Disk quota for Jail. Discussion.

[Menshikov Konstantin]

Kostik Belousov wrote:
> On Tue, May 26, 2009 at 10:32:24AM +0400, Menshikov Konstantin wrote:
>   
>> Hi.
>> Jail now have no disk quotas.
>> Users which use jail, use separate zfs or md device for jail, but it 
>> from a hopelessness.
>> It is necessary to discuss possible ways of realisation.
>> I suggest to make disk quotas for jail on the basis of the user quotas.
>>
>> Introduction.
>> User UID and GID are located in inode and are always accessible.
>> No information about jail in ufs is present. All activity jail is 
>> limited root path.
>>
>> The work scheme.
>> In structure prison it is added structures containing disk quotas and usage.
>> At start Jail, we calculate the size root path and number of files in 
>> it, thus receiving current use of a disk.
>> In functions of allocation of disk blocks and inode, we check quotas and 
>> we increase current use.
>>     
> UFS cannot determine whether the new allocation goes under the jail
> root or not.
>   
Yes. But jail cannot allocate block and inode above root path. In 
allocation functions, whether for example ffs_alloc we have access to 
ucred process and we can check up there is a process in jail.
>> If jail exceeds a quota, inquiry about allocation of the disk block or 
>> inode it is rejected.
>> After work end jail the information on disk use is lost.
>>
>> What do you think about it?
>> There are other offers?
>>
>>     
If jail will get access to disk devices in/dev/and will mount file 
system of a problem also will not arise, I think...
Can be eat other problems which are not visible at first sight?