[systemd-devel] users and per user limits (tmpfs)
Michał Zegan
webczat_200 at poczta.onet.pl
Tue Apr 28 03:19:58 PDT 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It may be possible, actually. Why oh why btrfs has no per user quotas?
this would be beneficial in some scenarios like this one.
W dniu 2015-04-28 o 12:17, Mantas Mikulėnas pisze:
> On Tue, Apr 28, 2015 at 1:06 PM, Lennart Poettering
> <lennart at poettering.net <mailto:lennart at poettering.net>> wrote:
>
> On Tue, 28.04.15 12:03, Michał Zegan (webczat_200 at poczta.onet.pl
> <mailto:webczat_200 at poczta.onet.pl>) wrote:
>
>> (sorry, I haven't sent a reply to the list) What about
>> namespacing and mounting tmpfs per user? You can specify a
>> filesystem size when mounting tmpfs can't you?
>
> Well, you can set this up with some packages for individual
> systems, but this cannot work for general purpose systems since X11
> uses /tmp for placing its communication sockets.
>
>
> That /should/ work as long as the X server itself is started by the
> same user (GDM 3.16 works that way because of Wayland, as does
> startx).
>
>
> Moreover, when this is set up the mount propagation from the user's
> namespace to the rest of system must be turned off for the root
> directory, and this will break general assumptions around mounting
> things through tools like "su" or "sudo" then, as those mounts will
> not propagate to the rest of the system either...
>
>
> Wondering how the existing pam_namespace deals with this. Maybe /
> could be kept shared, just /tmp made private.
>
> I don't really like the idea of littering regular systems with even
> more tangled mount namespaces, but still curious if this could
> work.
>
> -- Mantas Mikulėnas <grawity at gmail.com <mailto:grawity at gmail.com>>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBAgAGBQJVP17NAAoJEHb1CzgxXKwYppQP/3FQ68SBzE1GpN2hCEgsXHIa
+gP6MsGwnsMppXD0wlfEuu55k4mmfm9unZ6c/+fwA+iTPIhVQceUAyj2X4euhzo/
jEzs7v05BiO9dVp+ZUPrgn9JLkJ67ve83f0rIgQgM4niXolK0gRhNUcT056V78Lk
tWxqqJ1rY6MSlCWVQNbNgxy5c+gK5J3sKPNbDscTh4iI/usPSkfWYFfLIi5PwKOA
33I47SRzhJ4RuUs6znNJNhitb/bpD6WyWQVyo+NaPDt/iTFNsGeIndYF7YoL36BY
bo3Xuc8B4whQDV6W82EIWDT7gF5FP/G8cu4Z9w3e+f0Il8h5nEjltyVewWHpHaaK
KpBYQ09URZqLjdDbeN8A2Ay3laMa5PrXesBHQ10jCLkDYNQm4M4yS1hcLjKzsECj
huzUGYmx00Bm2C15CR8JK56NFGT2tNmg+LOTqgVSoSZ4Qe5WpyHpzK3CViFkC9q9
IB+6lHnKn8FEZKw9SD+rr/o1qyGdDY0KeePT4eBRElyOeip4+gcQjM8PpDbximUm
Cidm/ymvJ64sUbjhHkoclLFMfQIS6Jhx2BcTwa/cf0L9Y1OYBOCKm2KYoRKe55qN
N5lM2x54gPs8nrmM3nu7zfsHQluPRIuPCkJ2r+BrgAf4RQmqGgdl/5J5kmSdwdIq
5ZfVSo3syK0QjvtBxhCN
=4bV+
-----END PGP SIGNATURE-----
More information about the systemd-devel
mailing list