Date: Mon, 17 Feb 2020 13:15:31 -0500 From: Ernie Luzar <luzar722@gmail.com> To: Valeri Galtsev <galtsev@kicp.uchicago.edu> Cc: Mike Wayne <FreeBSD_jail@wayne47.com>, freebsd-jail@freebsd.org Subject: Re: jails with quota Message-ID: <5E4AD843.3010300@gmail.com> In-Reply-To: <0EF25B11-D54E-4D3C-8C1E-336547EC22E6@kicp.uchicago.edu> References: <5E46EC97.5080609@gmail.com> <20200217165135.GF60273@post.wayne47.com> <0EF25B11-D54E-4D3C-8C1E-336547EC22E6@kicp.uchicago.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Valeri Galtsev wrote: > >> On Feb 17, 2020, at 10:51 AM, Mike Wayne <FreeBSD_jail@wayne47.com> wrote: >> >> On Fri, Feb 14, 2020 at 01:53:11PM -0500, Ernie Luzar wrote: >>> But after starting the fulljail with the allow.quotas option in >>> jail.config and entering the root console I get this >>> edquota -uh daddy message "NO quotas on any filesystem >>> repquota -ah gives nothing >>> quota -h daddy message Disk quotas for user daddy (uid1001): none >>> >>> I see that quota had bug fixed in 12.0 that is now in 12.1 release that >>> I am running on my host. Did that fix screw up jail quotas? Does the >>> /etc/fstab file in fulljail need a entry? If so what should it look like. >> I spent a lot of time messing with this and came to the conclusion >> that quotas no longer work in jails. I've been doing quotas in jails >> for many years, while it has always been a hack, it used to work >> well. Current releases seem to have completely broken quotas for >> jails. > > I am sure jail restricts commands related to filesystem management and information on purpose. Therefore all commands related to quotas if executed inside jail will fail [or rather not provide any information. Quotas, however, will still be enforced, as filesystem I/O operations are being passed over to be executed on actual filesystem outside on the jail. > > The above sentiment is related to the way I mount filesystem to have quota restrictions inside jail. > > I mount actual filesysten with quotas into > > /some/place > > and enable quotas on the as usually. Then I mount that nullfs inside jails (have line in /etc/fstab resembling the following mount command): > > mount -t nullfs /some/place /place/inside/jail/mountpoint > > > And users inside jail are being restricted to the qutas defined for their userid’s. > > I hope, this helps. > > Valeri > What you are doing is a work around where you make each directory tree jail look like a filesystem. This same thing can also be done using mdconfig command. This solution is not documented as a requirement of jails with quota. If you look at bugzilla you will see many bug reports about quota not working going back to 2017 and release 9.0. quota is antique software developed when ufs was the only filesystem available. It's obvious that quota has not gotten the maintenance it needs to stay current with changing times. The FreeBSd Foundation needs to provide funding to attract someone to put the effort into quota to bring it up to current standards. Then again quota has such a small user group because it only works on ufs filesystem that it should have never been added to the base release kernel no longer requiring a kernel compile to enable it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5E4AD843.3010300>