From e5d6b6b0a2cfdbb21506b8f5e741cf719c149cb4 Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Thu, 28 Apr 2022 11:39:12 +0200
Subject: volume: add new option -o o=noquota

add a new option to completely disable xfs quota usage for a volume.

xfs quota set on a volume, even just for tracking disk usage, can
cause weird errors if the volume is later re-used by a container with
a different quota projid.  More specifically, link(2) and rename(2)
might fail with EXDEV if the source file has a projid that is
different from the parent directory.

To prevent such kind of issues, the volume should be created
beforehand with `podman volume create -o o=noquota $ID`

Closes: https://github.com/containers/podman/issues/14049

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
---
 libpod/runtime_volume_linux.go | 39 ++++++++++++++++++++++-----------------
 1 file changed, 22 insertions(+), 17 deletions(-)

(limited to 'libpod/runtime_volume_linux.go')

diff --git a/libpod/runtime_volume_linux.go b/libpod/runtime_volume_linux.go
index 241f6e2f2..f8788e183 100644
--- a/libpod/runtime_volume_linux.go
+++ b/libpod/runtime_volume_linux.go
@@ -73,7 +73,7 @@ func (r *Runtime) newVolume(options ...VolumeCreateOption) (_ *Volume, deferredE
 						return nil, errors.Wrapf(err, "invalid volume option %s for driver 'local'", key)
 					}
 				}
-			case "o", "type", "uid", "gid", "size", "inodes":
+			case "o", "type", "uid", "gid", "size", "inodes", "noquota":
 				// Do nothing, valid keys
 			default:
 				return nil, errors.Wrapf(define.ErrInvalidArg, "invalid mount option %s for driver 'local'", key)
@@ -111,23 +111,28 @@ func (r *Runtime) newVolume(options ...VolumeCreateOption) (_ *Volume, deferredE
 		if err := LabelVolumePath(fullVolPath); err != nil {
 			return nil, err
 		}
-		projectQuotaSupported := false
-
-		q, err := quota.NewControl(r.config.Engine.VolumePath)
-		if err == nil {
-			projectQuotaSupported = true
-		}
-		quota := quota.Quota{}
-		if volume.config.Size > 0 || volume.config.Inodes > 0 {
-			if !projectQuotaSupported {
-				return nil, errors.New("Volume options size and inodes not supported. Filesystem does not support Project Quota")
+		if volume.config.DisableQuota {
+			if volume.config.Size > 0 || volume.config.Inodes > 0 {
+				return nil, errors.New("volume options size and inodes cannot be used without quota")
 			}
-			quota.Size = volume.config.Size
-			quota.Inodes = volume.config.Inodes
-		}
-		if projectQuotaSupported {
-			if err := q.SetQuota(fullVolPath, quota); err != nil {
-				return nil, errors.Wrapf(err, "failed to set size quota size=%d inodes=%d for volume directory %q", volume.config.Size, volume.config.Inodes, fullVolPath)
+		} else {
+			projectQuotaSupported := false
+			q, err := quota.NewControl(r.config.Engine.VolumePath)
+			if err == nil {
+				projectQuotaSupported = true
+			}
+			quota := quota.Quota{}
+			if volume.config.Size > 0 || volume.config.Inodes > 0 {
+				if !projectQuotaSupported {
+					return nil, errors.New("volume options size and inodes not supported. Filesystem does not support Project Quota")
+				}
+				quota.Size = volume.config.Size
+				quota.Inodes = volume.config.Inodes
+			}
+			if projectQuotaSupported {
+				if err := q.SetQuota(fullVolPath, quota); err != nil {
+					return nil, errors.Wrapf(err, "failed to set size quota size=%d inodes=%d for volume directory %q", volume.config.Size, volume.config.Inodes, fullVolPath)
+				}
 			}
 		}
 
-- 
cgit v1.2.3-54-g00ecf