From owner-freebsd-questions@FreeBSD.ORG Wed Jan 11 13:31:42 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ABB1816A41F for ; Wed, 11 Jan 2006 13:31:42 +0000 (GMT) (envelope-from dvorakv@vdsoft.org) Received: from poseidon.vdsoft.org (poseidon.vdsoft.org [193.85.147.250]) by mx1.FreeBSD.org (Postfix) with ESMTP id 368AD43D45 for ; Wed, 11 Jan 2006 13:31:41 +0000 (GMT) (envelope-from dvorakv@vdsoft.org) Received: from localhost (unknown [127.0.0.1]) by poseidon.vdsoft.org (Postfix) with ESMTP id B468747E532; Wed, 11 Jan 2006 14:31:37 +0100 (CET) Received: from poseidon.vdsoft.org ([127.0.0.1]) by localhost (poseidon.vdsoft.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 82361-06; Wed, 11 Jan 2006 14:31:35 +0100 (CET) Received: from [10.0.0.132] (laptop.home.deltaeng.com [10.0.0.132]) by poseidon.vdsoft.org (Postfix) with ESMTP id A361F47E530; Wed, 11 Jan 2006 14:31:35 +0100 (CET) Message-ID: <43C508BA.1090303@vdsoft.org> Date: Wed, 11 Jan 2006 14:31:38 +0100 From: Vladimir Dvorak User-Agent: Debian Thunderbird 1.0.7 (X11/20051017) X-Accept-Language: en-us, en MIME-Version: 1.0 To: =?windows-1250?Q?Bj=F6rn_K=F6nig?= References: <43C4D004.90101@vdsoft.org> <43C505F8.4030307@cs.tu-berlin.de> In-Reply-To: <43C505F8.4030307@cs.tu-berlin.de> X-Enigmail-Version: 0.93.0.0 Content-Type: text/plain; charset=windows-1250 Content-Transfer-Encoding: 8bit X-Virus-Scanned: amavisd-new at vdsoft.org Cc: freebsd-questions@freebsd.org Subject: Re: quotas + jail ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jan 2006 13:31:42 -0000 Björn König wrote: > Vladimir Dvorak schrieb: > >> I have simple question - is possible to use quotas in jail(8) >> environment ? >> [...] >> >> It seems to be impossible ( some kernel restriction ). :-( Is there some >> way to allow this ? My last idea was to replicate users and groups to >> "main" system and use quotas from it - but it is not good solution if we >> have several hundreds users in jail(8). > > > You don't need to replicate users and groups, just use UIDs and GIDs. > There is a serious disadvantage: if you set quota for a specific UID > then it affects all users with the same UID in different jails and > even at the host; I guess this is not what you want. > > If you want to restrict the space that can be consumed by a jail then > you might use memory devices, i.e. > > # create 1 GiB file > $ dd if=/dev/zero of=myjail321 count=16k bs=64k > $ mdconfig -af myjail321 > md321 > $ mkdir /jail/myjail321 > $ mount /dev/md321 /jail/myjail321 > $ cd /usr/src > $ make installworld DESTDIR=/jail/myjail321 > > and so on ... > > > Regards > Björn > Thank you Björn, I thing it is possible. I will shift existing UIDs ( in jail) to higher values (50000-> ) and apply quotas on them. I will try to eliminate UID mixing. Thank you for your suggestion. Vladimir