 c47c6d2ab5
			
		
	
	c47c6d2ab5
	
	
	
		
			
			Introduce shred_final_overwrite_with_zeros, a new configuration option to control whether devices will receive a final overwrite with zeros during cleaning. Additionally, rename erase_devices_iterations to shred_random_overwrite_iterations to clarify the true meaning of this configuration option. Also, ensure a warning is raised in the logs to raise awareness around the potential security risk of running cleaning with iterations=0 and overwrite_with_zeros=False. Change-Id: I0dd3f488ab2cd0df778f34a5a23948fa0c6c4334 Closes-Bug: #1568811 Depends-On: I7053034f5b5bc6737b535ee601e6fb71284d4a83
		
			
				
	
	
		
			15 lines
		
	
	
		
			758 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			15 lines
		
	
	
		
			758 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
| ---
 | |
| features:
 | |
|   - A new configuration option, `shred_final_overwrite_with_zeros` is now
 | |
|     available. This option controls the final overwrite with zeros done on
 | |
|     all block devices for a node under cleaning. This feature was previously
 | |
|     always enabled and not configurable. This option is only used when a
 | |
|     block device could not be ATA Secure Erased.
 | |
| deprecations:
 | |
|   - The [deploy]/erase_devices_iterations config is deprecated and will
 | |
|     be removed in the Ocata cycle. It has been replaced by the
 | |
|     [deploy]/shred_random_overwrite_iterations config. This configuration
 | |
|     option controls the number of times block devices are overwritten with
 | |
|     random data. This option is only used when a block device could not be
 | |
|     ATA Secure Erased.
 |