Managing disk space can be a difficult problem. The available space is a finite resource and is often consumed at an alarming rate, turning today's carefully sized filesystem into tomorrow's expansion requirement. On multiuser systems—no matter how big the filesystem—users will find a way to fill it. The last thing you want is for a filesystem to fill to capacity too early. One way to prevent that from happening is to enforce disk quotas , which allow you assign a limit to the amount of space individual users or groups have on a filesystem.
A typical quota size is usually much smaller than the filesystem it is configured on, thus preventing the user or group from consuming too much space. Quotas can be configured for each filesystem mentioned in /etc/fstab, though they are usually applied only where multiple end users store files (i.e., /home/username). There is no need for a quota on /usr, for example, since end users cannot store files there. Quotas may be configured for individual users listed in /etc/passwd and for groups listed in /etc/group.
Each filesystem has up to five types of quota limits that can be enforced on it. These limits are specified in disk blocks, usually 1,024 bytes each:
The hard limit is the maximum amount of space an individual user can have on the system. Once the user reaches his quota limit, he won't be allowed to write files to the disk.
Each user is free to store data on the filesystem until reaching her soft limit. The soft limit implements a sort of warning zone, instructing the user to clean up while still allowing her to work. When the amount of data exceeds this limit but does not exceed the hard limit, a message is printed on the user's terminal, indicating that her quota has been exceeded; however, the write operation will succeed.
This is the final limit set for a group by the quota system. Once this limit has been reached, none of the users within that group will be allowed to write files to the disk—even if the user's individual limits are not exceeded.
This limit behaves in the same way as a user's soft limit but is enforced based on group ownership instead of individual ownership.
Once a soft limit is reached, the user or group enters the grace period . After the grace period expires, the soft limit becomes a hard limit until enough files are deleted to eliminate the over-quota situation. The grace period may be specified for any number of months, weeks, days, hours, minutes, or seconds. A typical value is seven days.
These limits are set using the edquota command, detailed in the next section.
When a disk write exceeds a hard limit or an expired soft limit, only part of the write operation will complete, leaving a truncated and probably useless file. The messages reported to the user when a quota is exceeded may be lost if the shell he is using is hidden. This could confuse the user, because the error message generated by the application indicates that the disk is full or write-protected.
Linux offers a host of commands to manage, display, and report on filesystem quotas. Some of the setup required to initially enable quotas is done manually and without specific quota commands , a process that is covered in the next section.
quota
quota [-u] [options] user
quota -g [options] group
Displays quota limits on user
or group
. The -u option is the default. Only the superuser may use the -u flag and user
to view the limits of other users. Other users can use the -g flag and group
to view only the limits of groups of which they are members, provided that the quota.group files are readable by them.
Sets quiet mode, which shows only over-quota situations.
Enables verbose mode to display quotas even if no storage space is allocated.
As root
, examine all quotas for user jdoe
:
# quota -uv jdoe
Disk quotas for user jdoe (uid 500):
Filesystem blks quota limit grace files quota limit grace
/dev/sda9 9456 10000 10200 32 0 0
/dev/hda1 23 0 0 17 0 0
This example shows that jdoe
is barely within her soft limit of 10,000 blocks, with a corresponding hard limit of 10,200 blocks on /dev/sda9, and has no quota on /dev/hda1. The entry for /dev/hda1 is displayed in response to the -v option. No values are shown for the grace periods, because the soft limit has not been exceeded.
As user jdoe
, examine quotas for the finance
group, of which he is a member:
$ quota -gv finance
Disk quotas for group finance (gid 501):
Filesystem blks quota limit grace files quota limit grace
/dev/sda9 1000* 990 1000 6days 34 3980 4000
/dev/hda1 0 0 0 0 0 0
Here, the finance
group has exceeded its meager soft limit of 990 blocks and has come up against its hard limit of 1,000 blocks. (The write operation that wrote the 1,000th block was probably incomplete.) The original grace period in this example was set to seven days and has six days remaining, meaning that one day has elapsed since the soft limit was exceeded.
quotaon
quotaon [options
] [filesystems
] quotaon [options
] -a
Enable previously configured disk quotas on one or more filesystems
.
Turns quotas on for all filesystems in /etc/fstab that are marked read-write with quotas. This is normally used automatically at boot time to enable quotas.
Turns on group quotas. This option is not necessary when using the -a option, which includes both user and group quotas.
Turns on user quotas; this is the default.
Enables verbose mode to display a message for each filesystem where quotas are turned on.
Turn on all quotas as defined in /etc/fstab:
# quotaon -av
/dev/sda9: group quotas turned on
/dev/sda9: user quotas turned on
/dev/hda1: group quotas turned on
/dev/hda1: user quotas turned on
Turn on user quotas only on the /home filesystem:
# quotaon -gv /home
/dev/sda9: group quotas turned on
quotaoff
quotaoff [options
] [filesystems
] quotaoff [options
] -a
Disables disk quotas on one or more filesystems
.
Turns quotas off for all filesystems in /etc/fstab.
Turns off group quotas. This option is not necessary when using the -a option, which includes both user and group quotas.
Turns off user quotas; this is the default.
Enables verbose mode to display a message for each filesystem where quotas are turned off.
Turn off all quotas:
# quotaoff -av
/dev/sda9: group quotas turned off
/dev/sda9: user quotas turned off
/dev/hda1: group quotas turned off
/dev/hda1: user quotas turned off
quotacheck
quotacheck [options] filesystems
quotacheck [options
] -a
Examine filesystems and compile quota databases. This command is not specifically called out in the LPI Objectives for Exam 101, but is an important component of the Linux quota system. You should run the quotacheck -a command on a regular basis (perhaps weekly) via cron.
Checks all of the quotas for the filesystems mentioned in /etc/fstab. Both user and group quotas are checked as indicated by the usrquota
and grpquota
options.
group
Compiles information only on group
.
user
Compiles information only on user
; this is the default action. However, if the -g option is specified, then this option should also be specified when both group and user quotas are to be processed.
Enables verbose mode to display information about what the program is doing. This option shows activity by displaying a spinning character in the terminal. This is nice but could be a problem if you are logged in over a slow modem link.
Initialize all quota files:
#quotaoff -a
#quotacheck -aguv
Scanning /dev/sda9 [/home] done Checked 237 directories and 714 files Using quotafile /home/quota.user Using quotafile /home/quota.group Scanning /dev/hda1 [/mnt/hd] done Checked 3534 directories and 72673 files Using quotafile /mnt/hd/quota.user Using quotafile /mnt/hd/quota.group #quotaon -a
By turning off quotas during the update, the quota database files are updated.
With quotas active, update the user quotas in memory for /home:
# quotacheck -v /home
Scanning /dev/sda9 [/home] done
Checked 237 directories and 714 files
Using quotafile /home/quota.user
Updating in-core user quotas
edquota
edquota [-pproto-user
] [options] names
edquota [options
] -t
Modify user or group quotas. This interactive command uses a text editor to configure quota parameters for users or groups. The vi editor is used by default unless either the EDITOR
or VISUAL
environment variables are set to another editor, such as Emacs. When the command is issued, the vi editor is launched with a temporary file containing quota settings. When the temporary file is saved and the editor is terminated, the changes are saved in the quota databases.
In the first form, a space-separated list of users or groups specified in names
is modified. If proto-user
is specified with the -p option, quotas of that user or group are copied and used for names
and no editor is launched. In the second form with the -t option, the soft limit settings are edited interactively for each filesystem.
Modify group quotas. If -g is specified, all names
are assumed to be groups and not users, even if -u is also specified.
proto-user
Duplicate the quotas of the prototypical user or group proto-user
for each user or group specified. This is the normal mechanism used to initialize quotas for multiple users or groups at the same time.
Modify soft limits. Time units of sec
(onds), min
(utes), hour
(s), day
(s), week
(s), and month
(s) are understood.
Modify user quotas. This is the default action. This option is ignored if -g is also specified.
Modify the user quotas for jdoe
:
# edquota -u jdoe
Quotas for user jdoe:
/dev/sda9: blocks in use: 87, limits (soft = 99900, hard = 100000)
inodes in use: 84, limits (soft = 0, hard = 0)
/dev/hda1: blocks in use: 0, limits (soft = 0, hard = 0)
inodes in use: 0, limits (soft = 0, hard = 0)
~
~
"/tmp/EdP.auHTZJ0" 5 lines, 241 characters
Here, jdoe
has been allocated a soft limit of 99,900 blocks (which on a default Linux ext2 or ext3 fileystem with a 4k block size means 390 MB), a hard limit of 100,000 blocks (only 400 KB higher than the soft limit), and no limit on the number of files on /dev/sda9. She has no limits on /dev/hda1.
Modify soft limits for users on all filesystems:
# edquota -tu
Time units may be: days, hours, minutes, or seconds
Grace period before enforcing soft limits for users:
/dev/sda9: block grace period: 7 days,
file grace period: 3 days
/dev/hda1: block grace period: 7 days,
file grace period: 3 days
~
~
"/tmp/EdP.aiTShJB" 5 lines, 249 characters
Here, the user grace periods have been set to seven days for blocks (disk space) and three days for files (inodes).
repquota
repquota [options] filesystems
repquota -a [options
]
Used to report on the status of quotas. In the first form, repquota displays a summary report on the quotas for the given filesystems
on a per-user or per-group basis. In the second form, the -a option causes a summary for all filesystems with quotas to be displayed. This command fails for non-root users unless the quota database files are world-readable. The current number of files and the amount of space utilized are printed for each user, along with any quotas created with edquota.
Report on all of the quotas for the read-write filesystems mentioned in /etc/fstab. Both user and group quotas are reported as indicated by the usrquota and grpquota options.
Report quotas for groups.
Report quotas for users; this is the default action.
Enable verbose mode, which adds a descriptive header to the output.
Report user quotas for /home:
# repquota -v /home
*** Report for user quotas on /dev/sda9 (/home)
Block limits File limits
User used soft hard grace used soft hard grace
root -- 418941 0 0 269 0 0
328 -- 1411 0 0 20 0 0
jdean -- 9818 99900 100000 334 0 0
u1 -- 44 0 0 43 0 0
u2 -- 44 0 0 43 0 0
u3 -- 127 155 300 124 0 0
jdoe -- 87 99900 100000 84 0 0
bsmith -- 42 1990 2000 41 0 0
To use quotas, they must first be enabled. Quota support must also be compiled into the kernel. In the unlikely event that your kernel does not contain quota support, you will need to recompile the kernel (see Chapter 13 for more details on how to compile a kernel). This is not a difficult process, but unfortunately it is not completely straightforward either. To clarify the procedure, this section provides a brief tutorial on how to enable user and group quotas for a filesystem on /dev/sda9 mounted under /home. Note that you may enable user quotas only, group quotas only, or both, as your needs dictate.
Set options in /etc/fstab. On the line containing the /home filesystem, add the usrquota
and grpquota
options to the existing default
option, like this:
/dev/sda9 /home ext2 defaults,usrquota,grpquota 1 2
These options tell quota configuration utilities which partitions should be managed when the utilities reference /etc/fstab.
Create the quota.user and quota.group files at the top of the /home filesystem and set their protection bits for root access only:
#touch /home/quota.user /home/quota.group
#chmod 600 /home/quota.user /home/quota.group
These two files are the databases for user and group quotas. Each filesystem with quotas uses its own quota databases. When quotas are enabled, these files will contain binary data (that is, they're not text files). Note that if you want end users to be able to examine quotas on groups to which they belong, quota.group will need a protection mode of 644 instead of 600.
Run quotacheck to initialize the databases:
# quotacheck -avug
Scanning /dev/sda9 [/home] done
Checked 236 directories and 695 files
Using quotafile /home/quota.user
Using quotafile /home/quota.group
Then verify that your quota database files have been initialized by noting that they are no longer of size zero (here they are 16,192 bytes each):
# ls -al /home/quota.*
-rw------- 1 root root 16192 Dec 27 19:53 /home/quota.group
-rw------- 1 root root 16192 Dec 27 19:53 /home/quota.user
Run quotaon to enable the quota system:
# quotaon -a
Verify that your system's initialization script (/etc/rc.d/rc.sysinit or similar) will turn on quotas when your system boots. Something along these lines is appropriate, although your system may be very different:
if [ -x /sbin/quotacheck ]; then echo "Checking quotas." /sbin/quotacheck -avug echo " Done." fi if [ -x /sbin/quotaon ]; then echo "Turning on quotas." /sbin/quotaon -avug fi
Add a command script to a system crontab directory (such as the directory /etc/crontab.weekly) to execute quotacheck on a routine basis. An executable script file like the following will work:
#!/bin/bash exec /sbin/quotacheck -avug
If you prefer, you could instead put /sbin/quotacheck in root
's crontab file (using the crontab -e command) for weekly execution, like this:
# run quotacheck weekly 0 3 * * 0 /sbin/quotacheck -avug
At this point, the /home filesystem is ready to accept quotas on a per-user and per-group basis, enforce them, and report on them.