磁盘配额实现

磁盘配额要求必须是独立的分区

创建一个新的分区

#同步分区表

[root@localhost ~]# partx -a /dev/sda

[root@localhost ~]# mkfs.ext4 /dev/sda6 -L /home

[root@localhost ~]# blkid

/dev/sda6: LABEL=”/home” UUID=”49a738a9-05f5-46ba-bd46-37998b8bb4c3″ TYPE=”ext4″

 

目录迁移：注意防止用户访问造成数据丢失

[root@localhost ~]# mkdir /mnt/home

[root@localhost ~]# mount /dev/sda6 /mnt/home/

[root@localhost ~]# cp -av /home/* /mnt/home/

[root@localhost ~]# du -sh /home/

736K /home/

[root@localhost ~]# du -sh /mnt/home/

748K /mnt/home/

[root@localhost ~]# rm -rf /home/*

#且到单用户模式，只能在机器跟前操作了，，小心使用

[root@localhost ~]# init 1

 

修改开机挂载配置文件

[root@localhost ~]# vim /etc/fstab

UUID=49a738a9-05f5-46ba-bd46-37998b8bb4c3       /home   ext4    defaults 0 0

[root@localhost ~]# mount -a

[root@localhost ~]# df

Filesystem     1K-blocks    Used Available Use% Mounted on

/dev/sda6       20510716   45720  19416328   1% /mnt/home

/dev/sda6       20510716   45720  19416328   1% /home

[root@localhost ~]# umount /mnt/home/

家目录迁移完毕

 

[root@localhost ~]# su – ding

[ding@localhost ~]$ pwd

/home/ding

[ding@localhost ~]$ touch f1

 

实现配额

 

#1. 修改配置文件启用磁盘配额功能

[root@localhost ~]# vim /etc/fstab

UUID=49a738a9-05f5-46ba-bd46-37998b8bb4c3       /home   ext4    usrquota,grpquota 0 0

usrquota：限定用户

grpquota：限定组

[root@localhost ~]# mount -o remount /home

[root@localhost ~]# mount

/dev/sda6 on /home type ext4 (rw,usrquota,grpquota)

 

#在磁盘配额所在分区的根上，创建磁盘配额数据库，永来限定每个用户使用磁盘空间的配置信息

#2. 创建磁盘配额数据库

禁用selinux

[root@localhost home]# ll /etc/selinux/config /etc/sysconfig/selinux

-rw-r–r–. 1 root root 459 Dec  5 16:18 /etc/selinux/config

lrwxrwxrwx. 1 root root  17 Nov  7 15:36 /etc/sysconfig/selinux -> ../selinux/config

[root@localhost home]# cat /etc/selinux/config

[root@localhost home]# cat /etc/sysconfig/selinux

[root@localhost ~]# getenforce

Enforcing

[root@localhost ~]# setenforce 0

 

[root@localhost ~]# getenforce

Permissive

[root@localhost ~]# cd /home/

#-cug是对应着/etc/fstab中的usrquoat和grpquota的，如果只在配置文件中写的是usrquota，使用 -cu就好了

[root@localhost home]# quotacheck -cug /home/

[root@localhost home]# ls

aquota.group  aquota.user  ding  lost+found

 

 

#3. 启用磁盘配额数据库

#查看磁盘配额数据库是否启用

[root@localhost home]# quotaon -p /home/

group quota on /home (/dev/sda6) is off

user quota on /home (/dev/sda6) is off

#启用磁盘配额数据库

[root@localhost home]# quotaon /home/

[root@localhost home]# quotaon -p /home/

group quota on /home (/dev/sda6) is on

user quota on /home (/dev/sda6) is on

 

#4. 指定用户的空间限制

Disk quotas for user ding (uid 500):

Filesystem blocks soft hard inodes soft hard

/dev/sda6 748 0 0 155 0 0

 

Filesystem：设置磁盘配额启动的分区，有多个会都列出来

blocks soft hard 关心空间大小，限定了指定用户最多用多大空间

inodes soft hard 节点个数，限定了指定用户可以建立的文件个数

blocks：已经使用的空间

inodes：当前用户已经建立了多少文件

soft：警告值，超过就会报警，但是不限制用户

hard：不能操作

bloke单位为：1k

Disk quotas for user ding (uid 500):

Filesystem                   blocks       soft       hard     inodes     soft     hard

/dev/sda6                       748          0          0        155        0        0

 

Disk quotas for user ding (uid 500):

Filesystem                   blocks       soft       hard     inodes     soft     hard

/dev/sda6                       748       800000     1000000  155        160      170

 

 

#5. 测试

 

注意：使用指定的用户去测，在家目录测试

[ding@localhost ~]$ dd if=/dev/zero of=~/f1 bs=1M count=830

sda6: warning, user block quota exceeded.

830+0 records in

830+0 records out

870318080 bytes (870 MB) copied, 25.87 s, 33.6 MB/s

 

[ding@localhost ~]$ dd if=/dev/zero of=~/bigfile bs=1M count=780

[ding@localhost ~]$ dd if=/dev/zero of=~/bigfile2 bs=1M count=21

sda6: warning, user block quota exceeded.

21+0 records in

21+0 records out

22020096 bytes (22 MB) copied, 0.0183497 s, 1.2 GB/s

[ding@localhost ~]$ dd if=/dev/zero of=~/bigfile3 bs=1M count=300

sda6: write failed, user block limit reached.

dd: writing `/home/ding/bigfile3′: Disk quota exceeded

 

不是所有的命令都可以看到报警提示，有时候只是执行失败，但是不提示为什么错

[ding@localhost ~]$ echo >> f1

-bash: echo: write error: Disk quota exceeded

 

 

#超出指定后创建文件失败

[ding@localhost ~]$ touch f{f..k}

sda6: write failed, user file limit reached.

touch: cannot touch `fg’: Disk quota exceeded

#有警告提示，但文件创建成功

[ding@localhost ~]$ touch f11q

sda6: warning, user file quota exceeded.

-rw-rw-r–. 1 ding  ding         0 Dec  5 17:03 f11q

 

#达到最大值创建失败

[ding@localhost ~]$ touch {a..k}

sda6: write failed, user file limit reached.

touch: cannot touch `j’: Disk quota exceeded

 

 

根据什么判断用户占用的空间？

把用户家目录中的文件移走，并不能减少限制，删除可以，更改所有则所属组可以。文件占用的空间和它放哪没关系，和文件的所有者有关系

 

#文件的所有者是谁，空间就算在谁头上

[root@localhost ding]# chown mayun bigfile4

[root@localhost ding]# quota ding

Disk quotas for user ding (uid 500):

Filesystem  blocks   quota   limit   grace   files   quota   limit   grace

/dev/sda6  385596  800000 1000000             154     160     170

 

 

复制有个用户的权限设置给另一个用户

[root@localhost ding]# edquota -p ding mayun

[root@localhost ding]# edquota mayun

复制之后可以在改改

 

统一设置磁盘配额

[root@localhost ding]# useradd xm; setquota xm 10000 20000 100 200 /home

[root@localhost ding]# quota xm

Disk quotas for user xm (uid 502):

Filesystem  blocks   quota   limit   grace   files   quota   limit   grace

/dev/sda6      32   10000   20000               8     100     200

 

[root@localhost ding]# edquota xm

Disk quotas for user xm (uid 502):

Filesystem                   blocks       soft       hard     inodes     soft     hard

/dev/sda6                        32      10000      20000          8      100      200

 

 

grace： 警告可以超过，limit不能超过，grace是允许暂时超，7天之内可以达到警告超了没事，7天之后，soft也是不能超的了。再创建新的就不让创建了，只能减少不能增加了。只是给了一个宽限期而已

 

[root@localhost ding]# repquota /home/

*** Report for user quotas on device /dev/sda6

Block grace time: 7days; Inode grace time: 7days

Block limits                File limits

User            used    soft    hard  grace    used  soft  hard  grace

———————————————————————-

root      —      20       0       0              2     0     0

ding      -+  385596  800000 1000000            170   160   170  6days

mayun     —  614436  800000 1000000              9   160   170

xm        —      32   10000   20000              8   100   200

 

 

 

组配额的问题

[root@localhost ~]# setquota –help

setquota: Usage:

setquota [-u|-g] [-rm] [-F quotaformat] <user|group>

-u, –user                 set limits for user

-g, –group                set limits for group

-a, –all                  set limits for all filesystems

 

 

[root@localhost ding]# useradd xh

[root@localhost ding]# groupadd sales

[root@localhost ding]# usermod -G sales xh

[root@localhost ding]# usermod -G sales xm

 

设置组的磁盘配额

[root@localhost ding]# edquota -g sales

 

Disk quotas for group sales (gid 504):

Filesystem                   blocks       soft       hard     inodes     soft     hard

/dev/sda6                         0          0          0          0        0        0

 

测试：

[root@localhost ~]# su – xm

直接测试会无效，因为创建的文件的所有者是小明，和组没关系

 

[xm@localhost ~]$ newgrp sales

[xm@localhost ~]$ dd if=/dev/zero of=f1 bs=1M count=200

sda6: warning, group block quota exceeded.

200+0 records in

200+0 records out

209715200 bytes (210 MB) copied, 1.90333 s, 110 MB/s

[xm@localhost ~]$ ll

total 204800

-rw-r–r–. 1 xm sales 209715200 Dec  5 17:37 f1

 

组中的用户数据总和超过设定值

 

取消磁盘配额

 

[root@localhost ding]# quotaoff /home/

[root@localhost ding]# quotaon -p /home/

group quota on /home (/dev/sda6) is off

user quota on /home (/dev/sda6) is off

是二进制文件

[root@localhost home]# ls

aquota.group  aquota.user …………

 

[root@localhost home]# rm -rf aquota.*

[root@localhost home]# vim /etc/fstab

UUID=1e33b24a-4a67-4ea4-889b-ce5c553b0bb6 /home ext4    defaults        0       0

 

[root@localhost home]# mount -o remount /home/

[root@localhost home]# mount

/dev/sda6 on /home type ext4 (rw)