[lxc-users] Allow quotas settings in container.

PONCET Anthony ff240 at msn.com
Tue Mar 3 06:37:14 UTC 2015 

Le 02/03/2015 22:00, Devon B. a écrit :
> I couldn't figure out how to allow user/group quotas inside the 
> container and I couldn't find many resources other than failed 
> attempts or unresolved reports.
>
> I received the same error as you and tried making a fake device using 
> mknod to no avail.   The problem is that the rootfs (/) is always only 
> mounted as (rw).  So then it tries to fall back to the other / in 
> /proc/mounts which is the block device which isn't available in the 
> container (for good reason probably).
>
> I think the only possible way I had seen that quotas had worked was 
> using a bind mount from the container to a host mount with usrquota 
> enabled.  However, in my case, this did not seem appealing because I 
> would have to maintain two filesystems for each container (rootfs and 
> the usrquota) and from what I remember, the users/groups had to 
> coexist on the host and the container so it would only be viable on 
> one container.
>
>> PONCET Anthony <mailto:ff240 at msn.com>
>> Monday, March 2, 2015 12:13 PM
>> Hi,
>> I know lxc doesn't manage or use quota, but how to used it in one 
>> container?
>> I created one lv for my container, and I mounted with usrquota and 
>> grpquota options.
>> But when I try to used quotacheck or quotaon (in my container), I 
>> have an error : "impossible to use stat() on 
>> /dev/mapper/vg_name-lv_name, file doesn't exist ".
>> Do you have an idea?
>>
>>
>>
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
Hi,
I found how to can enable quota.
1) Stop your container and edit the config file and add 
"lxc.cgroup.devices.allow = b 252:x rwm".
2) Add usrquota,grpquota options in fstab from rootfs container raw IE: 
"uuid=.... /path/of/your/container/rootfs fs_type 
defaults,usrquota,grpquota 0 2".
3) After mounting lv in rootfs of your container with "sudo mount -a", 
make (in container) a nod with "sudo mknod -m 660 /dev/dm-x 252 x" (dm-x 
= path of your lv and x = minor id of your peripheral lv (ls -l /dev/dm-x)).
4) Always in container, "sudo mkdir /dev/mapper && cd /dev/mapper && 
sudo ln -s ../dm-x vg_name-lv_name && sudo touch /aquota.user && sudo 
touch /aquota.group && sudo chmod 600 /aquota.* && sudo quotacheck -augv".
5) On the host, enable quota with : "sudo quotaon -ugv 
/path/of/your/container/rootfs/".

But, now, when I try to set quota with quotatool or edquota -u user (in 
the container), I had an error : "edquota: Unable to get the quotas 
kernel to user 101001 /dev/mapper/vg_name-lv_name: Operation not permitted
edquota: Error trying quota /dev/mapper/vg_name-lv_name #101001 (101001 
id): Operation not permitted
edquota: Impossibble retrieve quota information for 101,001 users.
"
Can I add a capabilities to allow this access? Or an other track?

Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150303/5840abec/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: compose-unknown-contact.jpg
Type: image/jpeg
Size: 770 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20150303/5840abec/attachment-0001.jpg>

More information about the lxc-users mailing list