From: Fiona Ebner <f.ebner@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH/RFC storage 1/1] lvmplugin: improve error handling for saferemove
Date: Tue, 28 Oct 2025 10:49:58 +0100 [thread overview]
Message-ID: <20251028095006.29348-2-f.ebner@proxmox.com> (raw)
In-Reply-To: <20251028095006.29348-1-f.ebner@proxmox.com>
Ensure that volumes are not automatically removed after a failure to
zero-out to give an admin the possibility to do so manually. The
downside is that "del-.*" volumes might remain left-over, the upside
is that data does not leak upon error.
Also ensure that activation failure of a single volume does not error
out early, but continue with removal of other volumes.
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
---
src/PVE/Storage/LVMPlugin.pm | 59 ++++++++++++++++++++----------------
1 file changed, 33 insertions(+), 26 deletions(-)
diff --git a/src/PVE/Storage/LVMPlugin.pm b/src/PVE/Storage/LVMPlugin.pm
index 275e84a..5e9fd83 100644
--- a/src/PVE/Storage/LVMPlugin.pm
+++ b/src/PVE/Storage/LVMPlugin.pm
@@ -10,6 +10,7 @@ use IO::File;
use PVE::Tools qw(run_command file_read_firstline trim);
use PVE::Storage::Plugin;
use PVE::JSONSchema qw(get_standard_option);
+use PVE::RESTEnvironment qw(log_warn);
use PVE::Storage::Common;
@@ -297,8 +298,7 @@ my sub free_lvm_volumes {
if ($bdev && $bdev =~ m|^/dev/(dm-\d+)|) {
$sysdir = "/sys/block/$1";
} else {
- warn "skip zero-out for volume '$lvmpath' - no device mapper link\n";
- return;
+ die "no device mapper link found\n";
}
my $write_zeroes_max_bytes =
@@ -345,43 +345,50 @@ my sub free_lvm_volumes {
$stepsize = $write_zeroes_max_bytes;
}
- my $cmd = ['blkdiscard', $lvmpath, '-v', '--zeroout', '--step', "${stepsize}"];
- eval { run_command($cmd); };
- warn $@ if $@;
+ run_command(['blkdiscard', $lvmpath, '-v', '--zeroout', '--step', "${stepsize}"]);
}
};
# we need to zero out LVM data for security reasons
# and to allow thin provisioning
my $zero_out_worker = sub {
+ my $error_count = 0;
for my $name (@$volnames) {
my $lvmpath = "/dev/$vg/del-$name";
print "zero-out data on image $name ($lvmpath)\n";
- my $cmd_activate = ['/sbin/lvchange', '-aly', $lvmpath];
- run_command(
- $cmd_activate,
- errmsg => "can't activate LV '$lvmpath' to zero-out its data",
- );
- $cmd_activate = ['/sbin/lvchange', '--refresh', $lvmpath];
- run_command(
- $cmd_activate,
- errmsg => "can't refresh LV '$lvmpath' to zero-out its data",
- );
+ eval {
+ my $cmd_activate = ['/sbin/lvchange', '-aly', $lvmpath];
+ run_command(
+ $cmd_activate,
+ errmsg => "can't activate LV '$lvmpath' to zero-out its data",
+ );
+ $cmd_activate = ['/sbin/lvchange', '--refresh', $lvmpath];
+ run_command(
+ $cmd_activate,
+ errmsg => "can't refresh LV '$lvmpath' to zero-out its data",
+ );
- $secure_delete_cmd->($lvmpath);
+ $secure_delete_cmd->($lvmpath);
- $class->cluster_lock_storage(
- $storeid,
- $scfg->{shared},
- undef,
- sub {
- my $cmd = ['/sbin/lvremove', '-f', "$vg/del-$name"];
- run_command($cmd, errmsg => "lvremove '$vg/del-$name' error");
- },
- );
- print "successfully removed volume $name ($vg/del-$name)\n";
+ $class->cluster_lock_storage(
+ $storeid,
+ $scfg->{shared},
+ undef,
+ sub {
+ my $cmd = ['/sbin/lvremove', '-f', "$vg/del-$name"];
+ run_command($cmd, errmsg => "lvremove '$vg/del-$name' error");
+ },
+ );
+ print "successfully removed volume $name ($vg/del-$name)\n";
+ };
+ if (my $err = $@) {
+ chomp($err);
+ log_warn("cannot zero-out '$lvmpath' - $err - please zero-out and remove manually");
+ $error_count++;
+ }
}
+ die "failed to zero-out $error_count volume(s) - check log\n" if $error_count > 0;
};
if ($scfg->{saferemove}) {
--
2.47.3
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
prev parent reply other threads:[~2025-10-28 9:50 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-28 9:49 [pve-devel] [PATCH/RFC storage 0/1] " Fiona Ebner
2025-10-28 9:49 ` Fiona Ebner [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251028095006.29348-2-f.ebner@proxmox.com \
--to=f.ebner@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox