quotas

Disk quotas are commonly used by ISPs, by Web hosting companies, on FTP sites, and on corporate file servers to ensure continued availability of their systems.

Quotas are used to limit a users or a group of users ability to consume disk space. This prevents a small group of users from monopolizing disk capacity and potentially interfering with other users or the entire system.

Without quotas, one or more users can upload files on an FTP server to the point of filling a file system. Once the affected partition is full, other users are effectively denied upload access to the disk. This is also a reason to mount different file system directories on different partitions. For example, if you only had partitions for your root (/) directory and swap space, someone uploading to your computer could fill up all of the space in your root directory (/). Without at least a little free space in the root directory (/), your system could become unstable or even crash.

You have two ways to set quotas for users. You can limit users by inodes or by kilobyte-sized diskblocks. Every Linux file requires an inode. Therefore, you can limit users by the number of files or by absolute space. You can set up different quotas for different file systems. For example, you can set different quotas for users on the /home and /tmp directories if they are mounted on their own partitions. Limits on disk blocks restrict the amount of disk space available to a user on your system. Older versions of Red Hat Linux included LinuxConf, which included a graphical tool to configure quotas. Red Hat no longer has a graphical quota configuration tool. Today, you can configure quotas on RHEL only through the command line interface.

Hard limit – For example, if you specify 2GB as hard limit, user will not be able to create new files after 2GB

Soft limit – For example, if you specify 1GB as soft limit, user will get a warning message “disk quota exceeded”, once they reach 1GB limit. But, they’ll still be able to create new files until they reach the hard limit

Grace Period – For example, if you specify 10 days as a grace period, after user reach their hard limit, they would be allowed additional 10 days to create new files. In that time period, they should try to get back to the quota limit.

Quota Tools
Quota checks can be implemented on the file system of a hard disk partition mounted on your system. The quotas are enabled using the quotacheck and quotaon programs. They are executed in the /etc/rc.d/rc.sysinit script, which is run whenever you start up your system. Each partition needs to be mounted with the quota options, usrquota or grpquota. usrquota enables quota controls for users, and grpquota works for groups.
You also need to create quota.user and quota.group files for each partition for which you enable quotas. These are the quota databases that hold the quota information for each user and group. You can create these files by running the quotacheck command with the -a option or the device name of the file system where you want to enable quotas.

edquota
You can set disk quotas using the edquota command. With it, you can access the quota record for a particular user and group, which is maintained in the disk quota database. You can also set default quotas that will be applied to any user or group on the file system for which quotas have not been set. edquota will open the record in your default editor, and you can use your editor to make any changes. To open the record for a particular user, use the -u option and the username as an argument for edquota
quotacheck, quotaon, and quotaoff
The quota records are maintained in the quota database for that partition. Each partition that has quotas enabled has its own quota database. You can check the validity of your quota database with the quotacheck command. You can turn quotas on and off using the quotaon and quotaoff commands. When you start up your system, quotacheck is run to check the quota databases, and then quotaon is run to turn on quotas.

repquota
As the system administrator, you can use the repquota command to generate a summary of disk usage for a specified file system, checking to see what users are approaching or exceeding quota limits. repquota takes as its argument the file system to check; the -a option checks all file systems.

[root@DiskQuota ~]# fdisk /dev/sdb 
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel with disk identifier 0x1b6be68c.
Changes will remain in memory only, until you decide to write them.
After that, of course, the previous content won’t be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

WARNING: DOS-compatible mode is deprecated. It’s strongly recommended to
switch off the mode (command ‘c’) and change display units to
sectors (command ‘u’).

Command (m for help): n
Command action
e   extended
p   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-522, default 1):
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-522, default 522): +1G

Command (m for help): p

Disk /dev/sdb: 4294 MB, 4294967296 bytes
255 heads, 63 sectors/track, 522 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x1b6be68c

Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1         132     1060258+  83  Linux

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

[root@DiskQuota ~]# partprobe 
Warning: WARNING: the kernel failed to re-read the partition table on /dev/sda (Device or resource busy).  As a result, it may not reflect all of your changes until after reboot.

[root@DiskQuota ~]# partprobe /dev/sdb

[root@DiskQuota ~]# mkdir /myquota

[root@DiskQuota ~]# chmod 777 /myquota/

[root@DiskQuota ~]# mount /dev/sdb1 /myquota/
mount: you must specify the filesystem type

[root@DiskQuota ~]# mkfs.ext4 /dev/sdb1 
mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
66384 inodes, 265064 blocks
13253 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=272629760
9 block groups
32768 blocks per group, 32768 fragments per group
7376 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376

Writing inode tables: done
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 38 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.

[root@DiskQuota ~]# mount /dev/sdb1 /myquota/

[root@DiskQuota ~]# mount
/dev/sda3 on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw,rootcontext=”system_u:object_r:tmpfs_t:s0″)
/dev/sda1 on /boot type ext4 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
vmware-vmblock on /var/run/vmblock-fuse type fuse.vmware-vmblock (rw,nosuid,nodev,default_permissions,allow_other)
/dev/sdb1 on /myquota type ext4 (rw)

[root@DiskQuota ~]# df -hT
Filesystem     Type   Size  Used Avail Use% Mounted on
/dev/sda3      ext4    55G  6.1G   46G  12% /
tmpfs          tmpfs  358M   72K  358M   1% /dev/shm
/dev/sda1      ext4   283M   41M  228M  16% /boot
/dev/sdb1      ext4   988M  1.3M  935M   1% /myquota

[root@DiskQuota ~]# cat >>/etc/fstab
/dev/sdb1   /myquota  ext4 defaults,usrquota,grpquota 0 0

[root@DiskQuota ~]# mount -o remount,rw /myquota/

[root@DiskQuota ~]# quotacheck -cugv /myquota/

[root@DiskQuota ~]# quotaon -p /dev/sdb1 
group quota on /myquota (/dev/sdb1) is off
user quota on /myquota (/dev/sdb1) is off

[root@DiskQuota ~]# quotaon /dev/sdb1 

[root@DiskQuota ~]# quotaon -p /dev/sdb1 
group quota on /myquota (/dev/sdb1) is on
user quota on /myquota (/dev/sdb1) is on

[root@DiskQuota ~]# useradd rafi
[root@DiskQuota ~]# passwd rafi
Changing password for user rafi.
New password:
BAD PASSWORD: it is too short
BAD PASSWORD: is too simple
Retype new password:
passwd: all authentication tokens updated successfully.

[root@DiskQuota ~]# edquota -u rafi

   or 

[root@DiskQuota ~]# setquota -u rafi 50 100 0 0 /myquota/

[root@DiskQuota ~]# repquota /myquota/
*** Report for user quotas on device /dev/sdb1
Block grace time: 7days; Inode grace time: 7days
Block limits                File limits
User            used    soft    hard  grace    used  soft  hard  grace
———————————————————————-
root      —      20       0       0              2     0     0
rafi      +-     100      50     100  6days      26     0     0

[root@DiskQuota ~]# su – rafi

[rafi@DiskQuota ~]$ quota
Disk quotas for user rafi (uid 503):
Filesystem  blocks   quota   limit   grace   files   quota   limit   grace
/dev/sdb1      32      50     100               8       0       0

[rafi@DiskQuota ~]$ mkdir 1
[rafi@DiskQuota ~]$ mkdir 1a
[rafi@DiskQuota ~]$ mkdir a
[rafi@DiskQuota ~]$ mkdir aa
[rafi@DiskQuota ~]$ mkdir aaa
sdb1: warning, user block quota exceeded.
[rafi@DiskQuota ~]$ mkdir aaaa
[rafi@DiskQuota ~]$ mkdir aaaaa
[rafi@DiskQuota ~]$ mkdir aaaaaa
[rafi@DiskQuota ~]$ mkdir aaaaaaa
[rafi@DiskQuota ~]$ mkdir aaaaaaaa
[rafi@DiskQuota ~]$ mkdir aaaaaaaaa
[rafi@DiskQuota ~]$ mkdir aaaaaaaaaa
[rafi@DiskQuota ~]$ mkdir aaaaaaaaaaa
[rafi@DiskQuota ~]$ mkdir aaaaaaaaaaaa
[rafi@DiskQuota ~]$ mkdir aaaaaaaaaaaaa
[rafi@DiskQuota ~]$ mkdir aaaaaaaaaaaaaa
[rafi@DiskQuota ~]$ mkdir aaaaaaaaaaaaaaa
[rafi@DiskQuota ~]$ mkdir aaaaaaaaaaaaaaaa
sdb1: write failed, user block limit reached.
mkdir: cannot create directory `aaaaaaaaaaaaaaaa’: Disk quota exceeded
[rafi@DiskQuota ~]$ mkdir aaaaaaaaaaaaaaaaa
mkdir: cannot create directory `aaaaaaaaaaaaaaaaa’: Disk quota exceeded


[root@DiskQuota ~]# sestatus 
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted

[root@DiskQuota ~]# sestatus 
SELinux status:                 disabled

[root@DiskQuota ~]# cat /etc/default/useradd 
# useradd defaults file
GROUP=100
HOME=/myquota
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes

[root@DiskQuota ~]# useradd shaik
[root@DiskQuota ~]# passwd shaik
Changing password for user shaik.
New password:
BAD PASSWORD: it is too short
BAD PASSWORD: is too simple
Retype new password:
passwd: all authentication tokens updated successfully.
[root@DiskQuota ~]# repquota /myquota/
*** Report for user quotas on device /dev/sdb1
Block grace time: 7days; Inode grace time: 7days
Block limits                File limits
User            used    soft    hard  grace    used  soft  hard  grace
———————————————————————-
root      —      20       0       0                      2     0     0
rafi      +-     100      50     100  6days       26     0     0
shaik     —      20       0       0                     8     0     0

[root@DiskQuota ~]# ls -l /myquota/
total 40
-rw——-   1 root  root   7168 Mar 27 03:39 aquota.group
-rw——-   1 root  root   7168 Mar 27 03:39 aquota.user
drwx——.  2 root  root  16384 Mar 27 02:48 lost+found
drwx——. 21 rafi  rafi   4096 Mar 27 03:20 rafi
drwx——   4 shaik shaik  4096 Mar 27 03:39 shaik
[root@DiskQuota ~]# ls -l /myquota/shaik/

total 0

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s