Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 03 Sep 2012 11:12:50 -0600
From:      Jamie Gritton <jamie@FreeBSD.org>
To:        freebsd-jail@FreeBSD.org
Subject:   Re: Quotas inside jails
Message-ID:  <5044E512.6090209@FreeBSD.org>
In-Reply-To: <20120831204129.GP30681@www.jail.lambertfam.org>
References:  <CANDt73drFBbfmNN8ZYkn9VdUuDO60JEn8Ks1ZFgsaiDqnbpxLA@mail.gmail.com>	<6B11ADF9-5B11-41CD-BDAC-6F8236FC1E4C@jnielsen.net>	<CANDt73e92Kewx7KsXaCmZaRPO%2BCNsXBmT4T3Adt8A3wCOVWv5A@mail.gmail.com> <20120831204129.GP30681@www.jail.lambertfam.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 08/31/12 14:41, Scott Lambert wrote:
> On Thu, Aug 30, 2012 at 07:05:30PM -0400, Darek M wrote:
>> On Thu, Aug 30, 2012 at 5:32 PM, John Nielsen<lists@jnielsen.net>  wrote:
>>>
>>> Another way to set hard quotas for jails is to give each one its
>>> own filesystem of fixed size. This is trivially easy with zfs--just
>>> create a zfs for each jail and set the quota property. To use UFS
>>> you can create image files of whatever size you want, make them
>>> md(4) devices, and then newfs(8) and mount(8) them. Unlike the
>>> method in the handbook, neither of these options requires kernel
>>> quota support.
>>
>> But these would be a quota for the entire jail.  I'm interested in
>> having per-user quotas for users inside a jail.
>>
>> I'm curious whether the "security.jail.param.allow.quotas" sysctl is
>> my missing link, and if so, why it is immutable.
>
> If using ZFS, you *could* create a file system with quota for each
> user's home directory in the jail.  I'm not saying it would be
> pretty....
>
> With UFS, I think you would have to ensure that UID/GIDs do not
> overlap between jails, at least for the users you want to be affected
> by quotas.  That could be as ugly as the thousands of ZFS file
> systems.

Well, you could if you trusted the jail admins not to use other UID/GIDs
(which he likely isn't even aware of). But the whole point of jails is
that you *don't* have to trust the admin.

- Jamie

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5044E512.6090209>