* [pve-devel] [RFC manager/docs] lvm: better expose/explain saferemove option
@ 2023-12-07 16:10 Fiona Ebner
2023-12-07 16:10 ` [pve-devel] [RFC manager 1/1] ui: lvm: expose saferemove setting Fiona Ebner
2023-12-07 16:10 ` [pve-devel] [PATCH docs 1/1] storage: lvm: expand on description of saferemove option Fiona Ebner
0 siblings, 2 replies; 5+ messages in thread
From: Fiona Ebner @ 2023-12-07 16:10 UTC (permalink / raw)
To: pve-devel
Users might not even know that the option or the issue it addresses
exist.
Expose the option in the UI and expand on the "why" in the
documentation.
Motivated by a recent forum post:
https://forum.proxmox.com/threads/137734/
manager:
Fiona Ebner (1):
ui: lvm: expose saferemove setting
www/manager6/storage/LVMEdit.js | 10 ++++++++++
1 file changed, 10 insertions(+)
docs:
Fiona Ebner (1):
storage: lvm: expand on description of saferemove option
pve-storage-lvm.adoc | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
--
2.39.2
^ permalink raw reply [flat|nested] 5+ messages in thread
* [pve-devel] [RFC manager 1/1] ui: lvm: expose saferemove setting
2023-12-07 16:10 [pve-devel] [RFC manager/docs] lvm: better expose/explain saferemove option Fiona Ebner
@ 2023-12-07 16:10 ` Fiona Ebner
2024-01-09 9:49 ` Fabian Grünbichler
2023-12-07 16:10 ` [pve-devel] [PATCH docs 1/1] storage: lvm: expand on description of saferemove option Fiona Ebner
1 sibling, 1 reply; 5+ messages in thread
From: Fiona Ebner @ 2023-12-07 16:10 UTC (permalink / raw)
To: pve-devel
It can be security-relevant in some environments. The LVM storage
documentation can be reached via the "Help" button and contains a few
more details.
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
---
www/manager6/storage/LVMEdit.js | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/www/manager6/storage/LVMEdit.js b/www/manager6/storage/LVMEdit.js
index fde302fc..37d3c6ef 100644
--- a/www/manager6/storage/LVMEdit.js
+++ b/www/manager6/storage/LVMEdit.js
@@ -228,5 +228,15 @@ Ext.define('PVE.storage.LVMInputPanel', {
uncheckedValue: 0,
fieldLabel: gettext('Shared'),
},
+ {
+ xtype: 'proxmoxcheckbox',
+ name: 'saferemove',
+ uncheckedValue: 0,
+ fieldLabel: gettext('Safe Remove'),
+ autoEl: {
+ tag: 'div',
+ 'data-qtip': gettext("Zero-out data when removing LVs"),
+ },
+ },
],
});
--
2.39.2
^ permalink raw reply [flat|nested] 5+ messages in thread
* [pve-devel] [PATCH docs 1/1] storage: lvm: expand on description of saferemove option
2023-12-07 16:10 [pve-devel] [RFC manager/docs] lvm: better expose/explain saferemove option Fiona Ebner
2023-12-07 16:10 ` [pve-devel] [RFC manager 1/1] ui: lvm: expose saferemove setting Fiona Ebner
@ 2023-12-07 16:10 ` Fiona Ebner
2024-01-09 9:38 ` [pve-devel] applied: " Fabian Grünbichler
1 sibling, 1 reply; 5+ messages in thread
From: Fiona Ebner @ 2023-12-07 16:10 UTC (permalink / raw)
To: pve-devel
mentioning why zeroing-out might be necessary.
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
---
pve-storage-lvm.adoc | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/pve-storage-lvm.adoc b/pve-storage-lvm.adoc
index 917d8fb..cff5d3e 100644
--- a/pve-storage-lvm.adoc
+++ b/pve-storage-lvm.adoc
@@ -38,7 +38,10 @@ on a remote iSCSI server.
`saferemove`::
Zero-out data when removing LVs. When removing a volume, this makes
-sure that all data gets erased.
+sure that all data gets erased and cannot be accessed by other LVs
+created later (which happen to be assigned the same physical extents).
+This is a costly operation, but may be required as a security measure
+in certain environments.
`saferemove_throughput`::
--
2.39.2
^ permalink raw reply [flat|nested] 5+ messages in thread
* [pve-devel] applied: [PATCH docs 1/1] storage: lvm: expand on description of saferemove option
2023-12-07 16:10 ` [pve-devel] [PATCH docs 1/1] storage: lvm: expand on description of saferemove option Fiona Ebner
@ 2024-01-09 9:38 ` Fabian Grünbichler
0 siblings, 0 replies; 5+ messages in thread
From: Fabian Grünbichler @ 2024-01-09 9:38 UTC (permalink / raw)
To: Proxmox VE development discussion
On December 7, 2023 5:10 pm, Fiona Ebner wrote:
> mentioning why zeroing-out might be necessary.
>
> Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
> ---
> pve-storage-lvm.adoc | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/pve-storage-lvm.adoc b/pve-storage-lvm.adoc
> index 917d8fb..cff5d3e 100644
> --- a/pve-storage-lvm.adoc
> +++ b/pve-storage-lvm.adoc
> @@ -38,7 +38,10 @@ on a remote iSCSI server.
> `saferemove`::
>
> Zero-out data when removing LVs. When removing a volume, this makes
> -sure that all data gets erased.
> +sure that all data gets erased and cannot be accessed by other LVs
> +created later (which happen to be assigned the same physical extents).
> +This is a costly operation, but may be required as a security measure
> +in certain environments.
>
> `saferemove_throughput`::
>
> --
> 2.39.2
>
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [pve-devel] [RFC manager 1/1] ui: lvm: expose saferemove setting
2023-12-07 16:10 ` [pve-devel] [RFC manager 1/1] ui: lvm: expose saferemove setting Fiona Ebner
@ 2024-01-09 9:49 ` Fabian Grünbichler
0 siblings, 0 replies; 5+ messages in thread
From: Fabian Grünbichler @ 2024-01-09 9:49 UTC (permalink / raw)
To: Proxmox VE development discussion
On December 7, 2023 5:10 pm, Fiona Ebner wrote:
> It can be security-relevant in some environments. The LVM storage
> documentation can be reached via the "Help" button and contains a few
> more details.
>
> Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
> ---
> www/manager6/storage/LVMEdit.js | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/www/manager6/storage/LVMEdit.js b/www/manager6/storage/LVMEdit.js
> index fde302fc..37d3c6ef 100644
> --- a/www/manager6/storage/LVMEdit.js
> +++ b/www/manager6/storage/LVMEdit.js
> @@ -228,5 +228,15 @@ Ext.define('PVE.storage.LVMInputPanel', {
> uncheckedValue: 0,
> fieldLabel: gettext('Shared'),
> },
> + {
> + xtype: 'proxmoxcheckbox',
> + name: 'saferemove',
> + uncheckedValue: 0,
> + fieldLabel: gettext('Safe Remove'),
> + autoEl: {
> + tag: 'div',
> + 'data-qtip': gettext("Zero-out data when removing LVs"),
IMHO the option is a bit misnamed unfortunately ("Safe Remove" sounds
like something I'd almost always enable - it's "safe" after all ;)).
I am not sure how many users read the tooltips, one possible alternative
would be to make the label sound more dangerous (or rather, use
something there that implies it has a cost), and move the option name
into the tooltip? maybe something like "Wipe removed volumes" could
work?
> + },
> + },
> ],
> });
> --
> 2.39.2
>
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-01-09 9:49 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-12-07 16:10 [pve-devel] [RFC manager/docs] lvm: better expose/explain saferemove option Fiona Ebner
2023-12-07 16:10 ` [pve-devel] [RFC manager 1/1] ui: lvm: expose saferemove setting Fiona Ebner
2024-01-09 9:49 ` Fabian Grünbichler
2023-12-07 16:10 ` [pve-devel] [PATCH docs 1/1] storage: lvm: expand on description of saferemove option Fiona Ebner
2024-01-09 9:38 ` [pve-devel] applied: " Fabian Grünbichler
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox