On Wed 11-03-15 12:03:19, Li Xi wrote: > This patch adds support for a new quota type PRJQUOTA for project quota > enforcement. Also a new method get_projid() is added into dquot_operations > structure. > > Signed-off-by: Li Xi <lixi@xxxxxxx> > Signed-off-by: Dmitry Monakhov <dmonakhov@xxxxxxxxxx> > Reviewed-by: Jan Kara <jack@xxxxxxx> ... > diff --git a/fs/quota/quota.c b/fs/quota/quota.c > index 2aa4151..c76b350 100644 > --- a/fs/quota/quota.c > +++ b/fs/quota/quota.c > @@ -30,11 +30,15 @@ static int check_quotactl_permission(struct super_block *sb, int type, int cmd, > case Q_XGETQSTATV: > case Q_XQUOTASYNC: > break; > - /* allow to query information for dquots we "own" */ > + /* > + * allow to query information for dquots we "own" > + * always allow querying project quota > + */ > case Q_GETQUOTA: > case Q_XGETQUOTA: > if ((type == USRQUOTA && uid_eq(current_euid(), make_kuid(current_user_ns(), id))) || > - (type == GRPQUOTA && in_egroup_p(make_kgid(current_user_ns(), id)))) > + (type == GRPQUOTA && in_egroup_p(make_kgid(current_user_ns(), id))) || > + (type == PRJQUOTA)) > break; I wanted to merge this patch but this hunk caught my eye. Why do we suddently allow querying of project quotas? Traditionally that has been allowed only with CAP_SYS_ADMIN. I agree it looks too restrictive to me but unless that's a bug, I think we have to adhere to original behavior and drop this hunk. Dave, was that behavior of project quotas intended? Honza -- Jan Kara <jack@xxxxxxx> SUSE Labs, CR -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html