3

I was wondering if there is a way to write to the unallocated space of an lvm2 (linux)...

I prefer to have all my partitions encrypted but I'm not quite sure if there were any non-encrypted partitions earlier so now I want to overwrite/swipe all the space that is used by my LVM but not allocated to a logical volume right now.

I know creating a new logical volume consuming all the available extents, do the the wiping and then remove it afterwards would probably do the job (would it?) but I wonder if there is another, more elegant way that would allow me to do something like:

dd if=/dev/random of=/dev/the-magical-unallocated-space-on-lvm2-device

  • You'll probably want to use /dev/urandom since /dev/random on Linux will block when you run out of unused entropy bits. Of course, writing pseudorandom bits to a large volume will be painfully slow, and I've run across discussions suggesting that writing zeroes is secure enough for most, if not all, consumer and commercial applications. – rob Mar 10 '10 at 23:53

2 Answers2

0

To my knowledge there is no such system in LVM. It wouldn't be especially useful.

Filling the disk with a new logical volume and writing to it would probably do most of the job, but it is kind of messy.

I think the easiest way to do what you want to do is the following:

  1. Add a new disk to the system
  2. Create a new physical volume on it.
  3. Migrate the logical volumes of the physical volumes that you worry about
  4. Remove the empty physical volume from lvm
  5. Do a secure erase of the disk
  6. Recreate the physical volume
  7. Migrate the logical volumes back.

I strongly recommend a backup before doing that manoeuvre.

pehrs
  • 8,789
  • 1
  • 30
  • 46
  • I think secure erasing the entire disk would be overkill if only part of it is suspected of containing unencrypted data, but I guess it depends on your level of paranoia. :D – rob Mar 11 '10 at 00:04
  • Most modern harddisks supports secure erase in firmware, which is quicker than doing the old dd if=/dev/urandom of=/dev/hda method. – pehrs Mar 12 '10 at 09:39
0

As far as I know, the method you've already described (creating a new logical volume and filling it) is the easiest solution.

You can also do a secure wipe, as pehrs suggests, but unless you're ultra-paranoid, I would think wiping just the "unused" space is sufficient.

rob
  • 1,273
  • 1
  • 10
  • 17