[RndTbl] LVM import question

Adam Thompson athompso at athompso.net
Tue Nov 3 12:46:43 CST 2015 

Note that if looking for Linux rootkits, NFS export will/can hide them.  Otherwise, yeah...

On November 3, 2015 12:37:28 PM CST, John Lange <john at johnlange.ca> wrote:
>You could just mount the remote disk over the "network" and then scan
>it.
>
>
>On Tue, Nov 3, 2015 at 11:48 AM, Adam Thompson <athompso at athompso.net>
>wrote:
>
>>
>>
>> On 15-11-03 10:55 AM, Kevin McGregor wrote:
>>
>>> I would like to be able to temporarily move a disk from one Linux
>system
>>> to another. The disk has a complete LVM2 volume group on it which I
>would
>>> like to mount on the second system. However, I may or may not be
>able to
>>> mark the volume group as "exported".
>>>
>>> Is there any way to import a volume group which isn't marked as
>>> "exported"? Or to use the destination system to mark it as such?
>>>
>>> Background: I've been tasked with creating a Linux VM (Virtual
>Machine)
>>> with ClamAV on it which can scan other Linux VM disks. To do that I
>assumed
>>> I'd shut down the target system and mount its disks on the scanning
>VM, do
>>> the scan, then remove the target disks from the scanning VM.
>>>
>>> Is there a better way?
>>>
>>> Kevin
>>>
>>
>> Boot a LiveCD on the to-be-scanned VM?
>>
>> Actually, I would boot a LiveCD in the dedicated VM anyway. Sysresccd
>> works well, and usually has a reasonably-up-to-date version of
>ClamAV.
>> Also, it doesn't require 3D video, so it works well in a VM (unlike,
>say,
>> Ubuntu, CentOS 7, etc.).
>>
>> If you want a regular HDD (vdd?) installed linux system anyway,
>simply
>> running "pvs", "vgs", "lvs" and then mounting the FS out of
>/dev/mapper
>> should work.  You might have to do a "{pv,vg,lv}change -ay" if it's
>not
>> marked as active.  Do NOT flag it as exported once you're done
>scanning it,
>> or the origin system may refuse to automount it.
>>
>> If you're running in VMware, I would recommend hot-adding the volume
>to
>> the scanning VM so that it never accidentally tries to boot off it.
>>
>> -Adam
>> _______________________________________________
>> Roundtable mailing list
>> Roundtable at muug.mb.ca
>> http://www.muug.mb.ca/mailman/listinfo/roundtable
>>
>
>
>
>-- 
>John Lange
>www.johnlange.ca
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Roundtable mailing list
>Roundtable at muug.mb.ca
>http://www.muug.mb.ca/mailman/listinfo/roundtable

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.muug.mb.ca/pipermail/roundtable/attachments/20151103/3fd14761/attachment.html>

More information about the Roundtable mailing list