[nycbug-talk] nullfs, jails and quotas

Charles Sprickman spork
Thu Jan 12 22:40:35 EST 2006 

On Thu, 12 Jan 2006, Isaac Levy wrote:

> Hey Charles,  All,
>
> Not a very timely response, but I feel I should weigh in on this issue.
>
> On Jan 9, 2006, at 7:17 PM, Charles Sprickman wrote:
>
>> Here's a quick tip:
>> 
>> Don't try using nullfs to mount /usr/ports (or anything else) into a jail 
>> and then enable quotas on the jail's partition.  Really bad juju there.
>> 
>> This is on 6-stable.  On running quotacheck after killing off all jails, 
>> that process was hung, and anything else that touched that partition went 
>> into a "disk wait" state that was unkillable.  Running a shutdown just left 
>> the machine hanging in a not-quite-dead state.  It seems like the kernel 
>> will block forever on any processes waiting for that partition.  A reboot 
>> alone did not clear it, the background fsck also hung.
>> 
>> Just a friendly warning for anyone doing that kind of tinkering remotely - 
>> always unmount your nullfs mounts before screwing with quotas...
>
> Nullfs is outright unsuported, as I've said during the course of several 
> lectures on jail(8).  The man page for mount_nullfs(8) states:
>
> <snip>
> BUGS
>     THIS FILE SYSTEM TYPE IS NOT YET FULLY SUPPORTED (READ: IT DOESN'T WORK)
>     AND USING IT MAY, IN FACT, DESTROY DATA ON YOUR SYSTEM.  USE AT YOUR OWN
>     RISK.  BEWARE OF DOG.  SLIPPERY WHEN WET.
>
>     This code also needs an owner in order to be less dangerous - serious
>     hackers can apply by sending mail to <hackers at FreeBSD.org> and 
> announcing
>     their intent to take it over.
> <snip>
>
> Charles: I'm dreadfully empathetic if this cost you time and energy.

Ike,

I've seen that warning, and I think we've discussed it here before as 
well.  My problem is that I did not really think about this when I turned 
on quotas.  I was simply using nullfs to get the host's ports tree into 
the jail, and normally I unmount it when I'm done mucking about.

The bright side is that there was no data loss, and the time lost 
translated into a lesson learned, so it's all good.

Another question on this topic that was not answered on -hackers...  I 
assume that one day, some brave soul will pick up maintainership of nullfs 
(someone is working on fixing up unionfs right now, btw).  I'm inclined to 
file a PR on this issue as I think it is full of clues for someone that 
has the brains to hack such things.  What says everyone?  Would it be 
looked at as an annoyance or a help?

Charles

> Rocket-
> .ike
>
>
>

More information about the talk mailing list