From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <f.gruenbichler@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 29CF2BFC83
 for <pve-devel@lists.proxmox.com>; Tue,  9 Jan 2024 10:34:53 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 0A9C015320
 for <pve-devel@lists.proxmox.com>; Tue,  9 Jan 2024 10:34:53 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS
 for <pve-devel@lists.proxmox.com>; Tue,  9 Jan 2024 10:34:52 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 26A7249033
 for <pve-devel@lists.proxmox.com>; Tue,  9 Jan 2024 10:34:52 +0100 (CET)
Date: Tue, 09 Jan 2024 10:34:45 +0100
From: Fabian =?iso-8859-1?q?Gr=FCnbichler?= <f.gruenbichler@proxmox.com>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
References: <20231222095806.47673-1-s.hanreich@proxmox.com>
In-Reply-To: <20231222095806.47673-1-s.hanreich@proxmox.com>
MIME-Version: 1.0
User-Agent: astroid/0.16.0 (https://github.com/astroidmail/astroid)
Message-Id: <1704792872.yt0j2jtsd7.astroid@yuna.none>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.086 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 POISEN_SPAM_PILL          0.1 Meta: its spam
 POISEN_SPAM_PILL_1        0.1 random spam to be learned in bayes
 POISEN_SPAM_PILL_3        0.1 random spam to be learned in bayes
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [gitlab.com, proxmox.com]
Subject: [pve-devel] applied: [PATCH pve-manager v4] postinst: filter rbds
 in lvm
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Tue, 09 Jan 2024 09:34:53 -0000

thanks to both of you!

On December 22, 2023 10:58 am, Stefan Hanreich wrote:
> Since LVM 2.03.15 RBD devices are also scanned by default [1]. This
> can lead to guest volumes being recognized and displayed on the host
> when using KRBD for RBD-backed disks. In order to prevent this we add
> an additional filter to the LVM config to avoid scanning rbds.
>=20
> This also prevents a bug where LVM created a very high amount of
> archive entries when there were logical volumes with the same path
> available. This could happen when two guests with RBD disks had the
> same LVM layout or a guest and host had the same layout.
>=20
> previous behavior:
> If there is no marker in the LVM conf and global_filter does not
> contain '/dev/zd.*': replace the global_filter with our version
>=20
> new behavior:
> Replace the global_filter iff:
> - There is no marker and global_filter is empty
> - The global_filter is exactly the old default
>=20
> If we don't replace the filter and it is a non-default value: We print
> a warning. Addtionally we force this function to run once when
> upgrading from older versions.
>=20
> The previous versions could replace custom global_filters where the
> comment had been removed and the zvol directive removed. The new
> behavior is slightly more conservative, but works the same in other
> cases.
>=20
> [1] https://gitlab.com/lvmteam/lvm2/-/commit/6a431eb24241caf2277d3e5b4718=
782d92650a2a
>=20
> Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
> ---
>=20
> Changes from v3 -> v4:
> - Move LVM_SUPPRESS_FD_WARNINGS=3D1 in order to prevent fd warnings from
>   the lvmconfig invocation
>=20
> Changes from v2 -> v3:
> - Additionally only change empty values if there is no marker
> - Print a warning when encountering a non-default value
> - Check the LVM config for validity afterwards and restore it from
>   backup if it is invalid
>=20
> Changes from v1 -> v2:
> - changed replacement logic:
>   - if there is an existing global_filter, we replace the line
>   - if there is no existing global_filter we add a whole 'devices' block
> - we only rewrite if there is no global_filter set or if it is the value
> we set in versions <=3D 8.1.3
>=20
>  debian/postinst | 51 +++++++++++++++++++++++++++++++++++--------------
>  1 file changed, 37 insertions(+), 14 deletions(-)
>=20
> diff --git a/debian/postinst b/debian/postinst
> index 4c9a1f250..8028e39ee 100755
> --- a/debian/postinst
> +++ b/debian/postinst
> @@ -9,23 +9,33 @@ set -e
>  # installed and configured.
> =20
>  set_lvm_conf() {
> +    local FORCE=3D"$1"
>      LVM_CONF_MARKER=3D"# added by pve-manager to avoid scanning"
> =20
>      # keep user changes afterwards provided marker is still there..
> -    if grep -qLF "$LVM_CONF_MARKER" /etc/lvm/lvm.conf; then
> +    if grep -qLF "$LVM_CONF_MARKER" /etc/lvm/lvm.conf && test -z "$FORCE=
"; then
>          return 0 # only do these changes once
>      fi
> =20
> -    OLD_VALUE=3D"$(lvmconfig --typeconfig full devices/global_filter)"
> -    NEW_VALUE=3D'global_filter=3D["r|/dev/zd.*|"]'
> -
>      export LVM_SUPPRESS_FD_WARNINGS=3D1
> =20
> -    # check global_filter
> -    # keep previous setting from our custom packaging if it is still the=
re
> -    if echo "$OLD_VALUE" | grep -qvF 'r|/dev/zd.*|'; then
> +    OLD_VALUE=3D"$(lvmconfig --typeconfig diff devices/global_filter || =
true)"
> +    NEW_VALUE=3D'global_filter=3D["r|/dev/zd.*|","r|/dev/rbd.*|"]'
> +
> +    # update global_filter if:
> +    # it is empty and there is no marker OR exactly the one we set befor=
e 8.1.4
> +    if (! grep -qF "$LVM_CONF_MARKER" /etc/lvm/lvm.conf && test -z "$OLD=
_VALUE")\
> +	|| (echo "$OLD_VALUE" | grep -qF '=3D"r|/dev/zd.*|"');
> +    then
>          SET_FILTER=3D1
>          BACKUP=3D1
> +    # print warning if global_filter is set but not our old/new default
> +    elif test -n "$OLD_VALUE"\
> +	&& ! echo "$OLD_VALUE" | grep -qF '=3D"r|/dev/zd.*|"'\
> +	&& ! echo "$OLD_VALUE" | grep -qF "$NEW_VALUE";
> +    then
> +	echo "non-default 'global_filter' value '$OLD_VALUE' in /etc/lvm/lvm.co=
nf, not setting '$NEW_VALUE' automatically"
> +	echo "consider adapting your 'global_filter' manually."
>      fi
>      # should be the default since bullseye
>      if lvmconfig --typeconfig full devices/scan_lvs | grep -qv 'scan_lvs=
=3D0'; then
> @@ -37,17 +47,19 @@ set_lvm_conf() {
>          cp -vb /etc/lvm/lvm.conf /etc/lvm/lvm.conf.bak
>      fi
>      if test -n "$SET_FILTER"; then
> -        echo "Setting 'global_filter' in /etc/lvm/lvm.conf to prevent zv=
ols from being scanned:"
> +        echo "Setting 'global_filter' in /etc/lvm/lvm.conf to prevent zv=
ols and rbds from being scanned:"
>          echo "$OLD_VALUE =3D> $NEW_VALUE"
> -        # comment out existing setting
> -        sed -i -e 's/^\([[:space:]]*global_filter[[:space:]]*=3D\)/#\1/'=
 /etc/lvm/lvm.conf
> -        # add new section with our setting
> -        cat >> /etc/lvm/lvm.conf <<EOF
> +        if test -n "$OLD_VALUE"; then
> +            sed -i -e "s/$LVM_CONF_MARKER ZFS zvols/$LVM_CONF_MARKER ZFS=
 zvols and Ceph rbds/" /etc/lvm/lvm.conf
> +            sed -i -e "s!^\([[:space:]]*\)\(global_filter[[:space:]]*=3D=
.*\)\$!\1# \2\n\1$NEW_VALUE!" /etc/lvm/lvm.conf
> +        else
> +            cat >> /etc/lvm/lvm.conf <<EOF
>  devices {
> -     $LVM_CONF_MARKER ZFS zvols
> +     $LVM_CONF_MARKER ZFS zvols and Ceph rbds
>       $NEW_VALUE
> - }
> +}
>  EOF
> +        fi
>      fi
>      if test -n "$SET_SCAN_LVS"; then
>          echo "Adding scan_lvs=3D0 setting to /etc/lvm/lvm.conf to preven=
t LVs from being scanned."
> @@ -61,6 +73,11 @@ devices {
>   }
>  EOF
>      fi
> +
> +    if ! lvmconfig --validate; then
> +	echo "Invalid LVM config detected - restoring from /etc/lvm/lvm.conf.ba=
k"
> +	mv /etc/lvm/lvm.conf.bak /etc/lvm/lvm.conf
> +    fi
>  }
> =20
>  migrate_apt_auth_conf() {
> @@ -165,6 +182,12 @@ case "$1" in
>          rm -v "$BETA_SOURCES" || true
>      fi
> =20
> +    if test ! -e /proxmox_install_mode && test -n "$2" && dpkg --compare=
-versions "$2" 'lt' '8.1.4~'; then
> +        if test -e /etc/lvm/lvm.conf ; then
> +            set_lvm_conf 1
> +        fi
> +    fi
> +
>      set_lvm_conf
> =20
>      if test ! -e /proxmox_install_mode; then
> --=20
> 2.39.2
>=20
>=20
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>=20
>=20
>=20