[SOLVED] LVM over iscsi: Delete VM1 with disks. Create new VM2 .. old data from VM1 are available

Denny Fuchs · Dec 7, 2023

hi,

is there a way / hook to make sure, if a VM is purged, that PVE destroys data on the assigned disks first ? I have very often the issue, that data from purged VMs gets available often again, on a new VM. Yesterday I had this issue again, as I've added a 2nd disk to the new VM and create a vg2, but LVM says **there was** still "data" VG and I was able to mount the LV, which was the 2nd disk from a MariaDB. I was pretty astonished, as I would expecting mount issues. Maybe the data will not be fully usable .. but .. not nice.

This thing .. I have on LVM on ISCSI very often. I mean .. its more or less explainable, but a hook to wipe the disks first would be good. I know, that I can start an OS which does the job .. but who knows ...

cu denny

LnxBil · Dec 7, 2023

I would have sworn that I saw the disk beeing wiped, yet I could not reproduce it on FC-based LVM. Maybe it was the case years ago?

I concur that this is very bad and a security issue. On ZFS-based store, this is not the case due to its thin-provisioned nature.

fiona · Dec 7, 2023

Hi,
IIRC, there is a saferemove option you can set in the LVM storage configuration for this purpose, i.e. pvesm set <storage ID> --saferemove 1.

LnxBil · Dec 7, 2023

Oh yeah, it is also documented.

fiona · Dec 7, 2023

Sent an RFC to better expose/explain it: https://lists.proxmox.com/pipermail/pve-devel/2023-December/060980.html

Denny Fuchs · Dec 8, 2023

fiona said:
Hi,
IIRC, there is a saferemove option you can set in the LVM storage configuration for this purpose, i.e. pvesm set <storage ID> --saferemove 1.

Thanks. I will add it

Search

Search

[SOLVED] LVM over iscsi: Delete VM1 with disks. Create new VM2 .. old data from VM1 are available

Denny Fuchs

Renowned Member

LnxBil

Distinguished Member

fiona

Proxmox Staff Member