From owner-freebsd-hackers@FreeBSD.ORG Tue Jul 12 12:12:33 2005 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BD8CF16A41C for ; Tue, 12 Jul 2005 12:12:33 +0000 (GMT) (envelope-from jas_arlerr@yahoo.com.cn) Received: from web15010.mail.cnb.yahoo.com (web15010.mail.cnb.yahoo.com [202.165.103.67]) by mx1.FreeBSD.org (Postfix) with SMTP id 03A3443D45 for ; Tue, 12 Jul 2005 12:12:32 +0000 (GMT) (envelope-from jas_arlerr@yahoo.com.cn) Received: (qmail 16764 invoked by uid 60001); 12 Jul 2005 12:12:30 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.cn; h=Message-ID:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=xYK1KPn/TkwX/HhMjOFp44ZWgnkbigUFQhIlPs9vfpiUe7025+LQJEfXlEH4OaKEw1i6QFpbQUsR406zGWG5JoIUaFFaNeXDJTRTCLAkFePKAKN0Pl6C7VVXu52q7COiLWIlZ1ZzGcq2s+ffuPdSGHJLmBFiVVoCwbNIhD2Uyis= ; Message-ID: <20050712121230.16762.qmail@web15010.mail.cnb.yahoo.com> Received: from [61.187.54.10] by web15010.mail.cnb.yahoo.com via HTTP; Tue, 12 Jul 2005 20:12:30 CST Date: Tue, 12 Jul 2005 20:12:30 +0800 (CST) From: Jone Jas To: Dominic Marks In-Reply-To: <200507121114.42653.dom@goodforbusiness.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=gb2312 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-hackers@freebsd.org Subject: Re: limit jail disk space X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jul 2005 12:12:33 -0000 Thanks for your reply. I googled and found this method but I just did not have a try. As for the code-hacking method I mentioned, anyone with any idea is appreciated! Dominic Marks 写道: On Tuesday 12 July 2005 10:50, Jone Jas wrote: > Hi hackers, > As far as I know, there is no limit of the disk space that a jail > can use. As for the Linux VServer(similar to jail), its dlimit does > such thing for the "security context". I read the dlimit code and > find that it achieves that by limiting the number of inodes and data > blocks the vserver can get. The hooks are inserted in the functions > such as ext2_new_inode, ext2_free_inode, ext2_new_block and > ext2_free_block. My question is if we can do such thing to the jail. > If so, where should we insert the hooks? It seems that the FreeBSD > inode/block allocation/free functions are not so explicit as Linux. > There are serveral places, I'm not sure which are the correct ones: > for inodes: ffs_valloc, ffs_vfree > for blocks: ffs_alloc, ffs_freeblk, > or ufs_balloc_ufs1/2 > > Any reply or hints is appreciated! > Regards! One method which does not require hacking any code: # dd if=/dev/zero of=jail.file bs=1k count=1m 1048576+0 records in 1048576+0 records out 1073741824 bytes transferred in 23.940393 secs (44850635 bytes/sec) # ls -lh jail.file -rw-r--r-- 1 dom dom 1.0G Jul 12 11:08 jail.file # mdconfig -a -t vnode -f jail.file md0 # newfs -U /dev/md0 /dev/md0: 1024.0MB (2097152 sectors) block size 16384, fragment size 2048 using 6 cylinder groups of 183.44MB, 11740 blks, 23488 inodes. with soft updates super-block backups (for fsck -b #) at: 160, 375840, 751520, 1127200, 1502880, 1878560 # mount /dev/md0 /mnt # df -ih Filesystem Size Used Avail Capacity iused ifree %iused Mounted on /dev/md0 989M 4.0K 910M 0% 2 140924 0% /mnt Now just install your jail into /mnt and it will be confined to the size of disc you create. Expect slightly reduced disc performance using this technique. > Jas > > > > --------------------------------- > DO YOU YAHOO!? > 雅虎免费G邮箱-中国第一绝无垃圾邮件骚扰超大邮箱 > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to > "freebsd-hackers-unsubscribe@freebsd.org" HTH, -- Dominic Marks --------------------------------- DO YOU YAHOO!? 雅虎免费G邮箱-中国第一绝无垃圾邮件骚扰超大邮箱