Bug 769293

Federico has implemented this using the activation filter method and I've committed this upstream to be picked up in the 6.3 build.

  Add activation/read_only_volume_list to override LV permission in metadata.
  Use R lv_attr to indicate read-only activation of non-read-only device in lvs.
  Show read-only activation override in lvdisplay & add 4 to perms in -c.

It works just like the existing volume_list filter.

    # If read_only_volume_list is defined, each LV that is to be activated 
    # is checked against the list, and if it matches, it as activated
    # in read-only mode.  (This overrides '--permission rw' stored in the
    # metadata.)
    #   "vgname" and "vgname/lvname" are matched exactly.
    #   "@tag" matches any tag set in the LV or VG.
    #   "@*" matches if any tag defined on the host is also set in the LV or VG
    #
    # read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ]

So RHEV can use an override in --config when it needs a RW volume to be activated read-only temporarily.

Scope of change:

- Create normal LVs with lvcreate.

- Toggle read/write state with lvchange -pr or -prw.

- Activate/deactivate with lvchange -ay or -an.

- Add/remove activation/read_only_volume_list in lvm.conf with values that match or don't match some LVs.

- After a change to lvm.conf, run lvchange --refresh for it to take effect on already-active LVs.

- Check whether LVs are read-only or read-write with dmsetup info -c (w or r) and lvdisplay, lvdisplay -c, lvs as below.


If the new lvm.conf setting is not present, or if it is present and does not match the LV, the LV is activated with the read-only or read-write permissions stored in the metadata.  (Note that if the VG metadata permission is set to 'read only' then all LVs in it are treated as 'read-only' for activation purposes regardless of whether they might individually say they are 'read-write'.)

If the new lvm.conf setting is present and matches an LV, when that LV is activated it will be activated read-only.

Any read/write LV activated read-only is shown as follows:

lvdisplay uses "read/write (activated read only)".

lvdisplay -c adds '4' to the number in the permissions field.

lvs places 'R' in the 2nd char of the lv_attr field.

    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
A new LVM configuration file setting, activation/read_only_volume_list, makes it possible always to activate particular volumes read-only, regardless of the actual permissions on the volumes concerned.

    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1 +1,3 @@
-A new LVM configuration file setting, activation/read_only_volume_list, makes it possible always to activate particular volumes read-only, regardless of the actual permissions on the volumes concerned.+Activating volumes in the read-only mode
+
+A new LVM configuration file parameter, activation/read_only_volume_list, makes it possible to always activate particular volumes in the read-only mode, regardless of the actual permissions on the volumes concerned. This parameter overrides the --permission rw option stored in the metadata.

    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1,3 +1,3 @@
 Activating volumes in the read-only mode
 
-A new LVM configuration file parameter, activation/read_only_volume_list, makes it possible to always activate particular volumes in the read-only mode, regardless of the actual permissions on the volumes concerned. This parameter overrides the --permission rw option stored in the metadata.+A new LVM configuration file parameter, activation/read_only_volume_list, makes it possible to activate particular volumes always in a read-only mode, regardless of the actual permissions on the volumes concerned. This parameter overrides the --permission rw option stored in the metadata.

    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1,3 +1,3 @@
-Activating volumes in the read-only mode
+Activating volumes in a read-only mode
 
 A new LVM configuration file parameter, activation/read_only_volume_list, makes it possible to activate particular volumes always in a read-only mode, regardless of the actual permissions on the volumes concerned. This parameter overrides the --permission rw option stored in the metadata.

Feature verified in the latest rpms. With the option set in lvm.conf, nothing can be done on the cmdline to overide it.

lvm.conf:
    read_only_volume_list = [ "vg1/lv1" ]


[root@hayes-01 ~]# vgcreate vg1 /dev/etherd/e1.1p*
  Volume group "vg1" successfully created
[root@hayes-01 ~]# lvcreate -n lv1 -L 100M vg1
  /dev/vg1/lv1: write failed after 0 of 4096 at 0: Operation not permitted
  Logical volume "lv1" created
[root@hayes-01 ~]# lvs -a -o +devices
  LV      VG         Attr     LSize   Devices              
  lv1     vg1        -Ri-a--- 100.00m /dev/etherd/e1.1p1(0)

[root@hayes-01 ~]# lvchange -p rw vg1/lv1
  Logical volume "lv1" is already writable

[root@hayes-01 ~]# lvs -a -o +devices
  LV      VG         Attr     LSize   Devices              
  lv1     vg1        -Ri-a--- 100.00m /dev/etherd/e1.1p1(0)

[root@hayes-01 ~]# dmsetup info
Name:              vg1-lv1
State:             ACTIVE (READ-ONLY)
Read Ahead:        256
Tables present:    LIVE
Open count:        0
Event number:      0
Major, minor:      253, 3
Number of targets: 1
UUID: LVM-MZ1ApP1AtdfOSg18MOKka9DGQJlTUa0ApR0Vl9yAYEzJVV0GRqLmKU4rJj1AaoRm

[root@hayes-01 ~]# dd if=/dev/zero of=/dev/vg1/lv1 count=1
dd: writing to `/dev/vg1/lv1': Operation not permitted
1+0 records in
0+0 records out
0 bytes (0 B) copied, 0.00034238 s, 0.0 kB/s


2.6.32-269.el6.x86_64
lvm2-2.02.95-8.el6    BUILT: Wed May  9 03:33:32 CDT 2012
lvm2-libs-2.02.95-8.el6    BUILT: Wed May  9 03:33:32 CDT 2012
lvm2-cluster-2.02.95-8.el6    BUILT: Wed May  9 03:33:32 CDT 2012
udev-147-2.41.el6    BUILT: Thu Mar  1 13:01:08 CST 2012
device-mapper-1.02.74-8.el6    BUILT: Wed May  9 03:33:32 CDT 2012
device-mapper-libs-1.02.74-8.el6    BUILT: Wed May  9 03:33:32 CDT 2012
device-mapper-event-1.02.74-8.el6    BUILT: Wed May  9 03:33:32 CDT 2012
device-mapper-event-libs-1.02.74-8.el6    BUILT: Wed May  9 03:33:32 CDT 2012
cmirror-2.02.95-8.el6    BUILT: Wed May  9 03:33:32 CDT 2012

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0962.html