Date: Sat, 30 Nov 2002 12:23:03 -0500 (EST) From: Robert Watson <rwatson@freebsd.org> To: Terry Lambert <tlambert2@mindspring.com> Cc: Stefanos Kiakas <stefanos@e-scape.net>, freebsd-hackers@freebsd.org Subject: Re: jail Message-ID: <Pine.NEB.3.96L.1021130122129.50233C-100000@fledge.watson.org> In-Reply-To: <3DE66834.B2333404@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 28 Nov 2002, Terry Lambert wrote: > Stefanos Kiakas wrote: > > Jean Milanez Melo wrote: > > > I run a number of jail enviroments in a public server, so, i would like to > > > limit the disk usage of each jail to, say, X GB. Lets think of a practical > > > issue. I have 40GB storage space, and what i want is to limit disk usage > > > to 5GB each jail. > > I believe it has been discussed on one of these lists before. > > > > Create a file that is 5G and use vnconfig to define pseudo disk > > device, create a new file system using newfs, then create the jail. > > > Note that the vnode file code is moderately broken, with regard to locks > and GEOM and all that. > > To avoid lockups if you do this, make sure each 5G file lives in its own > subdirectory, and does not share a subdirectory with another file that > is also being used as a device. > > Otherwise, it's fairly easy to lock up, and in fact, the cron job for > the security notification's "find" in the main vs. the jailed system > will cause it to lock hard. Hmm. The only bug like that I know about in -current was corrected in one of Kirk or Jeff's passes through getnewvnode() a few months ago, and involved a race condition when rotating logs in the same directory during a newsyslog call during heavy recursive directory activity -- specifically, the security script. Do you have any more practical details about the nature of the hang? In particular, the results of show locks and show lockedvnods would be useful for interesting processes, as well as their wait channels. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1021130122129.50233C-100000>