[Fedora-livecd-list] Is automounting of LVM volumes by a livecd dangerous?
Douglas McClendon
dmc.fedora at filteredperception.org
Sat Aug 2 03:07:06 UTC 2008
Antonio Olivares wrote:
> Dear all,
>
> I have asked the following question on fedora-list at redhat.com.
>
> But then it clicked to me that I should have directed the question here on livecd list.
>
> Is automounting of LVM volumes by a livecd dangerous?
Probably you've heard this before, but the short answer is 'it depends'.
If you believe in the philosophy that a default livecd boot should be
guaranteed to not write any bits on system disk/storage, then yes, it is
dangerous. I'll even go one further- it's even dangerous to mount ext3
filesystems ""read-only"".
When implementing liveusb-persistence, an early variation of my
implementation would attempt to readonly mount every disk, looking for
persistent overlay files to utilize. Ultimately, for the first liveusb
persistence release, I backed off of the flexibility that doing so would
enable, and now the current fedora liveusb mechanism will only by
default look at the booting media (e.g. usbstick) for the persistence
file which is by definition already mounted.
One thing I noticed in that earlier implementation was that if you did a
'blockdev --setro' on devices before attempting to mount them readonly
(because like me, you are ultra paranoid, and believe that users should
be confident that by default no bits on their disks will be twiddled)...
Anyway, if you do that, and then try to mount readonly an ext3 device,
you'll be confounded by the fact that the mount now fails, because for
some reason mounting an ext3fs readonly is not a purely read-only
operation. I think maybe in some instances it really wants to replay
the journal. I vaguely recall also trying to mount an ext3 as readonly
as an ext2 filesystem, but I vaguely recall that not working.
Ultimately, for another tool I was working on (viros.org), I ended up
implementing a devicemapper solution. I.e. to be truly paranoid, you
can blockdev --setro, then build up a devicemapper snapshot to ram to
get a virtually writable device, which you can then mount readonly (and
amusingly, get some visibility into which bits get written in such a case).
But back to your question- Another very good reason to be this
paranoid, is whether or not you want to support the following use-case:
- user has ubuntu(or any distro) installed on their system disk.
- user hibernates
- user boots your livecd
- user reboots, and wants to unhibernate
- user is hosed if you mounted filesystems that were mounted in the
hibernated OS
-dmc
>
> http://www.mail-archive.com/fedora-list@redhat.com/msg09393.html
>
> <quote that I sent>
> I have a question regarding the automounting of LVM volumes like it is the
> default Fedora installation. Is there any way that it is harmful when done from a linux live cd?
>
> For instance in Slax, Tomas Matejicek, the creator of slax has been encouraged by me and others to implement it in Slax. I believe it is an excellent idea. I was wondering if there are any downnsides to having this done in this livecd or any livecd for that matter.
>
> Thank you in advance for your input regarding this matter.
> </quote>
>
> I have my own customized Fedora Live CD with TeXLive created by livecd tools. But I also use Slax Linux Live CD and I like it very much. I know in advance that Fedora Live CD's do not automount partitions nor activate swap. While on the other hand, Slax automounts partitions if it can except LVM like default Fedora installations.
>
> Here's Slax Forum thread in case it is relevant to the discussion.
> http://www.slax.org/forum.php?action=view&parentID=17340
>
> Are there any dangers with respect to automounting LVM volumes by default?
>
> Thank you in advanced,
>
> Antonio
>
>
>
>
> --
> Fedora-livecd-list mailing list
> Fedora-livecd-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-livecd-list
More information about the livecd
mailing list