Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 10. Limiting LVM device visibility and usage

You can limit the devices that are visible and usable to Logical Volume Manager (LVM) by controlling the devices that LVM can scan.

Use LVM commands to control LVM device scanning. LVM commands interact with a file called the system.devices file, which lists the visible and usable devices. This feature is enabled by default in Red Hat Enterprise Linux 10.

If you disable the devices file feature, the LVM device filter is enabled automatically.

To adjust the configuration of LVM device scanning, edit the LVM device filter settings in the /etc/lvm/lvm.conf file. The filters in the lvm.conf file consist of a series of simple regular expressions. The system applies these expressions to each device name in the /dev directory to decide whether to accept or reject each detected block device.

10.1. The LVM devices file
Copy link

The Logical Volume Manager (LVM) system.devices file controls device visibility and usability to LVM. You can find the devices file in the /etc/lvm/devices/ directory. Use LVM commands to manage the devices file. Do not directly edit the system.devices file.

By default, the system.devices file feature is enabled in Red Hat Enterprise Linux 10. When active, it replaces the LVM device filter. To enable the LVM device filter, disable the system.devices file. For more information see Disabling the system.devices file.

10.1.1. Adding devices to the system.devices file
Copy link

To use devices with the Logical Volume Manager (LVM), the system.devices file must contain a list of the device IDs, otherwise LVM ignores them. The operating system (OS) installer adds devices to the system.devices file during installation. A newly installed system includes the root device into the devices file automatically. Any Physical Volumes (PV) attached to the system during OS installation are also included into the devices file. You can also specifically add devices to the devices file. LVM detects and uses only the list of devices stored in the devices file.

Procedure

  • Add devices to the system.devices file by using one of the following methods:

    • Add devices by including their names to the devices file: 

      $ lvmdevices --adddev <device_name>
      Copy to Clipboard Toggle word wrap

    • Add all devices in a Volume Group (VG) to the devices file: 

      $ vgimportdevices <vg_name>
      Copy to Clipboard Toggle word wrap

    • Add all devices in all visible VGs to the devices file: 

      $ vgimportdevices --all
      Copy to Clipboard Toggle word wrap

  • To implicitly include new devices into the system.devices file, use one of the following commands:

    • Use the pvcreate command to initialize a new device: 

      $ pvcreate <device_name>
      Copy to Clipboard Toggle word wrap

      This action automatically adds the new Physical Volume (PV) to the system.devices file.

    • Initialize new devices and add the new device arguments to the devices file automatically: 

      $ vgcreate <vg_name> <device_names>
      Copy to Clipboard Toggle word wrap

      Replace <vg_name> with the name of the VG, from which you want to add devices. Replace <device_names> with a space-separated list of the devices you want to add.

    • Use the vgextend command to initialize new devices: 

      $ vgextend <vg_name> <device_names>
      Copy to Clipboard Toggle word wrap

      Replace <vg_name> with the name of the VG, from which you want to add devices. Replace <device_names> with the names of the devices you want to add. This adds the new device arguments to the devices file automatically.

Verification

Use the following Verification only in case you need to explicitly add new devices to the system.devices file.

  • Display the system.devices file, to check the list of devices: 

    $ cat /etc/lvm/devices/system.devices
    Copy to Clipboard Toggle word wrap

  • Update the system.devices file to match most recent device information: 

    $ lvmdevices --update
    Copy to Clipboard Toggle word wrap

Remove a device to prevent the Logical Volume Manager (LVM) from detecting or using that device.

Procedure

  • Remove a device by using one of the following methods depending on the information you have about that device:

    • Remove a device by name: 

      $ lvmdevices --deldev <device_name>
      Copy to Clipboard Toggle word wrap

    • Remove a device by the Physical Volume ID (PVID) of the device: 

      $ lvmdevices --delpvid <PV_UUID>
      Copy to Clipboard Toggle word wrap

Verification

  • Display the system.devices file to verify, that the deleted device no longer present: 

    $ cat /etc/lvm/devices/system.devices
    Copy to Clipboard Toggle word wrap

  • Update the system.devices file to match most recent device information: 

    $ lvmdevices --update
    Copy to Clipboard Toggle word wrap

10.1.3. Creating custom devices files
Copy link

Logical Volume Manager (LVM) commands use the default system.devices file of the system. You can also create and use custom devices files by specifying the new file name in the LVM commands. Custom devices files are useful in cases when only certain applications need to use certain devices.

Procedure

  1. Create a custom devices file in the /etc/lvm/devices/ directory.

  2. Include the new devices file name in the LVM command: 

    $ lvmdevices --devicesfile <devices_file_name>
    Copy to Clipboard Toggle word wrap

  3. Optional: Display the new devices file to verify that the name of the new device is present: 

    $ cat /etc/lvm/devices/<devices_file_name>
    Copy to Clipboard Toggle word wrap

10.1.4. Accessing all devices on the system
Copy link

You can enable Logical Volume Manager (LVM) to access and use all devices on the system, which overrides the restrictions caused by the devices listed in the system.devices file.

Procedure

  • Specify an empty devices file: 

    $ lvmdevices --devicesfile ""
    Copy to Clipboard Toggle word wrap

10.1.5. Disabling the system.devices file
Copy link

You can disable the system.devices file functionality. This action automatically enables the Logical Volume Manager (LVM) device filter.

Important

If you remove the system.devices file, this action effectively disables it. This applies even if you enable the system.devices file in the lvm.conf configuration file by setting use_devicesfile=1 in the devices section. Disabling the devices file automatically enables the lvm.conf device filter.

Procedure

  1. Open the lvm.conf file.

  2. Set the following value in the devices section: 

    use_devicesfile=0
    Copy to Clipboard Toggle word wrap

10.2. Persistent identifiers for LVM filtering
Copy link

Traditional Linux device names, such as /dev/sda, are subject to changes during system modifications and reboots. Persistent Naming Attributes (PNAs) like World Wide Identifier (WWID), Universally Unique Identifier (UUID), and path names are based on unique characteristics of the storage devices and are resilient to changes in hardware configurations. This makes them more stable and predictable across system reboots.

Implementation of persistent device identifiers in LVM filtering enhances the stability and reliability of LVM configurations. It also reduces the risk of system boot failures associated with the dynamic nature of device names.

10.3. The LVM device filter
Copy link

The Logical Volume Manager (LVM) device filter is a list of device name patterns. You can use it to specify a set of mandatory criteria by which the system can evaluate devices and consider them as valid for use with LVM. The LVM device filter enables you control over which devices LVM uses. This can help to prevent accidental data loss or unauthorized access to storage devices.

10.3.1. LVM device filter pattern characteristics
Copy link

The patterns of LVM device filter are in the form of regular expression. A regular expression delimits with a character and precedes with either a for acceptance, or r for rejection. The first regular expression in the list that matches a device determines if LVM accepts or rejects (ignores) a specific device. Then, LVM looks for the initial regular expression in the list that matches the path of a device. LVM uses this regular expression to determine whether the device should be approved with an a outcome or rejected with an r outcome.

If a single device has multiple path names, LVM accesses these path names according to their order of listing. Before any r pattern, if at least one path name matches an a pattern, LVM approves the device. However, if all path names are consistent with an r pattern before an a pattern is found, the device is rejected.

Path names that do not match the pattern do not affect the approval status of the device. If no path names correspond to a pattern for a device, LVM still approves the device.

For each device on the system, the udev rules generate multiple symlinks. Directories contain symlinks, such as /dev/disk/by-id/, /dev/disk/by-uuid/, /dev/disk/by-path/ to ensure that each device on the system is accessible through multiple path names.

To reject a device in the filter, all of the path names associated with that particular device must match the corresponding reject r expressions. However, identifying all possible path names to reject can be challenging. This is why it is better to create filters that specifically accept certain paths and reject all others, using a series of specific a expressions followed by a single r|.*| expression that rejects everything else.

While defining a specific device in the filter, use a symlink name for that device instead of the kernel name. The kernel name for a device can change, such as /dev/sda while certain symlink names do not change such as /dev/disk/by-id/wwn-*.

The default device filter accepts all devices connected to the system. An ideal user configured device filter accepts one or more patterns and rejects everything else. For example, the pattern list ending with r|.*|.

You can find the LVM devices filter configuration in the devices/filter and devices/global_filter configuration fields in the lvm.conf file. The devices/filter and devices/global_filter configuration fields are equivalent.

For more information, see the lvm.conf(5) man page on your system.

Important

In Red Hat Enterprise Linux 10, the /etc/lvm/devices/system.devices file is enabled by default. The system automatically enables the LVM devices filter, when the system.devices file is disabled.

The following examples display the filter configurations to control the devices that LVM scans and uses later.

Note

You might encounter duplicate Physical Volume (PV) warnings when dealing with copied or cloned PVs. You can set up filters to resolve this.

  • To scan all the devices, enter: 

    filter = [ "a|.*|" ]
    Copy to Clipboard Toggle word wrap

  • To remove the cdrom device to avoid delays if the drive contains no media, enter: 

    filter = [ "r|^/dev/cdrom$|" ]
    Copy to Clipboard Toggle word wrap

  • To add all loop devices and remove all other devices, enter: 

    filter = [ "a|loop|", "r|.*|" ]
    Copy to Clipboard Toggle word wrap

  • To add all loop and SCSI devices and remove all other block devices, enter: 

    filter = [ "a|loop|", "a|/dev/sd.*|", "r|.*|" ]
    Copy to Clipboard Toggle word wrap

  • To add only partition 8 on the first SCSI drive and remove all other block devices, enter: 

    filter = [ "a|^/dev/sda8$|", "r|.*|" ]
    Copy to Clipboard Toggle word wrap

  • To add all partitions from a specific device identified by WWID along with all multipath devices, enter: 

    filter = [ "a|/dev/disk/by-id/<disk-id>.|", "a|/dev/mapper/mpath.|", "r|.*|" ]
    Copy to Clipboard Toggle word wrap

    The command also removes any other block devices.

You can control which devices LVM scans by setting up filters in the lvm.conf configuration file.

Prerequisites

  • You have disabled the system.devices file feature.
  • You have prepared the device filter pattern that you want to use.

Procedure

  1. Use the following command to test the device filter pattern, without actually modifying the /etc/lvm/lvm.conf file. The following includes an example filter configuration. 

    # lvs --config 'devices{ filter = [ "a|/dev/emcpower.|", "r|.|" ] }'
    Copy to Clipboard Toggle word wrap

  2. Add the device filter pattern in the configuration section devices of the /etc/lvm/lvm.conf file: 

    filter = [ "a|/dev/emcpower.*|", "r|*.|" ]
    Copy to Clipboard Toggle word wrap

  3. Scan only necessary devices on reboot: 

    # dracut --force --verbose
    Copy to Clipboard Toggle word wrap

    This command rebuilds the initramfs file system so that LVM scans only the necessary devices at the time of reboot.

Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat