On 07/19/2016 11:28 AM, Scott Sullivan wrote: > > Could someone please clarify if there is a legitimate reason to worry > about data security of a old (removed) LVM snapshot? > > For example, when you lvremove a LVM snapshot, is it possible for data > to be recovered if you create another LVM and it happens to go into > the same area as the old snapshot we lvremoved? > > If this helps clarify, do we have to worry about security scrubbing a > LVM snapshot for data security ? > Another idea: if your VG is on SSD, and properly aligned, then DISCARD on the new LV will effectively zero it as far as any guest VMs are concerned. (The data is still on the flash until erased by the firmware, of course.) If VG and PE size do not align with the SSD erase block, then you can still zero the "edges" of the new LV, which is much faster (and less wear on the SSD) than zeroing the whole thing. You could always read-verify that the data is actually all zero. _______________________________________________ linux-lvm mailing list linux-lvm@redhat.com https://www.redhat.com/mailman/listinfo/linux-lvm read the LVM HOW-TO at http://tldp.org/HOWTO/LVM-HOWTO/
