hi, I come back to you with the memo mentioned : https://github.com/patatetom/lvm-on-readonly-block-device I hope that it will allow you to better understand this problem of alteration of the disk.
as I mentioned, LVM should normally/theoretically not touch the disk as long as it is read-only, but what bothers me the most is the fact that I can't "catch up" by correcting the new 6.1.15 kernel as I did before. regards, lacsaP. Le lun. 20 mars 2023 à 15:15, lacsaP Patatetom <patate...@gmail.com> a écrit : > thank you for this first feedback. > > I am writing a memo on github and will communicate the url soon. > > my question is in the context of digital investigation which does not > admit the alteration of the medium. > of course, there are combinations (/etc/lvm.conf + snap@nbd for example) > which allow in fine not to alter the media but I don't understand why a > media set in read-only mode - eg. chmod 444 + blockdev --setro set before > LVM process - is not protected against LVM modifications... > > regards, lacsaP. > > Le lun. 20 mars 2023 à 15:00, Zdenek Kabelac <zdenek.kabe...@gmail.com> a > écrit : > >> Dne 19. 03. 23 v 11:27 Pascal napsal(a): >> > hi, >> > >> > the bio_check_ro function of the blk-core.c source file of the Linux >> kernel >> > refers to LVM : >> > >> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/block/blk-core.c?h=v6.2.7#n500 >> < >> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/block/blk-core.c?h=v6.2.7#n500 >> > >> > >> > how does LVM currently behave when faced with a device marked as >> readonly ? >> > does it automatically switch itself in readonly mode? >> > >> > according to some tests carried out in a virtual machine, it seems that >> it >> > doesn't and that LVM modifies the disk/partition(s) even though they >> are all >> > readonly (chmod 444 && blockdev --setro). >> >> >> Hi >> >> There is no extra logic around RO devices in lvm2. When lvm2 succeeds >> opening >> device in write mode, it'll use it for writing. >> >> Also note - when you 'activate' a LV in read-write mode - someone opens >> such >> LV/device and you later on 'lvchange' such active LV to read-only mode - >> all >> writers will keep writing to such device. >> >> It's not quite clear which kind of problem you are actually hitting - so >> maybe >> adding some more descriptive environment + logs might give more info >> about >> your individual case. >> >> Note: root admin typically can overwrite any 'mild' protections... >> >> Regards >> >> Zdenek >> >>
_______________________________________________ linux-lvm mailing list linux-lvm@redhat.com https://listman.redhat.com/mailman/listinfo/linux-lvm read the LVM HOW-TO at http://tldp.org/HOWTO/LVM-HOWTO/