diff options
author | David Teigland <teigland@redhat.com> | 2019-03-04 15:36:25 -0600 |
---|---|---|
committer | David Teigland <teigland@redhat.com> | 2019-03-04 15:47:20 -0600 |
commit | af828fbc4913b081fdfd73b02e5c6b1ca9fbbec3 (patch) | |
tree | 3568910cc90d39fb910bdb65d8077383e4c7a74f | |
parent | 07483cc165e210a23627b4b6d5c89f9008c9e950 (diff) | |
download | lvm2-dev-dct-use-vg-without-system-id.tar.gz |
config: add use_vg_without_system_iddev-dct-use-vg-without-system-id
The default is 1 (the existing behavior) which means a
VG without a system ID can accessed by any machine, whether
that machine has a system ID set for itself or not.
When this setting is changed to 0, it means that a VG
without a system ID cannot be accessed.
-rw-r--r-- | lib/commands/toolcontext.c | 2 | ||||
-rw-r--r-- | lib/commands/toolcontext.h | 1 | ||||
-rw-r--r-- | lib/config/config_settings.h | 7 | ||||
-rw-r--r-- | lib/metadata/metadata.c | 10 |
4 files changed, 18 insertions, 2 deletions
diff --git a/lib/commands/toolcontext.c b/lib/commands/toolcontext.c index 15e349971..89e8f727d 100644 --- a/lib/commands/toolcontext.c +++ b/lib/commands/toolcontext.c @@ -526,6 +526,8 @@ static int _init_system_id(struct cmd_context *cmd) const char *source, *system_id; int local_set = 0; + cmd->use_vg_without_system_id = find_config_tree_bool(cmd, global_use_vg_without_system_id_CFG, NULL); + cmd->system_id = NULL; cmd->unknown_system_id = 0; diff --git a/lib/commands/toolcontext.h b/lib/commands/toolcontext.h index 959c1539b..fc8a6e17b 100644 --- a/lib/commands/toolcontext.h +++ b/lib/commands/toolcontext.h @@ -151,6 +151,7 @@ struct cmd_context { unsigned include_foreign_vgs:1; /* report/display cmds can reveal foreign VGs */ unsigned include_shared_vgs:1; /* report/display cmds can reveal lockd VGs */ unsigned include_active_foreign_vgs:1; /* cmd should process foreign VGs with active LVs */ + unsigned use_vg_without_system_id:1; /* a VG without a system id can be accessed */ unsigned vg_read_print_access_error:1; /* print access errors from vg_read */ unsigned force_access_clustered:1; unsigned lockd_gl_disable:1; diff --git a/lib/config/config_settings.h b/lib/config/config_settings.h index a2df3cefe..34df0b7e5 100644 --- a/lib/config/config_settings.h +++ b/lib/config/config_settings.h @@ -1200,6 +1200,13 @@ cfg(global_system_id_file_CFG, "system_id_file", global_CFG_SECTION, CFG_DEFAULT "This is used when system_id_source is set to 'file'.\n" "Comments starting with the character # are ignored.\n") +cfg(global_use_vg_without_system_id_CFG, "use_vg_without_system_id", global_CFG_SECTION, CFG_DEFAULT_COMMENTED, CFG_TYPE_BOOL, 1, vsn(2, 3, 2), 0, 0, NULL, + "Allow a VG without a system ID to be used by the local machine.\n" + "The default is to allow unrestricted access to a VG that does not\n" + "have a system ID set. Before disabling this (turning off access\n" + "to VGs without a system ID), ensure that any VG needed by the local\n" + "machine has a system ID set, matching the local machine.\n") + cfg(activation_checks_CFG, "checks", activation_CFG_SECTION, 0, CFG_TYPE_BOOL, DEFAULT_ACTIVATION_CHECKS, vsn(2, 2, 86), NULL, 0, NULL, "Perform internal checks of libdevmapper operations.\n" "Useful for debugging problems with activation. Some of the checks may\n" diff --git a/lib/metadata/metadata.c b/lib/metadata/metadata.c index 9efc35592..f280efb01 100644 --- a/lib/metadata/metadata.c +++ b/lib/metadata/metadata.c @@ -3491,6 +3491,9 @@ static int _check_reappeared_pv(struct volume_group *correct_vg, static int _is_foreign_vg(struct volume_group *vg) { + if (!vg->cmd->use_vg_without_system_id && !vg->system_id[0]) + return 1; + return vg->cmd->system_id && strcmp(vg->system_id, vg->cmd->system_id); } @@ -4882,8 +4885,11 @@ int is_system_id_allowed(struct cmd_context *cmd, const char *system_id) /* * A VG without a system_id can be accessed by anyone. */ - if (!system_id || !system_id[0]) - return 1; + if (!system_id || !system_id[0]) { + if (cmd->use_vg_without_system_id) + return 1; + return 0; + } /* * Allowed if the host and VG system_id's match. |