[CentOS-virt] Problem with lvm disks assigned to kvm guests

Thu Feb 6 11:17:05 UTC 2014
Dennis Jacobfeuerborn <dennisml at conversis.de>

On 06.02.2014 12:05, C. L. Martinez wrote:
> On Thu, Feb 6, 2014 at 11:01 AM, Dennis Jacobfeuerborn
> <dennisml at conversis.de> wrote:
>> On 06.02.2014 11:45, C. L. Martinez wrote:
>>> Hi all,
>>>    I have a strange problem when I use lvm disks to expose to virtual
>>> guests (host is CentOS 6.5 x86_64). If I remove a kvm guest and all
>>> lvm disks attached to it, and I create a new kvm with another lvm
>>> disks that use the same disk space previously assigned to the previous
>>> kvm guest, this new guest sees all partitions and data. Creating new
>>> lvm volumes with different names to this new kvm doesn't resolves the
>>> problem.
>>> Any idea why??
>> When you delete a volume the data isn't cleared only the metadata
>> removed so if you later create a new volume that ends up using the same
>> area on disk then you will see the old data as expected.
>> If you don't want this to happen then you need to overwrite the volume
>> before you delete it.
>> This is a general issue in virtualization/clouds that you need to take
>> into account for security reasons. See for example:
>> https://github.com/fog/fog/issues/2525
>> Regards,
>>     Dennis
> Many thanks Dennis ... Then if I do:
> dd if=/dev/zero of=/dev/sdc1 bs=1M (it is a 1TiB disk), will erase all
> data and partitions created by the kvm guest??

That should work although if you want to be really safe you should 
probably use /dev/urandom instead of /dev/zero as using random data is a 
better way to deal with the problem of data remanence: