From owner-freebsd-hackers@FreeBSD.ORG Sun Mar 13 20:38:04 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D1A0A16A4CE for ; Sun, 13 Mar 2005 20:38:04 +0000 (GMT) Received: from smtphost.cis.strath.ac.uk (smtphost.cis.strath.ac.uk [130.159.196.96]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2A52A43D3F for ; Sun, 13 Mar 2005 20:38:04 +0000 (GMT) (envelope-from chodgins@cis.strath.ac.uk) Received: from [192.168.0.4] (chrishodgins.force9.co.uk [84.92.20.141]) j2DKbINU002768; Sun, 13 Mar 2005 20:37:18 GMT Message-ID: <4234A5C5.1080006@cis.strath.ac.uk> Date: Sun, 13 Mar 2005 20:42:45 +0000 From: Chris Hodgins User-Agent: Mozilla Thunderbird 1.0 (X11/20050204) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Anish Mistry References: <1107178792.613.22.camel@spirit> <200503131051.40700.freebsd-hackers@evilcode.net> <42348525.8080302@cis.strath.ac.uk> <200503131524.16075.mistry.7@osu.edu> In-Reply-To: <200503131524.16075.mistry.7@osu.edu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-CIS-MailScanner-Information: Please contact support@cis.strath.ac.uk for more information X-CIS-MailScanner: Found to be clean X-CIS-MailScanner-SpamCheck: not spam, SpamAssassin (score=-4.9, required 6, autolearn=not spam, BAYES_00 -4.90) X-CIS-MailScanner-From: chodgins@cis.strath.ac.uk cc: Denis Shaposhnikov cc: freebsd-hackers@freebsd.org cc: security@revolutionsp.com cc: "Samuel J. Greear" cc: Frank Knobbe Subject: Re: Idea about 'skeleton jail X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Mar 2005 20:38:04 -0000 Anish Mistry wrote: > On Sunday 13 March 2005 01:23 pm, Chris Hodgins wrote: > >>Samuel J. Greear wrote: >> >>>Not a bad 'idea' at all, although I won't comment on semantics. >>>I had something implemented using fs stacking (in a very hackish >>>way, and I believe it's lost now, so don't ask to see it...) to >>>implement per-jail quota's that seemed to work quite well. >>> >>>Sam >> >>Feel free to comment on the semantics. As I said before, I am not >>very knowledgable about filesystems and any insight or alternative >>implementation you can provide would be interesting I'm sure to >>everyone. >> > > Yeah, if there was jailfs that was setup automatically for the jails > that supported quotas out of the box that would kill my major gripe > about setting up jails. > Any ideas the sort of work involved in something like this? I am graduating soon and about to have about a month of free time to spend on a project. From the very little I know about file systems on Unix they just stack together right? So there would have to be something to process the configuration file and then is it just a matter of overriding each vnode operation or is there more to it than that? Chris