I assign a LV for each vm guest. When deleting a vm, I remove the corresponding lv running ‘lvremove’. But is it necessary to destroy the data before running ‘lvremove’? Does lvremove do the work of wiping out old data?
dd if=/dev/zero of=/dev/sda bs=1M
In other words, is it possible for a new vm guest to dig out previous vm guest’s data? I heard people can use the following command to dig out old data.
cat /dev/vda | strings > /dev/shm/dump.txt.
lvremove only destroys the metadata identifying the logical volume and the specific extents which it used. It is possible to recover the data that used to be in the volume, if specific steps were not taken to destroy it.
This is a little better if you are using LVM thin provisioning. In this case, a newly provisioned LV will use no space at all, and thus reads from it will all return zeroes until something is actually written to it, in the process destroying the previous data. If your primary concern is VMs being able to read data from previous VMs, this should be sufficient.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.