From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from biostat.ucsf.edu (upstrm185.psg-ucsf.org [38.99.193.74]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Wed, 10 Sep 2014 05:31:34 +0200 (CEST) Date: Tue, 9 Sep 2014 20:31:31 -0700 From: Ross Boylan Message-ID: <20140910033131.GD8520@markov.biostat.ucsf.edu> References: <20140909215203.GG26856@markov.biostat.ucsf.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Subject: Re: [dm-crypt] expanding encrypted volume/growing the volume List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Robert Nichols Cc: dm-crypt@saout.de On Tue, Sep 09, 2014 at 08:59:03PM -0500, Robert Nichols wrote: > On 09/09/2014 04:52 PM, Ross Boylan wrote: >> The FAQ advises wipeing it, though the >> only explicit reasons seem not much of a concern for space in a volume >> group (but later there are references to attacks available if the >> attacker can determine which sectors are unused). As far as I know >> there is no way to access the unused area of the volume group ... > > Easy. Create a new LV in that VG and use "--extents 100%FREE" as > its size. Fill that LV with whatever variety of random data you > choose, then delete that LV and use the space to expand your active > LV. Thanks; I wasn't aware of that syntax. But do the snapshots make that hazardous? If the maximum space I specified for them is pre-allocated it should be fine, but I thought the implementation grabbed blocks as needed. If that's the case, a snapshot could fail while I have grabbed all the "free" space. I suppose worst case I could do 90%Free and be good enough. Ross