xfs_chver - change the version of a filesystem to enable the extent unwritten version.
xfs_chver [ -f ] -a
xfs_chver [ -f ] devices
xfs_chver uses the xfs_db command to change the version of a filesystem to enable the extent unwritten version. This version is needed to close a security hole where a process can sometimes read old data off disk.
The command must be run by the super-user. The command either does all devices found in fstab(4) when the -a option is used or the given devices from the second form above.
The command either does the changes or creates scripts which can later be applied using the xfs_db command. If the -f option is used, scripts are created and not applied. Without the -f option, the scripts are created, applied using xfs_db, and removed.
Devices that are mounted cannot be converted. This is always true for the root filesystem. Administrators must unmount filesystems before xfs_chver or xfs_db can convert the version. If a device being converted is found in mtab(4), the conversion is not attempted and an appropriate message is printed. It is safe to run this command on mounted devices as they are just skipped.
It is also safe to re-run the command multiple times on the same devices. If the device is already converted or inaccessible, a simple message is printed and the command continues with the next device.
The -f option causes the xfs_chver command to reduce error checking and create file(s) which can be passed to xfs_db. These files are created in the current directory in the form <device>.xfs_chver. These files can be applied to the filesystem, invoke the following command:
xfs_db -x <device> < <device>.xfs_chver
When the -f options is given, the following conditions are not checked for the device(s):
o - is the device the root filesystem,
|
o - is the device mounted, o - can the user write to the device. |
When the -f option is not used, the device is checked with /dev/root. If a device has the same st_rdev, as the root device, i.e. /dev/root, the conversion is not attempted and a message is printed. The root can only be converted if another filesystem is used as a root and the "current root" filesystem is accessed from the other root.
Another alternative to convert the root is to use the -f option. The created file should be saved on the root to con- vert. Next, boot the miniroot and mount the root to convert. Next, copy the file just created with the -f option and the xfs_db command (usually found in /usr/sbin/xfs_db) onto the mini root. Now, unmount the root to convert. Then run the command:
xfs_db -x <device> < <script>
where <device> is the root device and <script> is the file created with the -f option above.
A status of 1 is returned if the usage is incorrect, e.g. -a is used with a device name or an unrecognized parameter is detected. All other cases return a status of 0, even if a filesystem is skipped.
The xfs_db man page does not exist, yet.
cat <script> | xfs_db -x <device> does not work. Use xfs_db -x <device> < <script>.
xfs_db(1M), mstat(4), fstab(4), mkfs_xfs(1M), xfs(4).