Re: quotas + jail ?
Marc G. Fournier wrote: > On Wed, 11 Jan 2006, Michal Mertl wrote: > > > Vladimir Dvorak wrote: > >> Hello, > >> > >> I have simple question - is possible to use quotas in jail(8) environment ? > > > > Yes, it is, although with some restrictions. > > > > You have to enable the disk quotas from the host (have them listed in > > host's /etc/fstab). > > > > To operate the quotas from inside the jail quotas have to be mentioned > > in jail's /etc/fstab too (when using the file name of quota file it has > > to be relative to jail's root). Repquota/edquota/quota work inside the > > jail. > > > > You have to keep in mind that disk quotas are in fact a property of a > > filesystem and are not related to jails at all. So if two jails share a > > filesystem the disk quotas are shared too. If you have users with the > > same UID in both the jails they will share the quota. > > How hard would it be to extend quotas so that its not just uid/gid based, > but directory? ie. everything under /vm/jail1 falls under this quota, > regardless of uid/gid? I don't think I understand your goal. Do you want some grand limit for whole jail's disk usage or have separated quotas for jails on the same partition? Neither can be done at the moment with disk quotas. The needed changes to support either will be quite extensive I believe. I recommend using separate partition for each jail. This will allow you to achieve both goals at the same time. If you have lot of jails and the number of partitions is the problem you can use gpt(8) or vnode based md(4) (see mdconfig(8)). With md(4) you can also use sparse backing files and that way have more space than you have on physical drives. Beware of overcommit though - I wouldn't be surprised if the system crashed when the disk is full and the md(4) file system is supposed to have free space in it. Michal ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: quotas + jail ?
On 11 Jan 2006, at 16:36, Marc G. Fournier wrote: On Wed, 11 Jan 2006, Michal Mertl wrote: Vladimir Dvorak wrote: Hello, I have simple question - is possible to use quotas in jail(8) environment ? Yes, it is, although with some restrictions. You have to enable the disk quotas from the host (have them listed in host's /etc/fstab). To operate the quotas from inside the jail quotas have to be mentioned in jail's /etc/fstab too (when using the file name of quota file it has to be relative to jail's root). Repquota/edquota/quota work inside the jail. You have to keep in mind that disk quotas are in fact a property of a filesystem and are not related to jails at all. So if two jails share a filesystem the disk quotas are shared too. If you have users with the same UID in both the jails they will share the quota. How hard would it be to extend quotas so that its not just uid/gid based, but directory? ie. everything under /vm/jail1 falls under this quota, regardless of uid/gid? Given the lack of a unique name for files in UFS, quite difficult, I'd presume. Ceri PGP.sig Description: This is a digitally signed message part
Re: quotas + jail ?
On Wed, 11 Jan 2006, Michal Mertl wrote: Vladimir Dvorak wrote: Hello, I have simple question - is possible to use quotas in jail(8) environment ? Yes, it is, although with some restrictions. You have to enable the disk quotas from the host (have them listed in host's /etc/fstab). To operate the quotas from inside the jail quotas have to be mentioned in jail's /etc/fstab too (when using the file name of quota file it has to be relative to jail's root). Repquota/edquota/quota work inside the jail. You have to keep in mind that disk quotas are in fact a property of a filesystem and are not related to jails at all. So if two jails share a filesystem the disk quotas are shared too. If you have users with the same UID in both the jails they will share the quota. How hard would it be to extend quotas so that its not just uid/gid based, but directory? ie. everything under /vm/jail1 falls under this quota, regardless of uid/gid? Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: [EMAIL PROTECTED] Yahoo!: yscrappy ICQ: 7615664 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: quotas + jail ?
Vladimir Dvorak wrote: > Hello, > > I have simple question - is possible to use quotas in jail(8) environment ? Yes, it is, although with some restrictions. You have to enable the disk quotas from the host (have them listed in host's /etc/fstab). To operate the quotas from inside the jail quotas have to be mentioned in jail's /etc/fstab too (when using the file name of quota file it has to be relative to jail's root). Repquota/edquota/quota work inside the jail. You have to keep in mind that disk quotas are in fact a property of a filesystem and are not related to jails at all. So if two jails share a filesystem the disk quotas are shared too. If you have users with the same UID in both the jails they will share the quota. Michal ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: quotas + jail ?
Björn König wrote: > Vladimir Dvorak schrieb: > >> I have simple question - is possible to use quotas in jail(8) >> environment ? >> [...] >> >> It seems to be impossible ( some kernel restriction ). :-( Is there some >> way to allow this ? My last idea was to replicate users and groups to >> "main" system and use quotas from it - but it is not good solution if we >> have several hundreds users in jail(8). > > > You don't need to replicate users and groups, just use UIDs and GIDs. > There is a serious disadvantage: if you set quota for a specific UID > then it affects all users with the same UID in different jails and > even at the host; I guess this is not what you want. > > If you want to restrict the space that can be consumed by a jail then > you might use memory devices, i.e. > > # create 1 GiB file > $ dd if=/dev/zero of=myjail321 count=16k bs=64k > $ mdconfig -af myjail321 > md321 > $ mkdir /jail/myjail321 > $ mount /dev/md321 /jail/myjail321 > $ cd /usr/src > $ make installworld DESTDIR=/jail/myjail321 > > and so on ... > > > Regards > Björn > Thank you Björn, I thing it is possible. I will shift existing UIDs ( in jail) to higher values (5-> ) and apply quotas on them. I will try to eliminate UID mixing. Thank you for your suggestion. Vladimir ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: quotas + jail ?
Vladimir Dvorak schrieb: I have simple question - is possible to use quotas in jail(8) environment ? [...] It seems to be impossible ( some kernel restriction ). :-( Is there some way to allow this ? My last idea was to replicate users and groups to "main" system and use quotas from it - but it is not good solution if we have several hundreds users in jail(8). You don't need to replicate users and groups, just use UIDs and GIDs. There is a serious disadvantage: if you set quota for a specific UID then it affects all users with the same UID in different jails and even at the host; I guess this is not what you want. If you want to restrict the space that can be consumed by a jail then you might use memory devices, i.e. # create 1 GiB file $ dd if=/dev/zero of=myjail321 count=16k bs=64k $ mdconfig -af myjail321 md321 $ mkdir /jail/myjail321 $ mount /dev/md321 /jail/myjail321 $ cd /usr/src $ make installworld DESTDIR=/jail/myjail321 and so on ... Regards Björn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
