On Thu, Apr 13, 2017 at 10:13:54AM +0200, Jan Tulak wrote: > This is something that should be documented, as it is not obvious to > everyone. > > Signed-off-by: Jan Tulak <jtulak@xxxxxxxxxx> > --- > man/man8/xfs_metadump.8 | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/man/man8/xfs_metadump.8 b/man/man8/xfs_metadump.8 > index 3731d6a..1b40fb8 100644 > --- a/man/man8/xfs_metadump.8 > +++ b/man/man8/xfs_metadump.8 > @@ -59,6 +59,12 @@ options where > are not obfuscated. Names between 5 and 8 characters in length inclusively > are partially obfuscated. > .PP > +Log recovery of an obfuscated metadata image can leak > +unobfuscated metadata and/or cause image corruption. Please mount > +the source filesystem to clean the log or disable obfuscation, if possible. > +If you have to obfuscate an image with a dirty log, tell about it to whoever > +you are sending the image to. > +.PP We might want the man page content to be a bit more descriptive than what xfs_metadump actually emits for a warning. For example: "xfs_metadump does not obfuscate data in the filesystem log. Log recovery of an obfuscated metadump image may expose unobfuscated metadata and/or cause filesystem corruption. It is recommended to disable obfuscation for filesystems that must be captured with a dirty log." ... but that's just my .02. Feel free to reword that and solicit more feedback from others too. Another thought here could be to intimate that if an obfuscated+dirty log metadump image is truly required, it is the user responsibility to verify that the resulting image has not been corrupted by the metadump process and does not contain sensitive metadata (as opposed to telling the user to simply tell the recipient of the image about it). Brian > .B xfs_metadump > should not be used for any purposes other than for debugging and reporting > filesystem problems. The most common usage scenario for this tool is when > -- > 2.1.4 > > -- > To unsubscribe from this list: send the line "unsubscribe linux-xfs" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-xfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
