diff options
| author | Nir Soffer <nsoffer@redhat.com> | 2019-01-12 02:18:37 +0200 |
|---|---|---|
| committer | Bryn M. Reeves <bmr@redhat.com> | 2019-03-20 15:11:59 +0000 |
| commit | cdd81d3bef17b68a0b727bdc6e3d77377018e40e (patch) | |
| tree | 742f975edb1ec16bdaaee63a73546dcb4b60b5ab | |
| parent | 4d99cf0edbc6c359fc65e93165f518b70494e027 (diff) | |
| download | sos-cdd81d3bef17b68a0b727bdc6e3d77377018e40e.tar.gz | |
[lvm2] Use metadata_read_only=1 for lvm commands
We use locking_type=0 to ensure that we can collect data even if another
process holds a conflicting lock. This introduce a small risk since even
the read-only commands we use may attempt to recover on-disk data in
some cases. The risk is bigger when running lvm2 plugin in oVirt system,
when LVM is used on shared storage, accessible from many hosts.
Add metadata_read_only=1 to ensure that no command can attempt to do
unwanted on-disk changes.
Fixes: #1533
Resolves: #1538
Signed-off-by: Nir Soffer <nsoffer@redhat.com>
Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
| -rw-r--r-- | sos/plugins/lvm2.py | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/sos/plugins/lvm2.py b/sos/plugins/lvm2.py index 320451ad..24bf685f 100644 --- a/sos/plugins/lvm2.py +++ b/sos/plugins/lvm2.py @@ -37,14 +37,18 @@ class Lvm2(Plugin, RedHatPlugin, DebianPlugin, UbuntuPlugin): self.add_cmd_output(cmd, chroot=self.tmp_in_sysroot()) def setup(self): - # use locking_type 0 (no locks) when running LVM2 commands, - # from lvm.conf: - # Turn locking off by setting to 0 (dangerous: risks metadata - # corruption if LVM2 commands get run concurrently). - # None of the commands issued by sos ever modify metadata and this - # avoids the possibility of hanging lvm commands when another process - # or node holds a conflicting lock. - lvm_opts = '--config="global{locking_type=0}"' + # When running LVM2 comamnds: + # - use locking_type 0 (no locks) from lvm.conf: Turn locking + # off by setting to 0 (dangerous: risks metadata corruption if + # LVM2 commands get run concurrently). This avoids the + # possibility of hanging lvm commands when another process or + # node holds a conflicting lock. + # - use metadata_read_only 1 (forbid on-disk changes). Although + # all LVM2 commands we use should be read-only, any LVM2 + # command may attempt to recover on-disk data in some cases. + # This option prevents such changes, allowing safe use of + # locking_type=0. + lvm_opts = '--config="global{locking_type=0 metadata_read_only=1}"' self.add_cmd_output( "vgdisplay -vv %s" % lvm_opts, |