Preventing disk full
© 2010, 2011, 2012 Dennis Leeuw dleeuw at made-it dot com
License: GPLv2 or later
As soon as you provide diskspace to others, you probably would like to control the amount of disk space being used by them. On a GNU/Linux system the linuxquota package helps you to limit users in their diskspace usage. The quota tools enable you to restrict the amount of disk space being used per user, group or a combination there of. Quota works per filesystem, so you can decide per filesystem what the settings will be.
There are two quota versions available. The new version provides you (amongst other things) with a journald quota system, which means you do not need to run a quota check during boot, which is a big gain on large systems.
To convert from the old system to the new use convertquota. From the man-page of this tool: New file format allows using quotas for 32-bit uids / gids, setting quotas for root, accounting used space in bytes (and so allowing use of quotas in ReiserFS) and it is also architecture independent.
We will only discuss the journaled version of the new vfsv0 quota system.
As an example I created a /home/users directory. Under this directory every user has his or her own home directory, with a personal group. Thus a directory might look like this:
drwxrwx--- 38 dleeuw dleeuw 4096 Dec 23 2009 dleeuw. I also created a /home/groups/ directory. Every group below this directory has a group directory, with the sticky-bit set. And the responsiple person for that group being the owner, like this:
drwxrws--- 4 dleeuw admins 4096 Dec 23 2009 admin
/home/users is a partition on a disk and /home/group is also its own partition. Since quota are set per filesystem. So you have to design in advance your filesystem structure for quota use. I left out the actual disks and only used the LABELs in the following fstab examples.
/etc/fstab settings for journaled quota support:
LABEL=users /home/users ext3 usrjquota=aquota.user,jqfmt=vfsv0,acl 0 0 LABEL=groups /home/groups ext3 grpjquota=aquota.group,jqfmt=vfsv0,acl 0 0
Quota uses a file in the "root" of the file system to maintain information about the quota settings and the used disk space. Extended FS knows of two quota versions, version 1 (vfsold) and 2 (vfsv0). Version 1 uses quota.user and quota.group files, while version 2 uses aquota.user and aquota.group files.
To create the files with the right settings use:
touch /home/users/aquota.users chmod 600 /home/users/aquota.users touch /home/groups/aquota.group chmod 600 /home/groups/aquota.group
Remount the file systems to enable quota support (mount -o remount /home/users).
Run a quotacheck per enabled file system like this:
quotacheck -vu /home/users quotacheck -vg /home/groups
With the quotaon command we can enable quota:
quotaon -vu /home/users/ quotaon -vg /home/groups/
To set the first limit or change an existing one you should use edquota. This command invokes an editor, of your choice, to edit the quota file. The default editor that is started is vi, but you can specify your prefered editor in the EDITOR or VISUAL environment variables. Just be sure that the editor you wish is started and not some default that is set by your distribution supplier use:
export EDITOR=vim edquota dleeuwThis will edit a temporary file, when you leave the editor the changes are applied to the quota file.
A user quota setting might look like this:
Disk quotas for user dleeuw (uid 666): Filesystem blocks soft hard inodes soft hard /dev/mapper/lvm_home 75128 5242880 6291456 1385 0 0This means that I currently have 75128 blocks of 1k in use. The soft limit is set to 5G and the hard limit is 6G. I also use 1385 inodes and there are no limits set for the inode use. The soft limit means that a warning is sent to the user, but the user is still able to safe its data, while a hard limit means that the user can not safe any data to disk anymore.
If a grace period is set, the function of the soft limit changes. If the grace period expires the user is denied write access to its space, even though the hard limit may not be reached.
Grace periods are set by using edquota -t. The grace period settings are set per file system.
If you do not want to use an editor, or can not use an editor because this need to be handled by scripts, one can use setquota. This tool can be called in two different ways:
The syntax with options is setquota [ -r ] [ -u | -g ] [ -F quotaformat ] name block-softlimit block-hardlimit inode-softlimit inode-hardlimit filesystem
The first option (-r) gives you the ability to set quota on a remote system, if rpc.quotad is enabled.
Second you have the option to set the quota for a user (-u) or group (-g), and provide the quota format (-F) to use. These are all standard options which are available to most quota commands.
The important part is the part in italics. You have to provide the user- or groupname and all four limits. If some of them should be disabled one can use a 0 as its value. A 2 Gb soft limit with a 2,5 Gb hard limit and no inode limits would thus look like this:
setquota -u dleeuw 2097152 2621440 0 0
To do the same in batch mode use:
echo "dleeuw 2097152 2621440 0 0" | setquota -b -uA file with a user per line can be used and cat into setquota.
With the setquota tool one can also set grace times, and the like, for more information see the man-page.
The warnquota command warns users when they are over their soft limit. It might be a good idea to run this command reguarly from cron. The actions taken by warnquota can be controlled by the /etc/warnquota.conf file. The basic configuration options for this file are:
MAIL_CMD = "/usr/sbin/sendmail -t" FROM = "root@localhost" SUBJECT = WARNING: You are exceeding your allocated disk space limits CC_TO = "root@localhost" CC_BEFORE = 2 days SUPPORT = "root@localhost" PHONE = "(123) 456-7890 or (222) 333-4444" MESSAGE = Your disk usage has exceeded the agreed limits\ on this server|Please delete any unnecessary files on following filesystems:| SIGNATURE = "Your system administrators" GROUP_MESSAGE = Hello, group '%s' you're member of uses too much space.|\ Delete group files on following filesystems:| GROUP_SIGNATURE = "Your system administrators"
To find out what who is using what on your system use the repquota tool. The output (repquota -vu /home/users) looks like this:
*** Report for user quotas on device /dev/sda2 Block grace time: 7days; Inode grace time: 7days Block limits File limits User used soft hard grace used soft hard grace ---------------------------------------------------------------------- root -- 500 0 0 5 0 0 apache -- 160 16300 16384 2 0 0 dleeuw -- 88 2621440 3145728 11 0 0 <snip> Statistics: Total blocks: 68 Data blocks: 48 Entries: 991 Used average: 20.645834
If for some reason your quota system gets corrupted, like when it does not report the correct quota size, or correct size used by a user or group, use quotacheck to fix the problem.
The general procedure is:
Turn quota off by using:
quotaoff -g /home/groups quotaoff -u /home/users
Mount the filesystems read-only:
mount -o remount,ro /home/groups mount -o remount,ro /home/users
Check and fix the quota:
quotacheck -vgbF vfsv0 /home/groups quotacheck -vubF vfsv0 /home/usersAll options are documented in the man-pages, but just to be complete: we do verbose(-v), group or user quota(-u/-g), we want a backup (-b) which creates a aquota.group~ and aquota.user~ backup file, before changes are made and we tell which quota version to use (-F vfsv0)
Mount the filesystems read-write:
mount -o remount,rw /home/groups mount -o remount,rw /home/users
Turn quota on by using:
quotaon -g /home/groups quotaon -u /home/users
The quotastats provides you with additional information about the kernel quota subsystem. It provides in a more readable manner what is also available from /proc/sys/fs/quota
Example output from quotastats
Kernel quota version: 6.5.1 Number of dquot lookups: 224230 Number of dquot drops: 168117 Number of dquot reads: 215 Number of dquot writes: 55375471 Number of quotafile syncs: 69 Number of dquot cache hits: 224015 Number of allocated dquots: 213 Number of free dquots: 85 Number of in use dquot entries (user/group): 128
We would like to offer you an explanation of what this all means, but we are short on information ourselfs. If you can help to fill this table please contact us. See the top of this document for e-mail information.
|quotastats entry||/proc/sys/fs/quota file||Description|
|Number of dquot lookups||lookups|
|Number of dquot drops||drops|
|Number of dquot reads||reads|
|Number of dquot writes||writes|
|Number of quotafile syncs||syncs|
|Number of dquot cache hits||cache_hits|
|Number of allocated dquots||allocated_dquots|
|Number of free dquots||free_dquots||Unused dquots are added to the free_dquots list when freed, and this list is searched whenever we need an available dquot. Dquots are removed from the list as soon as they are used again, and free_dquots gives the number of dquots on the list.|
|Number of in use dquot entries (user/group)|
/usr/bin/quota /usr/sbin/convertquota /usr/sbin/repquota /usr/sbin/rpc.rquotad