From owner-freebsd-jail@FreeBSD.ORG Thu Aug 30 21:32:07 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 88ECF106564A for ; Thu, 30 Aug 2012 21:32:07 +0000 (UTC) (envelope-from lists@jnielsen.net) Received: from ns1.jnielsen.net (secure.freebsdsolutions.net [69.55.234.48]) by mx1.freebsd.org (Postfix) with ESMTP id 69A608FC1C for ; Thu, 30 Aug 2012 21:32:06 +0000 (UTC) Received: from [10.10.1.32] (office.betterlinux.com [199.58.199.60]) (authenticated bits=0) by ns1.jnielsen.net (8.14.4/8.14.4) with ESMTP id q7ULW3Vl016011 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Thu, 30 Aug 2012 17:32:04 -0400 (EDT) (envelope-from lists@jnielsen.net) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.0 \(1486\)) From: John Nielsen In-Reply-To: Date: Thu, 30 Aug 2012 15:32:18 -0600 Content-Transfer-Encoding: quoted-printable Message-Id: <6B11ADF9-5B11-41CD-BDAC-6F8236FC1E4C@jnielsen.net> References: To: Darek M X-Mailer: Apple Mail (2.1486) X-DCC-sonic.net-Metrics: ns1.jnielsen.net 1117; Body=2 Fuz1=2 Fuz2=2 X-Virus-Scanned: clamav-milter 0.97.5 at ns1.jnielsen.net X-Virus-Status: Clean Cc: freebsd-jail@freebsd.org Subject: Re: Quotas inside jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Aug 2012 21:32:07 -0000 On Aug 30, 2012, at 2:52 PM, Darek M wrote: > playing around with setting quotas inside a jail. Configured and > tested them on the host, configured a quota for a jail user, but it > isn't being enforced. I attempted to set > security.jail.param.allow.quotas to 1, from command line, from > /etc/sysctl.conf, and from /boot/loader.conf, but it remains set to > '0'. >=20 > Am I looking at the right sysctl? If not, where should I be looking? > If yes, why does it appear to be immutable? I'm assuming you have basically one UFS filesystem for all your jails. = Is that the case? If so, do you have quotas enabled on the host? See the = handbook if you haven't already: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/quotas.html > I'm doing this on a 9.0-RELEASE system Another way to set hard quotas for jails is to give each one its own = filesystem of fixed size. This is trivially easy with zfs--just create a = zfs for each jail and set the quota property. To use UFS you can create = image files of whatever size you want, make them md(4) devices, and then = newfs(8) and mount(8) them. Unlike the method in the handbook, neither = of these options requires kernel quota support. JN