Sunday, August 15, 2010

Process holding the block devices

Recently I had to write a program to shred a live disk. This was a security requirement for our devices. However, while testing the program, I found that this always failed. It was possible to overwrite whole of the disk except for a single sector. I knew that some process is using this part of the disk and that is the reason I was not able to write to it. I did an lsof for the device when the write operation was going on. There were certain process having files opened from that device. However, even after killing them, my program was not successful in writing the entire disk. Later, I even figured out that the programs with open files were not causing any real problem! But, then what was blocking the overwrite?

Now, we have decided to reboot the machine and do this operation before boot up. However, my doubt stayed till today. It is only today that I came to know about the real culprit. It is none other than the kernel. When a FS is mounted, the disk is opened by kernel. As long as it is mounted, kernel holds this open fd. As mount would have exited long back, so, one will never see this being caused by mount!