[Lxc-users] lxc & usrquota

Trent W. Buck trentbuck at gmail.com
Fri Jan 14 10:45:41 UTC 2011 

If I'm reading this correctly, the hard, block, usrquota I set on /home
isn't being enforced within containers.

root at omega:~# repquota -psn /home
*** Report for user quotas on device /dev/mapper/omega-home
Block grace time: 7days; Inode grace time: 7days
                        Block limits                File limits
User            used    soft    hard  grace    used  soft  hard  grace
----------------------------------------------------------------------
#0        --      20       0       0      0       2     0     0      0
#1001     --      16    768G   1024G      0       4  197k  263k      0
#1002     --      16    768G   1024G      0       4  197k  263k      0
#1005     --      16    768G   1024G      0       4  197k  263k      0
#1140     --      16    768G   1024G      0       4  197k  263k      0
#1146     --      16    768G   1024G      0       4  197k  263k      0
#1154     --      16    768G   1024G      0       4  197k  263k      0
#1158     --      16    768G   1024G      0       4  197k  263k      0
#1170     --      16    768G   1024G      0       4  197k  263k      0
#1187     --   1243M    768G   1024G      0   40487  197k  263k      0
#1188     --      16    768G   1024G      0       4  197k  263k      0
#1200     --      16    768G   1024G      0       4  197k  263k      0
#2302     --      16    768G   1024G      0       4  197k  263k      0
#9067     --      16    768G   1024G      0       4  197k  263k      0
#9076     --      16    768G   1024G      0       4  197k  263k      0
#9078     --      16    768G   1024G      0       4  197k  263k      0
#9080     --      16    768G   1024G      0       4  197k  263k      0


I produced this by mounting /home with -ousrquota, bind mounting it in
containers, then git cloning the kernel a few times as user 1187.
The repquota above was run on the dom0, because quota QUERY programs
don't work in the containers -- they whinge because I deny them direct
access to block devices:

root at greed:~# repquota /home
repquota: Cannot stat() mounted device /dev/mapper/omega-home: No such file or directory
repquota: Mountpoint (or device) /home not found or has no quota enabled.
repquota: Not all specified mountpoints are using quota.


In case it matters: users are stored in a slapd container (RFC 2307),
and containers resolve them using PADL libnss-ldap.  The dom0 *doesn't*
resolve them, because I've deliberately not installed libnss-ldap on it.
This also prevents me checking if quotas are enforced on the dom0,
because I can't "su - 1187".

More information about the lxc-users mailing list