On 2017-11-02 12:28, ST wrote:
On Thu, 2017-11-02 at 19:16 +0300, Marat Khalili wrote:
Could somebody among developers please elaborate on this issue - is
checking quota going always to be done by root? If so - btrfs might be
a no-go for our use case...
Not a developer, but sysadmin here: what prevents you from either
creating suid executable for this or configuring sudoers to let users
call specific commands they need?
1. If designers have decided to limit access to that info only to root -
they must have their reasons to do so, and letting everybody do that is
probably contrary to those reasons.
I wouldn't say this is a compelling argument. Some things that probably
should be root only aren't, and others that should not be are, so the
whole thing is rather haphazard. Unless one of the developers can
comment either way, I wouldn't worry too much about this.
2. I want to limit access to sftp, so there will be no custom commands
to execute...
A custom version of the 'quota' command would be easy to add in there.
In fact, this is really the only option right now, since setting up sudo
(or doas, or whatever other privilege escalation tool) to allow users to
check usage requires full access to the 'btrfs' command, which in turn
opens you up to people escaping their quotas.
3. sftp clients (especially those for windows) can determine quota - and
they do it probably in some standard way - which doesn't seem to be
compatible with btrfs...
They call the 'quota' command. This isn't integrated with BTRFS qgroups
though because the VFS quota API (which it uses) has significantly
different semantics than BTRFS quota groups. VFS quotas are per-user
(or on rare occasion, per 'project'), whereas BTRFS quota groups apply
to subvolumes, not users, which is in turn part of why it's possible to
escape quota requirements on BTRFS.
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
