From owner-freebsd-hackers@FreeBSD.ORG Thu May 28 06:58:28 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DB637106568F for ; Thu, 28 May 2009 06:58:28 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from mail.z8.ru (mail.z8.ru [80.93.58.56]) by mx1.freebsd.org (Postfix) with ESMTP id 9464A8FC15 for ; Thu, 28 May 2009 06:58:28 +0000 (UTC) (envelope-from kostjn@peterhost.ru) Received: from [85.235.196.139] (helo=kostjn.pht) by mail.z8.ru with esmtpa (Exim 4.67 (FreeBSD)) (envelope-from ) id 1M9ZZE-0008Fz-Us for freebsd-hackers@freebsd.org; Thu, 28 May 2009 10:58:20 +0400 Message-ID: <4A1E3688.8050300@peterhost.ru> Date: Thu, 28 May 2009 11:00:24 +0400 From: Menshikov Konstantin User-Agent: Thunderbird 2.0.0.18 (X11/20090328) MIME-Version: 1.0 CC: freebsd-hackers@freebsd.org References: <4A1B8CF8.7030102@peterhost.ru> <20090526120313.GA1927@deviant.kiev.zoral.com.ua> <4A1BE1F8.9050804@peterhost.ru> <20090526123632.GB1927@deviant.kiev.zoral.com.ua> <4A1BE827.2030303@peterhost.ru> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Disk quota for Jail. Discussion. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 May 2009 06:58:29 -0000 Robert Watson wrote: > > On Tue, 26 May 2009, Menshikov Konstantin wrote: > >>>> Yes. But jail cannot allocate block and inode above root path. In >>>> allocation functions, whether for example ffs_alloc we have access >>>> to ucred process and we can check up there is a process in jail. >>> >>> Yes, you can check this for jailed process. Think about non-jailed >>> processes that can do allocation below the jail root. >> >> Processes out of jail are not considered. I do not understand, these >> processes have what relation to disk to quotas for jail. Please >> explain more in detail > > Historic UFS quotas are actually not interested in processes at all, > really, except in as much as processes are where exception states are > exposed. UFS quotas count blocks and inodes owned by users based on > the 'uid' and 'gid' fields in the inode. There's now 'jailid' field, > so quotas on this model can't capture the notion of per-jail quotas. > In fact, quotacheck relies on being able to walk the file system > looking only at file system data in order to establish initial usage > accounting. You can imagine adding one, or managing the uid spaces > across jails such that all uids are unique, etc, but all of these > require some amount of rethinking. > > Or, some other model of quota. Frankly, I've always been a fan of the > AFS model, now accessible locally via ZFS, in which lightweight > volumes with quota limits are used for individual user home > directories, virtual machines, etc. This was hard to do in FreeBSD > before ZFS because (a) UFS didn't want to resize trivially and (b) > having lots and lots of mountpoints and file systems wasn't something > we made administratively easy. > > Robert N M Watson > Computer Laboratory > University of Cambridge > Actually realisation of quotas for jail, is reduced to realisation of quotas on catalogue contents. And it is difficult, it is not necessary. Many thanks for answers and explanations. Menshikov Konstantin