On Mon, Oct 14, 2019 at 12:41 AM Darrick J. Wong <darrick.wong@xxxxxxxxxx> wrote: > > On Sat, Oct 12, 2019 at 02:33:36PM +0800, Wang Shilong wrote: > > Steps to reproduce: > > [wangsl@localhost tmp]$ mkdir project > > [wangsl@localhost tmp]$ lsattr -p project -d > > 0 ------------------ project > > [wangsl@localhost tmp]$ chattr -p 1 project > > [wangsl@localhost tmp]$ lsattr -p -d project > > 1 ------------------ project > > [wangsl@localhost tmp]$ chattr -p 2 project > > [wangsl@localhost tmp]$ lsattr -p -d project > > 2 ------------------ project > > [wangsl@localhost tmp]$ df -Th . > > Filesystem Type Size Used Avail Use% Mounted on > > /dev/sda3 xfs 36G 4.1G 32G 12% / > > [wangsl@localhost tmp]$ uname -r > > 5.4.0-rc2+ > > > > As above you could see file owner could change project ID of file its self. > > As my understanding, we could set project ID and inherit attribute to account > > Directory usage, and implement a similar 'Directory Quota' based on this. > > So the problem here is that the admin sets up a project quota on a > directory, then non-container users change the project id and thereby > break quota enforcement? Dave didn't sound at all enthusiastic, but I'm > still wondering what exactly you're trying to prevent. Yup, we are trying to prevent no-root users to change their project ID. As we want to implement 'Directory Quota': If non-root users could change their project ID, they could always try to change its project ID to steal space when EDQUOT returns. Yup, if mount option could be introduced to make this case work, that will be nice. > > (Which is to say, maybe we introduce a mount option to prevent changing > projid if project quota *enforcement* is enabled?) > > --D >