On Fri, Apr 21, 2017 at 10:09:46AM +0000, Sargun Dhillon wrote:
> This patch allows processes with CAP_SYS_RESOURCE to exceed the qgroup
> limit. It's useful for administrative programs, such as log rotation,
> that may need to temporarily use more disk space in order to free up
> a greater amount of overall disk space without yielding more disk
> space to the rest of userland.
> static bool qgroup_check_limits(const struct btrfs_qgroup *qg, u64 num_bytes)
> {
> + if (capable(CAP_SYS_RESOURCE))
> + return true;
> +
I don't think it's a good idea to make random root-uid processes ignore
qgroups completely. Just because the daemon in question doesn't use a
separate uid is no reason to not protect you from it consuming all the disk
space.
A temporary request "please let me exceed limits" would make sense, though.
The problem with CAP_SYS_RESOURCE is that it's always on unless explicitly
dropped.
--
⢀⣴⠾⠻⢶⣦⠀ Meow!
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋⠀ Collisions shmolisions, let's see them find a collision or second
⠈⠳⣄⠀⠀⠀⠀ preimage for double rot13!
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
