Quota Management
Introduction-
Introduction- Disk space management and disk space allocation among the users and groups is one of the critical task of System Administrator. System Admin has to think in all perspective before finalizing any policy. Quota is a system administration tools for monitoring and limiting users and/or groups disk usage, per file system. Disk quotas can be configured for individual users as well as user groups. This kind of flexibility makes it possible to give each user a small quota to handle “personal” file (such as email and reports), while allowing the projects they work on to have more sizable quotas (assuming the projects are given their own groups).
Quota provides two ways to set limits…
1) Number of inodes that may be allocated to a user or a group.
2) Number of disk blocks amount of space in kilobytes that may be allocated to a user or a group.
In addition, quotas can be set not just to control the number of disk blocks consumed but to control the number of inodes. Because inodes are used to contain file-related information, this allows control over the number of files that can be created. By using Quota, the users are forced by the system administrator to not consume unlimited disk space on a system. This program is handled on per user/group, per file system basis and must be set for each file system separately. The system administrator is alerted before a user consumes too much disk space or a partition becomes full.
What are the types of Quota Format?
Answer -There four type of Quota format/protocol you can use any format ….
1) vfsold – original quota format (version 1 quota)
2) vfsv0 – new quota format (version 2 quota)
3) rpc – use RPC calls (quota over NFS) and
4) xfs – quota on XFS filesystem
Steps to Configure Quota on File System –
Step 1] Check Kernel support?
The first thing you need to do is ensure that your kernel has been built with Quota support enabled. Now a days once you installed Quota package the kernel module for Quota will be enabled. Still you can confirm as given below…
Step 2] Enable quotas per file system by modifying /etc/fstab –
root@arunbagul:~# cat /etc/fstab
LABEL=/ / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
LABEL=/home /home ext3 defaults,usrquota,grpquota 1 2
/dev/hda2 Perform setting for specified format (ie. don’t perform format auto detection). Possible format names are: vfsold (version 1 quota), vfsv0
(version 2 quota), rpc (quota over NFS), xfs (quota on XFS filesystem) swap swap defaults 0 0
none /proc proc defaults 0 0
none /dev/shm tmpfs defaults 0 0
root@arunbagul:~#
NOTE – ‘usrquota’ for user quota and ‘grpquota’ for group quota…
The /etc/fstab file contains information about the various file systems installed/mounted on your Linux server. Quota must be enabled in the /etc/fstab file before you can use it. Quota must be set for each file system separately. Check the /etc/fstab, in which /home file system has both user and group quotas enabled. Depending on your intentions, needs, etc, you can enable quota only for users, groups or both users and groups.
Step 3] Activate/Enabled Quota on file system (quota.user and quota.group)-
After the modifing /etc/fstab file for Quota, remount each file system whose fstab entry has been modified. If the file system is not in use by any process, use the umount command followed by the mount to remount the file system. If the file system is currently in use, the easiest method for remounting the file system is to reboot the system. we need to reboot the system or remount the file system to activate/establish quota on a file system.
Once quota is activated on given file system, the quota.user and quota.group files will be created on that file system, in parent directory.
command (1) quotacheck – scan a filesystem for disk usage, create, check and repair quota files (quota.user and quota.group). quotacheck examines each
filesystem and builds a table of current disk usage, and compares this table against that recorded in the disk quota file for the filesystem
(this step is ommitted if option -c is specified). If any inconsistencies are detected, both the quota file and the current system copy of the
incorrect quotas are updated. By default, only user quotas are checked. quotacheck expects each filesystem to be checked to have quota files
named as quota.user &[quota.group located at the root of the associated filesystem. If a file is not present, quotacheck will create it.
-u, –user
Only user quotas listed in /etc/mtab or on the filesystems specified are to be checked. This is the default action.
-g, –group
Only group quotas listed in /etc/mtab or on the filesystems specified are to be checked.
-c, –create-files
Don’t read existing quota files. Just perform a new scan and save it to disk. quotacheck also skips scanning of old quota files when they
are not found.
-v, –verbose
quotacheck reports its operation as it progresses. Normally it operates silently. If the option is specified twice, also the current
directory is printed (note that printing can slow down the scan measurably).
root@arunbagul:/home# quotacheck -ugcv /home
quotacheck: Mountpoint (or device) /home not found.
quotacheck: Cannot find filesystem to check or filesystem not mounted with quota option.
root@arunbagul:/home#
NOTE – As I have not added usrquota and grpquota options in /etc/fstab the quotacheck command has failed to detect the quota file system.. so now complete step(2) and remount the file system..,,
root@arunbagul:# umount /home
root@arunbagul:#
root@arunbagul:/home# mount | grep /home
/dev/sda8 on /home type ext3 (rw)
root@arunbagul:/home#
root@arunbagul:/home# mount -a
root@arunbagul:/home# mount | grep /home
/dev/sda8 on /home type ext3 (rw,usrquota,grpquota)
root@arunbagul:/home#
Now run the quotacheck command….
root@arunbagul:/home# ls -F
arun/ guest/
root@arunbagul:/home#
root@arunbagul:/home# quotacheck -ugcv /home
quotacheck: Cannot remount filesystem mounted on /home read-only so counted values might not be right.
Please stop all programs writing to filesystem or use -m flag to force checking.
root@arunbagul:/home#
root@arunbagul:/home# quotacheck -ugcvm /home
quotacheck: Scanning /dev/sda8 [/home] done
quotacheck: Cannot stat old user quota file: No such file or directory
quotacheck: Cannot stat old group quota file: No such file or directory
quotacheck: Checked 7090 directories and 64268 files
quotacheck: Old file not found.
quotacheck: Old file not found.
root@arunbagul:/home#
root@arunbagul:/home# ls -F
aquota.group aquota.user arun/ guest/
root@arunbagul:/home#
** use command quotaon/quotaoff to on/off quota of file system
root@arunbagul:/home# quotaon /home
root@arunbagul:/home#
** Note – please don’t run below command (we are in process of enabling quota..!!)
root@arunbagul:/home# quotaoff /home
root@arunbagul:/home#
Step 4] How to report Quota –
command (2) repquota – summarize quotas for a filesystem repquota prints a summary of the disc usage and quotas for the specified file systems. For
each user the current number of files and amount of space (in kilobytes) is printed, along with any quotas created with edquota.
As repquota has to translate ids of all users/groups to names
-a, –all
Report on all filesystems indicated in /etc/mtab to be read-write with quotas.
-v, –verbose
Report all quotas, even if there is no usage. Be also more verbose about quotafile information.
-g, –group
Report quotas for groups.
-u, –user
Report quotas for users. This is the default.
root@arunbagul:/home/arun# repquota /home
*** Report for user quotas on device /dev/sda8
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
———————————————————————-
root — 237368 0 0 3231 0 0
www-data — 151352 0 0 359 0 0
nobody — 21680 0 0 1875 0 0
arun — 3473212 0 0 44268 0 0
ftp — 4 0 0 1 0 0
root@arunbagul:/home/arun# repquota -u /home
*** Report for user quotas on device /dev/sda8
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
———————————————————————-
root — 237368 0 0 3231 0 0
www-data — 151352 0 0 359 0 0
nobody — 21680 0 0 1875 0 0
arun — 3473212 0 0 44268 0 0
ftp — 4 0 0 1 0 0
root@arunbagul:/home/arun# repquota -g /home
*** Report for group quotas on device /dev/sda8
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
Group used soft hard grace used soft hard grace
———————————————————————-
root — 258992 0 0 5102 0 0
www-data — 113188 0 0 252 0 0
plugdev — 52 0 0 3 0 0
nogroup — 4 0 0 1 0 0
admin — 224236 0 0 21623 0 0
arun — 3473212 0 0 44268 0 0
subversion — 38164 0 0 107 0 0
root@arunbagul:/home/arun# repquota -ug /home
*** Report for user quotas on device /dev/sda8
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
User used soft hard grace used soft hard grace
———————————————————————-
root — 237368 0 0 3231 0 0
www-data — 151352 0 0 359 0 0
nobody — 21680 0 0 1875 0 0
arun — 3473212 0 0 44268 0 0
ftp — 4 0 0 1 0 0
*** Report for group quotas on device /dev/sda8
Block grace time: 7days; Inode grace time: 7days
Block limits File limits
Group used soft hard grace used soft hard grace
———————————————————————-
root — 258992 0 0 5102 0 0
www-data — 113188 0 0 252 0 0
plugdev — 52 0 0 3 0 0
nogroup — 4 0 0 1 0 0
admin — 224236 0 0 21623 0 0
arun — 3473212 0 0 44268 0 0
subversion — 38164 0 0 107 0 0
root@arunbagul:/home/arun#
Step 5] Assigning Quotas per User/Group –
command (3) edquota – edquota is a quota editor. One or more users or groups may be specified on the command line. If a number is given in the place of
user/group name it is treated as an UID/GID. Setting a quota to zero indicates that no quota should be imposed. Users are permitted to exceed
their soft limits for a grace period that may be specified per filesystem. Once the grace period has expired, the soft limit is enforced as a
hard limit.
-u, –user
Edit the user quota. This is the default.
-g, –group
Edit the group quota.
-f, –filesystem filesystem
Perform specified operations only for given filesystem (default is to perform operations for all filesystems with quota).
-t, –edit-period
Edit the soft time limits for each filesystem. In new quota format time limits must be specified (there is no default value set in kernel).
Time units of ’seconds’, ’minutes’,’hours’, and ’days’ are understood. Time limits are printed in the greatest possible time unit such that
the value is greater than or equal to one.
root@arunbagul:/home/arun# edquota -u arun
root@arunbagul:/home/arun#
===>
Disk quotas for user arun (uid 1000):
Filesystem blocks soft hard inodes soft hard
/dev/sda8 3473212 0 0 44268 0 0
NOTE – once you run above command, it will open default editor specified in your system and you will see the following content be default in that temp file
modify the value save the file the quota will be set to that user or group
root@arunbagul:/home/arun# edquota -g www-data
root@arunbagul:/home/arun#
===>
Disk quotas for group www-data (gid 33):
Filesystem blocks soft hard inodes soft hard
/dev/sda8 113188 0 0 252 0 0
root@arunbagul:/home/arun# edquota -ug arun -f /home
root@arunbagul:/home/arun#
** How to change soft time limits for each filesystem…(by default it is 7 days)
root@arunbagul:/home/arun# edquota -t -f /home
OR
root@arunbagul:/home/arun# edquota -t
root@arunbagul:/home/arun#
===>
Grace period before enforcing soft limits for users:
Time units may be: days, hours, minutes, or seconds
Filesystem Block grace period Inode grace period
/dev/sda8 7days 7days
command (4) setquota – is a command line quota editor. The filesystem, user/group name and new quotas for this filesystem can be specified on the command
line. Note that if a number is given in the place of a user/group name it is treated as an UID/GID.
-r, –remote
Edit also remote quota use rpc.rquotad on remote server to set quota. This option is available only if quota tools were compiled with
enabled support for setting quotas over RPC.
-F, –format=quotaformat
Perform setting for specified format (ie. don’t perform format auto detection). Possible format names are: vfsold (version 1 quota), vfsv0
(version 2 quota), rpc (quota over NFS), xfs (quota on XFS filesystem)
-u, –user
Set user quotas for named user. This is the default.
-g, –group
Set group quotas for named group.
-t, –edit-period
Set grace times for users/groups. Times block-grace and inode-grace are specified in seconds.
-T, –edit-times
Alter times for individual user/group when softlimit is enforced. Times block-grace and inode-grace are specified in seconds or can be
string ’unset’.
-a, –all
Go through all filesystems with quota in /etc/mtab and perform setting.
** How to use it ?
setquota [-u|-g] [-r] [-F quotaformat] <user|group> <block-softlimit> <block-hardlimit> <inode-softlimit> <inode-hardlimit> -a|<filesystem>…
setquota [-u|-g] [-r] [-F quotaformat] <-p protouser|protogroup> <user|group> -a|<filesystem>…
setquota [-u|-g] [-F quotaformat] -t <blockgrace> <inodegrace> -a|<filesystem>…
setquota [-u|-g] [-F quotaformat] <user|group> -T <blockgrace> <inodegrace> -a|<filesystem>…
root@arunbagul:~# setquota -u arun 1000 1500 0 0 /home
root@arunbagul:~# setquota -g arun 1000 1500 0 0 /home
Step 6] What is Soft and Hard limit –
* Soft – Maximum amount of space or files user/group can use.
* Hard – Only used if grace periods are in effect, otherwise they are ignored and soft limits are used to enforce file system limits.
* Grace Periods – If used, users may exceed their soft limits up to their hard limits for a period of days specified by the grace period.
After the grace period expires, the user can no longer exceed their soft limit.
command (5) quotatool – is a tool for manipulating filesystem quotas. Depending on the command line options given, it can set hard or soft limits on block
and inode usage, set and reset grace periods, for both users and (if your system supports this) groups. The filesystem to set the
quota on is given as the first (and only) non-option element, and it is either the block special file (i.e /dev/sda3) or
the mount point (i.e. /home) for the filesystem.
Step 7] How to install Quota –
** How to install Quota on Debian/Ubuntu system…
root@arunbagul:~# apt-get install quota quotatool
Reading package lists… Done
Building dependency tree
…..
Setting up quota (3.14-8) …
Setting up quotatool (1.4.9-2) …
root@arunbagul:~#
** How to install Quota on Redhat(RHEL)/Fedora/Gentoo/CentOS/Suse/Madriva –
root@arunbagul:~# rpm -ivh <Quota package name>
………….
……….
root@arunbagul:~#
Step 8] Kernel parameters for Quota –
** Check status of kernel parameters values BEFORE activating Quota –
root@arunbagul:/home/arun/perl-prog# sysctl -a | grep quota
fs.quota.lookups = 0
fs.quota.drops = 0
fs.quota.reads = 0
fs.quota.writes = 0
fs.quota.cache_hits = 0
fs.quota.allocated_dquots = 0
fs.quota.free_dquots = 0
fs.quota.syncs = 16
fs.quota.warnings = 1
root@arunbagul:/home/arun/perl-prog#
** Check the Quota parameters values AFTER activating Quota –
root@arunbagul:/home/arun# sysctl -a | grep quota
fs.quota.lookups = 826
fs.quota.drops = 440
fs.quota.reads = 7
fs.quota.writes = 0
fs.quota.cache_hits = 819
fs.quota.allocated_dquots = 7
fs.quota.free_dquots = 0
fs.quota.syncs = 16
fs.quota.warnings = 1
root@arunbagul:/home/arun#
command (6) quotastats – you can use this command to queries the kernel for quota statistics (parameter).
root@arunbagul:~# quotastats
Kernel quota version: 6.5.1
Number of dquot lookups: 920
Number of dquot drops: 534
Number of dquot reads: 7
Number of dquot writes: 0
Number of quotafile syncs: 16
Number of dquot cache hits: 913
Number of allocated dquots: 7
Number of free dquots: 0
Number of in use dquot entries (user/group): 7
root@arunbagul:~#
IMP NOTE :: Quotas over NFS – Since NFS maps remote users to local users, set the quotas on the local users that you plan to map the remote users too.
Thank you,
Arun Bagul