lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140810165253.GJ15431@thunk.org>
Date:	Sun, 10 Aug 2014 12:52:53 -0400
From:	Theodore Ts'o <tytso@....edu>
To:	Shuichi Ihara <sihara@....com>
Cc:	Li Xi <pkuelelixi@...il.com>,
	"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
	Ext4 Developers List <linux-ext4@...r.kernel.org>,
	"viro@...iv.linux.org.uk" <viro@...iv.linux.org.uk>,
	"hch@...radead.org" <hch@...radead.org>, Jan Kara <jack@...e.cz>,
	Andreas Dilger <adilger@...ger.ca>,
	"Niu, Yawei" <yawei.niu@...el.com>
Subject: Re: [PATCH v2 0/4] quota: add project quota support

On Sun, Aug 10, 2014 at 08:38:25AM +0000, Shuichi Ihara wrote:
> 
> One of our (Li Xi and ourself) purpose of what we need project quota
> support in ext4, is project quota support in the Lustre filesystem.

OK, but for lustre, you completely bypass the VFS when you write the
back end files.  Yes?  So if implement something which is XFS
compatible vis-a-vis a directory tree quota, it doesn't matter if
Lustre is creating many different files that belong to project id's.


This being said, for this particular use case, I'm not entirely sure
why you can't just create separate groups for each project, and then
let group inheritance take care of things:

mkdir top-level
chgrp project1 top-level
chmod g+s top-level

Now all of the files created in top-level will be accounted in
project1's quota.

If the answer is that it's too easy to evade quota controls by using
the "chgrp" command, note that if you are going to allow users to mv
files around, they can easily evade the project quota anyway, by
creating the file in top-level dirctory of project2, and then mv'ing
it into the top-level directory of project1.

Or are you really saying you really need to simultaneously track quota
from a group perspective, and a project perspectively, at the same
time?  If so, why?

Regards,

					- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ