From owner-freebsd-hackers@FreeBSD.ORG Thu Apr 27 04:10:44 2006 Return-Path: X-Original-To: hackers@freebsd.org Delivered-To: freebsd-hackers@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 628DB16A403 for ; Thu, 27 Apr 2006 04:10:44 +0000 (UTC) (envelope-from wayne@manor.msen.com) Received: from manor.msen.com (manor.msen.com [148.59.4.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 66F7B43D46 for ; Thu, 27 Apr 2006 04:10:43 +0000 (GMT) (envelope-from wayne@manor.msen.com) Received: from manor.msen.com (localhost [127.0.0.1]) by manor.msen.com (8.12.11/8.12.11) with ESMTP id k3R4AgUT073586 for ; Thu, 27 Apr 2006 00:10:42 -0400 (EDT) (envelope-from wayne@manor.msen.com) Received: (from wayne@localhost) by manor.msen.com (8.12.11/8.12.11/Submit) id k3R4AfJQ073585 for hackers@freebsd.org; Thu, 27 Apr 2006 00:10:41 -0400 (EDT) (envelope-from wayne) Date: Thu, 27 Apr 2006 00:10:41 -0400 From: "Michael R. Wayne" To: hackers@freebsd.org Message-ID: <20060427041041.GM20420@manor.msen.com> Mail-Followup-To: hackers@freebsd.org References: <20060426182348.O4513@sporker.bway.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060426182348.O4513@sporker.bway.net> User-Agent: Mutt/1.4.2.1i Cc: Subject: Re: Jail Quotas - quota.user hard link X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Apr 2006 04:10:44 -0000 On Wed, Apr 26, 2006 at 06:23:59PM -0400, Charles Sprickman wrote: > > I have a question about using quotas in a jail with FreeBSD 6.x. So far I > have had no problems on a test box with setting quotas from the host using > a numeric UID (ie: edquota -u 20000 where UID 20000 is a user that only > exists in a jail). That seems to "just work". Just a heads up: quotas in jails on FreeBSD 6 are pretty broken. I'll include some workarounds. Basic operation can be done by specifying a filename, available in the jail, which contains the quotas. So, on the base system, /etc/fstab contains: /dev/twed0s2f /usr/jails/foo.bar.com ufs rw,userquota=/usr/jails/foo.bar.com/usr/quotas/shell.root 2 2 and on the foo.bar.com jail, /etc/fstab contains: /dev/twed0s2f / ufs rw,userquota=/usr/quotas/shell.root,noauto 2 2 Now the problems begin. You either do chmod a+r /usr/quotas/shell.root which permits everyone on the machine to read all quotas (both quota and repquota) or chmod o-r /usr/quotas/shell.root which permits ONLY root to read any quotas. Normal users can not see their own quotas (I filed a PR on this quite some time back, nobody seems interested). This seems to be new breakage since 4.x Also, if you edquota from within the jail, it does not really take effect. You can stick an hourly cron script on the base system containing quotaoff -a quotacheck -a quotaon -a which will "fixup" the mess. Alternately, you can only use edquota from the base system which seems to mostly work. ISTR that there was something else that was odd but I'm sure somebody else will jump in and mention it. /\/\ \/\/