158 PV UUID gRkqNW-VDea-4LA4-mK1k-oBo0-ri1U-ZQOD2l The PE size is 4096 kb. You can use this as your block size. # lvdisplay /dev/vg/netbsd --- Logical volume --- LV Name /dev/vg/netbsd VG Name vg LV UUID ypfOxB-MtCK-oZj9-v2OC-yekH-37t6-42X7dc LV Write Access read/write LV Status available # open 1 LV Size 10.00 GB Current LE 2560 Segments 2 Allocation inherit Read ahead sectors auto - currently set to 256 Block device 253:35 2560 LE''s; this is the amount of blocks. So the complete command: # dd if=/dev/zero of=/dev/vg/netbsd bs=4096K count=2560 Untested, because I don''t want to hose my LV :-) Thomas. _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users
On 12/06/2010 10:24 AM, Jonathan Tripathy wrote:> Hi Everyone, > > When providing Xen guests to cutomers, it is important to make sure > that the LVM LV is "zeroed" before use. What is the correct syntax to > do this? > > I''ve tried: > > dd if=/dev/zero of=/dev/vg0/lvname > > however this seems to go on forever (unless my test machine is just > slow!) > > Any ideas? > > Thanks > > _______________________________________________ > Xen-users mailing list > Xen-users@lists.xensource.com > http://lists.xensource.com/xen-usersWhy not using a tool for wiping disks like shred or wipe, here some info: http://www.sysresccd.org/Sysresccd-manual-en_Secure_Deletion_of_Data Best regards. -- Jorge Armando Medina Computación Gráfica de México Web: http://www.e-compugraf.com Tel: 55 51 40 72, Ext: 124 Email: jmedina@e-compugraf.com GPG Key: 1024D/28E40632 2007-07-26 GPG Fingerprint: 59E2 0C7C F128 B550 B3A6 D3AF C574 8422 28E4 0632 _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users