From owner-freebsd-jail@freebsd.org  Thu Jan  5 13:37:01 2017
Return-Path: <owner-freebsd-jail@freebsd.org>
Delivered-To: freebsd-jail@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 58E67CA0A01
 for <freebsd-jail@mailman.ysv.freebsd.org>;
 Thu,  5 Jan 2017 13:37:01 +0000 (UTC)
 (envelope-from admin@x205.save85off.com)
Received: from x205.save85off.com (x205.save85off.com [43.240.238.205])
 by mx1.freebsd.org (Postfix) with ESMTP id 2144816A6
 for <freebsd-jail@freebsd.org>; Thu,  5 Jan 2017 13:37:00 +0000 (UTC)
 (envelope-from admin@x205.save85off.com)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=save85off;
 d=x205.save85off.com; 
 h=MIME-Version:From:To:Date:Subject:Content-Type:Content-Transfer-Encoding;
 i=admin@x205.save85off.com; bh=PmN6IKyWGc76U2SgEC+PsJcT5H8=;
 b=dXr6uACXdZdnGXqWiYttFyzU4gSAsP/RIKbiDJ2gD7u2rTXyQLto9Mm0ptECjhbxCq8E7aSNBuEG
 10G1B5mwlcSIJrI6ViJElhiHNkGgKOEl13+vOJiFFQADKF0ZJ+VChFSrPO07h8j1CQKMZfQV0356
 DzNVEusT+Rgnu1oYGX4=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=save85off;
 d=x205.save85off.com; 
 b=hHERBmSkzgFVUCiaaOEt8QCxynV3OufDgM3fnPkmIXM8iWvt0Q4LFegoOzpvJ2VuN5/yGjocP52t
 nGt4L4LSvmH6NT49CWOxrqw1/x4VM7pnfstNoHaXOXnzD68H6ZKi+220W7EP9CDB5F721hmLpMUL
 LQRtwdSERP2bhVKys9E=;
From: "Michael Kors Discount" <admin@x205.save85off.com>
To: freebsd-jail@freebsd.org
Date: 5 Jan 2017 21:27:01 +0800
Subject: Our Ultimate Gift Guide for the Holidays win 195$
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Content-Filtered-By: Mailman/MimeDel 2.1.23
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail/>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2017 13:37:01 -0000


From owner-freebsd-jail@freebsd.org  Thu Jan  5 19:05:48 2017
Return-Path: <owner-freebsd-jail@freebsd.org>
Delivered-To: freebsd-jail@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id C930DCA1BD9
 for <freebsd-jail@mailman.ysv.freebsd.org>;
 Thu,  5 Jan 2017 19:05:48 +0000 (UTC)
 (envelope-from markham@ssimicro.com)
Received: from barracuda.ssimicro.com (barracuda.ssimicro.com [96.46.39.196])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
 bits))
 (Client CN "*.ssimicro.com", Issuer "RapidSSL SHA256 CA - G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id A31E914C9
 for <freebsd-jail@freebsd.org>; Thu,  5 Jan 2017 19:05:48 +0000 (UTC)
 (envelope-from markham@ssimicro.com)
Received: from mail.ssimicro.com (mail.ssimicro.com [64.247.129.10]) by
 barracuda.ssimicro.com with ESMTP id tBAc8IOfluwE9C2v (version=TLSv1.2
 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
 Thu, 05 Jan 2017 13:53:52 -0500 (EST)
Received: from yk-office-RESERVED-64-247-130-127.ssimicro.com
 (yk-office-RESERVED-64-247-130-127.ssimicro.com [64.247.130.127])
 (authenticated bits=0)
 by mail.ssimicro.com (8.15.2/8.15.2) with ESMTPSA id v05Irp56043026
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT);
 Thu, 5 Jan 2017 11:53:51 -0700 (MST)
 (envelope-from markham@ssimicro.com)
To: freebsd-questions@freebsd.org, freebsd-jail <freebsd-jail@freebsd.org>
From: markham breitbach <markham@ssimicro.com>
Subject: Resource Limits Within Jails
Message-ID: <118410c1-1e3e-2388-ea5b-682515bc39f1@ssimicro.com>
Date: Thu, 5 Jan 2017 11:53:55 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0)
 Gecko/20100101 Thunderbird/45.6.0
MIME-Version: 1.0
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: by bsmtpd at ssimicro.com
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail/>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jan 2017 19:05:48 -0000

I am trying to figure out the best way to manage resource limits for a
particular daemon within a jail (specifically memory usage), without
having to limit the entire jail and other processes within.

I have searched around and looked at the handbook and man pages for rctl
and login.conf, but neither seems to really do what I want.

rctl only seems to be able to operate from the jail host, and afaik can
only limit a process once you have the PID, so you can't just set it
somewhere and be done with it.  rctl user limits only apply to the host,
and not the same user within a jail, and I have not even investigated
how that behaves for a process that has started as root and done a
privilege drop.

Similarly, login.conf seems to have no effect whatsoever within a jail,
even after restarting the jail and logging in again.

Is there something I am missing?  Does anyone know how to do this?

Thanks,

-Markham