From owner-freebsd-jail@FreeBSD.ORG  Fri Aug 31 20:49:42 2012
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: freebsd-jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 793C0106566B
	for <freebsd-jail@freebsd.org>; Fri, 31 Aug 2012 20:49:42 +0000 (UTC)
	(envelope-from lambert@lambertfam.org)
Received: from www.jail.lambertfam.org (atom1.lambertfam.org [69.153.112.46])
	by mx1.freebsd.org (Postfix) with ESMTP id 53FB98FC12
	for <freebsd-jail@freebsd.org>; Fri, 31 Aug 2012 20:49:42 +0000 (UTC)
Received: by www.jail.lambertfam.org (Postfix, from userid 999)
	id CA447B821; Fri, 31 Aug 2012 20:41:29 +0000 (UTC)
Date: Fri, 31 Aug 2012 20:41:29 +0000
From: Scott Lambert <lambert@lambertfam.org>
To: freebsd-jail@freebsd.org
Message-ID: <20120831204129.GP30681@www.jail.lambertfam.org>
References: <CANDt73drFBbfmNN8ZYkn9VdUuDO60JEn8Ks1ZFgsaiDqnbpxLA@mail.gmail.com>
	<6B11ADF9-5B11-41CD-BDAC-6F8236FC1E4C@jnielsen.net>
	<CANDt73e92Kewx7KsXaCmZaRPO+CNsXBmT4T3Adt8A3wCOVWv5A@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CANDt73e92Kewx7KsXaCmZaRPO+CNsXBmT4T3Adt8A3wCOVWv5A@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: Quotas inside jails
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: freebsd-jail@freebsd.org
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Aug 2012 20:49:42 -0000

On Thu, Aug 30, 2012 at 07:05:30PM -0400, Darek M wrote:
> On Thu, Aug 30, 2012 at 5:32 PM, John Nielsen <lists@jnielsen.net> wrote:
> > 
> > Another way to set hard quotas for jails is to give each one its
> > own filesystem of fixed size. This is trivially easy with zfs--just
> > create a zfs for each jail and set the quota property. To use UFS
> > you can create image files of whatever size you want, make them
> > md(4) devices, and then newfs(8) and mount(8) them. Unlike the
> > method in the handbook, neither of these options requires kernel
> > quota support.
>
> But these would be a quota for the entire jail.  I'm interested in
> having per-user quotas for users inside a jail.
>
> I'm curious whether the "security.jail.param.allow.quotas" sysctl is
> my missing link, and if so, why it is immutable.

If using ZFS, you *could* create a file system with quota for each 
user's home directory in the jail.  I'm not saying it would be
pretty....

With UFS, I think you would have to ensure that UID/GIDs do not
overlap between jails, at least for the users you want to be affected
by quotas.  That could be as ugly as the thousands of ZFS file
systems.

-- 
Scott Lambert                    KC5MLE                       Unix SysAdmin
lambert@lambertfam.org