c47c6d2ab5
Introduce shred_final_overwrite_with_zeros, a new configuration option to control whether devices will receive a final overwrite with zeros during cleaning. Additionally, rename erase_devices_iterations to shred_random_overwrite_iterations to clarify the true meaning of this configuration option. Also, ensure a warning is raised in the logs to raise awareness around the potential security risk of running cleaning with iterations=0 and overwrite_with_zeros=False. Change-Id: I0dd3f488ab2cd0df778f34a5a23948fa0c6c4334 Closes-Bug: #1568811 Depends-On: I7053034f5b5bc6737b535ee601e6fb71284d4a83
15 lines
758 B
YAML
15 lines
758 B
YAML
---
|
|
features:
|
|
- A new configuration option, `shred_final_overwrite_with_zeros` is now
|
|
available. This option controls the final overwrite with zeros done on
|
|
all block devices for a node under cleaning. This feature was previously
|
|
always enabled and not configurable. This option is only used when a
|
|
block device could not be ATA Secure Erased.
|
|
deprecations:
|
|
- The [deploy]/erase_devices_iterations config is deprecated and will
|
|
be removed in the Ocata cycle. It has been replaced by the
|
|
[deploy]/shred_random_overwrite_iterations config. This configuration
|
|
option controls the number of times block devices are overwritten with
|
|
random data. This option is only used when a block device could not be
|
|
ATA Secure Erased.
|