Date: Thu, 03 May 2007 23:09:09 +0300 From: Cristian KLEIN <cristi@net.utcluj.ro> To: freebsd-fs@freebsd.org Subject: Quotas not working in Jail Message-ID: <463A4165.3020307@net.utcluj.ro>
next in thread | raw e-mail | index | archive | help
Hi everybody, As many persons might have mentioned, non-superusers running inside a jail are unable to query their quota, unless they have direct access to "quota.user". This is inconvenient for two reasons: 1) Users will be able to get other's quota as well. 2) Many applications (for example dovecot) use quotactl() to retrieve the user's quota, so giving access to quota.user won't help. All this is caused by the following piece of code in vfs_syscalls.c --- cut here --- /* XXX PRISON: could be per prison flag */ static int prison_quotas; #if 0 SYSCTL_INT(_kern_prison, OID_AUTO, quotas, CTLFLAG_RW, &prison_quotas, 0, ""); #endif --- and here --- Does anybody know why '#if 0' is there? Considering the fact that SYSCTL's defined this way can't be written from jail, and that the default is zero, I think it is safe to remove '#if 0'. I changed 'prison_quotas' from KDB on one of my servers, and everything seems to be fine. I can finally show quotas to my users. :) Another fact which bothers me is why does quota(1) read quota.* files directly when quotactl(2) fails? As I understood from a post, quota caching within the kernel might render writing to quota.* useless. In addition, quota handling should strictly be the kernel's job. Userspace shouldn't know nor care how the kernel stores its quota. My 0.02$.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?463A4165.3020307>